EXAM STUDY MATERIALS 8/7/2024 11:29 AM
Cybersec Precourse Assessment Exam
Questions With Correct Answers
Law - answer✔✔The city of Grampon wants to ensure that all of its citizens are protected from
malware, so the city council creates a rule that anyone caught creating and launching malware
within the city limits will receive a fine and go to jail. What kind of rule is this? (D1, L1.4.1
risk tolerance - answer✔✔Phrenal is selling a used laptop in an online auction. Phrenal has
estimated the value of the laptop to be $100, but has seen other laptops of similar type and
quality sell for both more and less than that amount. Phrenal hopes that the laptop will sell for
$100 or more, but is prepared to take less for it if nobody bids that amount. This is an example of
___________. (D1, L1.2.2)
Explain the style and format of the questions, but no detail - answer✔✔Zarma is an (ISC)²
member and a security analyst for Triffid Corporation. One of Zarma's colleagues is interested in
getting an (ISC)2 certification and asks Zarma what the test questions are like. What should
Zarma do? (D1, L1.5.1)
A laptop with sensitive data on it - answer✔✔Of the following, which would probably not be
considered a threat? (D1, L1.2.1)
D)
disclose the relationship, but recommend the vendor/product - answer✔✔Hoshi is an (ISC)2
member who works for the Triffid Corporation as a data manager. Triffid needs a new firewall
solution, and Hoshi is asked to recommend a product for Triffid to acquire and implement.
Hoshi's cousin works for a firewall vendor; that vendor happens to make the best firewall
available. What should Hoshi do? (D1, L1.5.1)
Procedure - answer✔✔A vendor sells a particular operating system (OS). In order to deploy the
OS securely on different platforms, the vendor publishes several sets of instructions on how to
install it, depending on which platform the customer is using. This is an example of a ________.
(D1, L1.4.2)
Pay the parking ticket - answer✔✔Siobhan is an (ISC)² member who works for Triffid
Corporation as a security analyst. Yesterday, Siobhan got a parking ticket while shopping after
work. What should Siobhan do? (D1, L1.5.1)
, EXAM STUDY MATERIALS 8/7/2024 11:29 AM
Standard - answer✔✔(ISC)² publishes a Common Body of Knowledge (CBK) that IT security
practitioners should be familiar with; this is recognized throughout the industry as a set of
material that is useful for practitioners to refer to. Certifications can be issued for demonstrating
expertise in this Common Body of Knowledge. What kind of document is the Common Body of
Knowledge? (D1, L1.4.1)
Policy, standard - answer✔✔The senior leadership of Triffid Corporation decides that the best
way to minimize liability for the company is to demonstrate the company's commitment to
adopting best practices recognized throughout the industry. Triffid management issues a
document that explains that Triffid will follow the best practices published by SANS, an industry
body that addresses computer and information security.
The Triffid document is a ______, and the SANS documents are ________. (D1, L1.4.2)
Anyone - answer✔✔Within the organization, who can identify risk? (D1, L1.2.2)
The file that contains passwords used to authenticate users - answer✔✔For which of the
following assets is integrity probably the most important security aspect? (D1, L1.1.1
The General Data Protection Regulation - answer✔✔The European Union (EU) law that grants
legal protections to individual human privacy. (D1, L1.1.1)
Physical - answer✔✔Druna is a security practitioner tasked with ensuring that laptops are not
stolen from the organization's offices. Which sort of security control would probably be best for
this purpose? (D1, L1.3.1)
Physical - answer✔✔A bollard is a post set securely in the ground in order to prevent a vehicle
from entering an area or driving past a certain point. Bollards are an example of ______ controls.
(D1, L1.3.1)
Inform (ISC)² - answer✔✔Glen is an (ISC)² member. Glen receives an email from a company
offering a set of answers for an (ISC)² certification exam. What should Glen do? (D1, L1.5.1)
Administrative - answer✔✔Triffid Corporation has a policy that all employees must receive
security awareness instruction before using email; the company wants to make employees aware
of potential phishing attempts that the employees might receive via email. What kind of control
is this instruction? (D1, L1.3.1)
A photograph of your face - answer✔✔Which of the following is an example of a "something
you are" authentication factor? (D1, L1.1.1)
Law, procedure - answer✔✔Grampon municipal code requires that all companies that operate
within city limits will have a set of processes to ensure employees are safe while working with
hazardous materials. Triffid Corporation creates a checklist of activities employees must follow
while working with hazardous materials inside Grampon city limits. The municipal code is a
______, and the Triffid checklist is a ________. (D1, L1.4.2
Cybersec Precourse Assessment Exam
Questions With Correct Answers
Law - answer✔✔The city of Grampon wants to ensure that all of its citizens are protected from
malware, so the city council creates a rule that anyone caught creating and launching malware
within the city limits will receive a fine and go to jail. What kind of rule is this? (D1, L1.4.1
risk tolerance - answer✔✔Phrenal is selling a used laptop in an online auction. Phrenal has
estimated the value of the laptop to be $100, but has seen other laptops of similar type and
quality sell for both more and less than that amount. Phrenal hopes that the laptop will sell for
$100 or more, but is prepared to take less for it if nobody bids that amount. This is an example of
___________. (D1, L1.2.2)
Explain the style and format of the questions, but no detail - answer✔✔Zarma is an (ISC)²
member and a security analyst for Triffid Corporation. One of Zarma's colleagues is interested in
getting an (ISC)2 certification and asks Zarma what the test questions are like. What should
Zarma do? (D1, L1.5.1)
A laptop with sensitive data on it - answer✔✔Of the following, which would probably not be
considered a threat? (D1, L1.2.1)
D)
disclose the relationship, but recommend the vendor/product - answer✔✔Hoshi is an (ISC)2
member who works for the Triffid Corporation as a data manager. Triffid needs a new firewall
solution, and Hoshi is asked to recommend a product for Triffid to acquire and implement.
Hoshi's cousin works for a firewall vendor; that vendor happens to make the best firewall
available. What should Hoshi do? (D1, L1.5.1)
Procedure - answer✔✔A vendor sells a particular operating system (OS). In order to deploy the
OS securely on different platforms, the vendor publishes several sets of instructions on how to
install it, depending on which platform the customer is using. This is an example of a ________.
(D1, L1.4.2)
Pay the parking ticket - answer✔✔Siobhan is an (ISC)² member who works for Triffid
Corporation as a security analyst. Yesterday, Siobhan got a parking ticket while shopping after
work. What should Siobhan do? (D1, L1.5.1)
, EXAM STUDY MATERIALS 8/7/2024 11:29 AM
Standard - answer✔✔(ISC)² publishes a Common Body of Knowledge (CBK) that IT security
practitioners should be familiar with; this is recognized throughout the industry as a set of
material that is useful for practitioners to refer to. Certifications can be issued for demonstrating
expertise in this Common Body of Knowledge. What kind of document is the Common Body of
Knowledge? (D1, L1.4.1)
Policy, standard - answer✔✔The senior leadership of Triffid Corporation decides that the best
way to minimize liability for the company is to demonstrate the company's commitment to
adopting best practices recognized throughout the industry. Triffid management issues a
document that explains that Triffid will follow the best practices published by SANS, an industry
body that addresses computer and information security.
The Triffid document is a ______, and the SANS documents are ________. (D1, L1.4.2)
Anyone - answer✔✔Within the organization, who can identify risk? (D1, L1.2.2)
The file that contains passwords used to authenticate users - answer✔✔For which of the
following assets is integrity probably the most important security aspect? (D1, L1.1.1
The General Data Protection Regulation - answer✔✔The European Union (EU) law that grants
legal protections to individual human privacy. (D1, L1.1.1)
Physical - answer✔✔Druna is a security practitioner tasked with ensuring that laptops are not
stolen from the organization's offices. Which sort of security control would probably be best for
this purpose? (D1, L1.3.1)
Physical - answer✔✔A bollard is a post set securely in the ground in order to prevent a vehicle
from entering an area or driving past a certain point. Bollards are an example of ______ controls.
(D1, L1.3.1)
Inform (ISC)² - answer✔✔Glen is an (ISC)² member. Glen receives an email from a company
offering a set of answers for an (ISC)² certification exam. What should Glen do? (D1, L1.5.1)
Administrative - answer✔✔Triffid Corporation has a policy that all employees must receive
security awareness instruction before using email; the company wants to make employees aware
of potential phishing attempts that the employees might receive via email. What kind of control
is this instruction? (D1, L1.3.1)
A photograph of your face - answer✔✔Which of the following is an example of a "something
you are" authentication factor? (D1, L1.1.1)
Law, procedure - answer✔✔Grampon municipal code requires that all companies that operate
within city limits will have a set of processes to ensure employees are safe while working with
hazardous materials. Triffid Corporation creates a checklist of activities employees must follow
while working with hazardous materials inside Grampon city limits. The municipal code is a
______, and the Triffid checklist is a ________. (D1, L1.4.2
