(ISC)2 Certified in Cybersecurity - Exam
Prep Exam Questions And Answers
A system that collects transactional information and stores it in a record
in order to show which users performed which actions is an example of
providing ________. (D1, L1.1.1)
A) Non-repudiation
B) Multifactor authentication
C) Biometrics
D) Privacy - - correct answer ✅A) Non-repudiation
In risk management concepts, a(n) ___________ is something or
someone that poses risk to an organization or asset. (D1, L1.2.1)
A) Fear
B) Threat
C) Control
D) Asset - - correct answer ✅B) Threat
A software firewall is an application that runs on a device and prevents
specific types of traffic from entering that device. This is a type of
________ control. (D1, L1.3.1)
,(ISC)2 Certified in Cybersecurity - Exam
Prep Exam Questions And Answers
A) Physical
B) Administrative
C) Passive
D) Technical - - correct answer ✅D) Technical
Tina is an (ISC)² member and is invited to join an online group of IT
security enthusiasts. After attending a few online sessions, Tina learns
that some participants in the group are sharing malware with each
other, in order to use it against other organizations online. What should
Tina do? (D1, L1.5.1)
A) Nothing
B) Stop participating in the group
C) Report the group to law enforcement
D) Report the group to (ISC)² - - correct answer ✅B) Stop participating
in the group
The city of Grampon wants to ensure that all of its citizens are
protected from malware, so the city council creates a rule that anyone
caught creating and launching malware within the city limits will receive
a fine and go to jail. What kind of rule is this? (D1, L1.4.1)
A) Policy
B) Procedure
,(ISC)2 Certified in Cybersecurity - Exam
Prep Exam Questions And Answers
C) Standard
D) Law - - correct answer ✅D) Law
The Payment Card Industry (PCI) Council is a committee made up of
representatives from major credit card providers (Visa, Mastercard,
American Express) in the United States. The PCI Council issues rules that
merchants must follow if the merchants choose to accept payment via
credit card. These rules describe best practices for securing credit card
processing technology, activities for securing credit card information,
and how to protect customers' personal data. This set of rules is a
_____. (D1, L1.4.2)
A) Law
B) Policy
C) Standard
D) Procedure - - correct answer ✅C) Standard
Aphrodite is a member of (ISC)² and a data analyst for Triffid
Corporation. While Aphrodite is reviewing user log data, Aphrodite
discovers that another Triffid employee is violating the acceptable use
policy and watching streaming videos during work hours. What should
Aphrodite do? (D1, L1.5.1)
A) Inform (ISC)²
, (ISC)2 Certified in Cybersecurity - Exam
Prep Exam Questions And Answers
B) Inform law enforcement
C) Inform Triffid management
D) Nothing - - correct answer ✅C) Inform Triffid management
Triffid Corporation has a rule that all employees working with sensitive
hardcopy documents must put the documents into a safe at the end of
the workday, where they are locked up until the following workday.
What kind of control is the process of putting the documents into the
safe? (D1, L1.3.1)
A) Administrative
B) Tangential
C) Physical
D) Technical - - correct answer ✅A) Administrative
Kerpak works in the security office of a medium-sized entertainment
company. Kerpak is asked to assess a particular threat, and he suggests
that the best way to counter this threat would be to purchase and
implement a particular security solution. This is an example of _______.
(D1, L1.2.2)
A) Acceptance
B) Avoidance
C) Mitigation
Prep Exam Questions And Answers
A system that collects transactional information and stores it in a record
in order to show which users performed which actions is an example of
providing ________. (D1, L1.1.1)
A) Non-repudiation
B) Multifactor authentication
C) Biometrics
D) Privacy - - correct answer ✅A) Non-repudiation
In risk management concepts, a(n) ___________ is something or
someone that poses risk to an organization or asset. (D1, L1.2.1)
A) Fear
B) Threat
C) Control
D) Asset - - correct answer ✅B) Threat
A software firewall is an application that runs on a device and prevents
specific types of traffic from entering that device. This is a type of
________ control. (D1, L1.3.1)
,(ISC)2 Certified in Cybersecurity - Exam
Prep Exam Questions And Answers
A) Physical
B) Administrative
C) Passive
D) Technical - - correct answer ✅D) Technical
Tina is an (ISC)² member and is invited to join an online group of IT
security enthusiasts. After attending a few online sessions, Tina learns
that some participants in the group are sharing malware with each
other, in order to use it against other organizations online. What should
Tina do? (D1, L1.5.1)
A) Nothing
B) Stop participating in the group
C) Report the group to law enforcement
D) Report the group to (ISC)² - - correct answer ✅B) Stop participating
in the group
The city of Grampon wants to ensure that all of its citizens are
protected from malware, so the city council creates a rule that anyone
caught creating and launching malware within the city limits will receive
a fine and go to jail. What kind of rule is this? (D1, L1.4.1)
A) Policy
B) Procedure
,(ISC)2 Certified in Cybersecurity - Exam
Prep Exam Questions And Answers
C) Standard
D) Law - - correct answer ✅D) Law
The Payment Card Industry (PCI) Council is a committee made up of
representatives from major credit card providers (Visa, Mastercard,
American Express) in the United States. The PCI Council issues rules that
merchants must follow if the merchants choose to accept payment via
credit card. These rules describe best practices for securing credit card
processing technology, activities for securing credit card information,
and how to protect customers' personal data. This set of rules is a
_____. (D1, L1.4.2)
A) Law
B) Policy
C) Standard
D) Procedure - - correct answer ✅C) Standard
Aphrodite is a member of (ISC)² and a data analyst for Triffid
Corporation. While Aphrodite is reviewing user log data, Aphrodite
discovers that another Triffid employee is violating the acceptable use
policy and watching streaming videos during work hours. What should
Aphrodite do? (D1, L1.5.1)
A) Inform (ISC)²
, (ISC)2 Certified in Cybersecurity - Exam
Prep Exam Questions And Answers
B) Inform law enforcement
C) Inform Triffid management
D) Nothing - - correct answer ✅C) Inform Triffid management
Triffid Corporation has a rule that all employees working with sensitive
hardcopy documents must put the documents into a safe at the end of
the workday, where they are locked up until the following workday.
What kind of control is the process of putting the documents into the
safe? (D1, L1.3.1)
A) Administrative
B) Tangential
C) Physical
D) Technical - - correct answer ✅A) Administrative
Kerpak works in the security office of a medium-sized entertainment
company. Kerpak is asked to assess a particular threat, and he suggests
that the best way to counter this threat would be to purchase and
implement a particular security solution. This is an example of _______.
(D1, L1.2.2)
A) Acceptance
B) Avoidance
C) Mitigation
