(ISC)2 CERTIFIED IN
CYBERSECURITY-EXAM WITH
QUESTIONS AND ANSWERS LATEST
UPDATE
Which of the following can be used to map data flows through an
organization and the relevant security controls used at each point along the
way? (D5.1, L5.1.1)
a. Encryption
b. Hashing
c. Hard Copy
d. Data Life Cycle - ANSWER >>>>>Data Life Cycle
Why is an asset inventory so important?
a. It tells you what to encrypt
b. You can't protect what you don't know you have
c. The law requires it
d. It contains a price list - ANSWER >>>>>You can't protect what you don't
know you have
Who is responsible for publishing and signing the organization's policies?
(D5.3, L5.3.1)
a. Security office
b. Human Resources
c. Senior Management
d. Legal Department - ANSWER >>>>>Senior Mangagement
Which of the following is always true about logging? (D5.1, L5.1.3)
a. Logs should be very detailed
b. Logs should be in English
c. Logs should be concise
d. Logs should be stored separately from the systems they're logging -
ANSWER >>>>>Logs should be stored separately from the systems they're
logging
A mode of encryption for ensuring confidentiality efficiently, with a minimum
amount of processing overhead (D5.1, L5.1.3)
a. Asymmetric
,b. Symmetric
c. Hashing
d. Covert - ANSWER >>>>>Symmetric
A ready visual cue to let anyone in contact with the data know what the
classification is. (D5.1, L5.1.1)
a. Encryption
b. Label
c. Graphics
d. Photos - ANSWER >>>>>Label
A set of security controls or system settings used to ensure uniformity of
configuration throughout the IT environment. (D5.2, L5.2.1)
a. Patches
b. Inventory
c. Baseline
d. Policy - ANSWER >>>>>Baseline
What is the most important aspect of security awareness/training? (D5.4,
L5.4.1)
a. Protecting assets
b. Maximizing business capabilities
c. Ensuring the confidentiality of data
d. Protecting health and human safety - ANSWER >>>>>Protecting health
and human safety
Which entity is most likely to be tasked with monitoring and enforcing
security policy? (D5.3, L5.3.1)
a. The Human Resources Office
b. The legal department
c. Regulators
d. The security office - ANSWER >>>>>The security office
Which organizational policy is most likely to indicate which types of
smartphones can be used to connect to the internal IT environment? (D5.3,
L5.3.1)
a. The CM policy (change management)
b. The password policy
c. The AUP (acceptable use policy)
,d. The BYOD policy (bring your own device) - ANSWER >>>>>The BYOD
policy (bring your own device)
Common network device used to connect networks.
Server
Endpoint
Router
Switch - ANSWER >>>>>Router
A common network device used to filter traffic
Server
Endpoint
Ethernet
Firewall - ANSWER >>>>>Firewall
endpoint <------> Web server
Which port number is associated with the protocol typically used in this
connection? (D 4.1 L4.1.2)
21
53
80
161 - ANSWER >>>>>80
An attack against the availability of a network/system, typically uses many
attacking machines to direct traffic against a given target. (D4.2 L4.2.1)
Worm
Virus
Stealth
DDoS - ANSWER >>>>>DDoS
A security solution installed on an endpoint in order to detect potentially
anomalous activity. (D4.2 L4.2.2)
Router
Host-Based Intrusion Prevention System
Switch
Security incident and event management system (SIEM) - ANSWER
>>>>>Host-Based Intrusion Prevention System
A security solution that detects, identifies and often quarantines potentially
hostile software. (D4.2, L4.2.2)
, Firewall
Guard
Camera
Anti-Malware - ANSWER >>>>>Anti-Malware
The common term used to describe the mechanisms that control the
temperature and humidity in a data center. (D4.3 L4.3.1)
VLAN (virtual local area network)
HVAC (heating, ventilation and air conditioning)
STAT (system temperature and timing)
TAWC (temperature and water control) - ANSWER >>>>>HVAC (heating,
ventilation and air conditioning)
A cloud arrangement whereby the provider owns and manages the
hardware, operating system, and applications in the cloud, and the customer
owns the data. (D4.3 L4.3.2)
Infrastructure as a service (IaaS)
Morphing as a service (MaaS)
Platform as a service (PaaS)
Software as a service (SaaS) - ANSWER >>>>>Software as a service (SaaS)
A portion of the organization's network that interfaces directly with the
outside world, typically, this exposed area has more security controls and
restrictions than the rest of the internal IT environment. (D4.3 L4.3.3)
National Institute of Standards and Technology (NIST)
Demilitarized Zone (DMZ)
Virtual Private Network (VPN)
Virtual Local Area Network (VLAN) - ANSWER >>>>>Demilitarized Zone
(DMZ)
Which of the following tools can be used to grant remote users access to the
internal IT environment? (D 4.3 L4.3.3)
VLAN (Virtual Local Area Network)
VPN (Virtual Private Network)
DDoS (Distributed Denial-of-Service)
MAC (Media Access Control) - ANSWER >>>>>Virtual Private Network (VPN)
Which of the following is a subject?
A file
A fence
CYBERSECURITY-EXAM WITH
QUESTIONS AND ANSWERS LATEST
UPDATE
Which of the following can be used to map data flows through an
organization and the relevant security controls used at each point along the
way? (D5.1, L5.1.1)
a. Encryption
b. Hashing
c. Hard Copy
d. Data Life Cycle - ANSWER >>>>>Data Life Cycle
Why is an asset inventory so important?
a. It tells you what to encrypt
b. You can't protect what you don't know you have
c. The law requires it
d. It contains a price list - ANSWER >>>>>You can't protect what you don't
know you have
Who is responsible for publishing and signing the organization's policies?
(D5.3, L5.3.1)
a. Security office
b. Human Resources
c. Senior Management
d. Legal Department - ANSWER >>>>>Senior Mangagement
Which of the following is always true about logging? (D5.1, L5.1.3)
a. Logs should be very detailed
b. Logs should be in English
c. Logs should be concise
d. Logs should be stored separately from the systems they're logging -
ANSWER >>>>>Logs should be stored separately from the systems they're
logging
A mode of encryption for ensuring confidentiality efficiently, with a minimum
amount of processing overhead (D5.1, L5.1.3)
a. Asymmetric
,b. Symmetric
c. Hashing
d. Covert - ANSWER >>>>>Symmetric
A ready visual cue to let anyone in contact with the data know what the
classification is. (D5.1, L5.1.1)
a. Encryption
b. Label
c. Graphics
d. Photos - ANSWER >>>>>Label
A set of security controls or system settings used to ensure uniformity of
configuration throughout the IT environment. (D5.2, L5.2.1)
a. Patches
b. Inventory
c. Baseline
d. Policy - ANSWER >>>>>Baseline
What is the most important aspect of security awareness/training? (D5.4,
L5.4.1)
a. Protecting assets
b. Maximizing business capabilities
c. Ensuring the confidentiality of data
d. Protecting health and human safety - ANSWER >>>>>Protecting health
and human safety
Which entity is most likely to be tasked with monitoring and enforcing
security policy? (D5.3, L5.3.1)
a. The Human Resources Office
b. The legal department
c. Regulators
d. The security office - ANSWER >>>>>The security office
Which organizational policy is most likely to indicate which types of
smartphones can be used to connect to the internal IT environment? (D5.3,
L5.3.1)
a. The CM policy (change management)
b. The password policy
c. The AUP (acceptable use policy)
,d. The BYOD policy (bring your own device) - ANSWER >>>>>The BYOD
policy (bring your own device)
Common network device used to connect networks.
Server
Endpoint
Router
Switch - ANSWER >>>>>Router
A common network device used to filter traffic
Server
Endpoint
Ethernet
Firewall - ANSWER >>>>>Firewall
endpoint <------> Web server
Which port number is associated with the protocol typically used in this
connection? (D 4.1 L4.1.2)
21
53
80
161 - ANSWER >>>>>80
An attack against the availability of a network/system, typically uses many
attacking machines to direct traffic against a given target. (D4.2 L4.2.1)
Worm
Virus
Stealth
DDoS - ANSWER >>>>>DDoS
A security solution installed on an endpoint in order to detect potentially
anomalous activity. (D4.2 L4.2.2)
Router
Host-Based Intrusion Prevention System
Switch
Security incident and event management system (SIEM) - ANSWER
>>>>>Host-Based Intrusion Prevention System
A security solution that detects, identifies and often quarantines potentially
hostile software. (D4.2, L4.2.2)
, Firewall
Guard
Camera
Anti-Malware - ANSWER >>>>>Anti-Malware
The common term used to describe the mechanisms that control the
temperature and humidity in a data center. (D4.3 L4.3.1)
VLAN (virtual local area network)
HVAC (heating, ventilation and air conditioning)
STAT (system temperature and timing)
TAWC (temperature and water control) - ANSWER >>>>>HVAC (heating,
ventilation and air conditioning)
A cloud arrangement whereby the provider owns and manages the
hardware, operating system, and applications in the cloud, and the customer
owns the data. (D4.3 L4.3.2)
Infrastructure as a service (IaaS)
Morphing as a service (MaaS)
Platform as a service (PaaS)
Software as a service (SaaS) - ANSWER >>>>>Software as a service (SaaS)
A portion of the organization's network that interfaces directly with the
outside world, typically, this exposed area has more security controls and
restrictions than the rest of the internal IT environment. (D4.3 L4.3.3)
National Institute of Standards and Technology (NIST)
Demilitarized Zone (DMZ)
Virtual Private Network (VPN)
Virtual Local Area Network (VLAN) - ANSWER >>>>>Demilitarized Zone
(DMZ)
Which of the following tools can be used to grant remote users access to the
internal IT environment? (D 4.3 L4.3.3)
VLAN (Virtual Local Area Network)
VPN (Virtual Private Network)
DDoS (Distributed Denial-of-Service)
MAC (Media Access Control) - ANSWER >>>>>Virtual Private Network (VPN)
Which of the following is a subject?
A file
A fence
