ISC2 CC (Certified in CyberSecurity)
Practice Questions: Certification
Success - Unofficial By Certification
Terminal (Part 1) 2025/2026 Exam
Questions and Answers | 100% Solved
4.1 In the realm of information security, what constitutes the utmost crucial
element of privacy?
A. Protecting personal information from unauthorized access or disclosure
B. Ensuring data is accurate and unchanged
C. Making sure data is always accessible when needed
D. All of the above - 🧠ANSWER ✔✔A. Protecting personal information from
unauthorized access or disclosure
4.2 Choose the BEST example for a preventive control from the following:
A. A firewall
B. A backup generator
C. An intrusion detection system
COPYRIGHT©JOSHCLAY 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER: 619652435. TERMS OF USE. PRIVACY
1
STATEMENT. ALL RIGHTS RESERVED
,D. An antivirus software - 🧠ANSWER ✔✔A. A firewall
4.3 What distinguishes a private cloud from a public cloud?
A. A public cloud is less secure than a private cloud
B. A private cloud is more expensive than a public cloud
C. A public cloud is hosted by a third-party provider, while a private cloud is
dedicated to a single organization
D. A private cloud is only accessible from a single location - 🧠ANSWER
✔✔C. A public cloud is hosted by a third-party provider, while a private
cloud is dedicated to a single organization
4.4 What security principle asserts that a user should possess only the
requisite permissions to perform a task?
A. Separation of Duties
B. Defense in Depth
C. Least Privilege
D. Privileged Accounts - 🧠ANSWER ✔✔C. Least Privilege
4.5 What is the objective of implementing a security awareness and training
initiative?
COPYRIGHT©JOSHCLAY 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER: 619652435. TERMS OF USE. PRIVACY
2
STATEMENT. ALL RIGHTS RESERVED
,A. To develop technical specifications for security controls
B. To educate employees about security policies and procedures
C. To investigate and respond to security incidents
D. To enforce disciplinary actions for security violations - 🧠ANSWER ✔✔B.
To educate employees about security policies and procedures
4.6 In your roles as a cybersecurity analyst, your supervisor tasks you with
producing a document that delineates the sequential procedure for setting
up firewall rules within the organization's network infrastructure. What
specific type of document are you creating?
A. Guideline
B. Policy
C. Procedure
D. Standard - 🧠ANSWER ✔✔C. Procedure
4.7 What is the term used to denote the process of eliminating or
neutralizing malicious software (malware) from a computer?
A. Firewall configuration
B. Decryption
COPYRIGHT©JOSHCLAY 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER: 619652435. TERMS OF USE. PRIVACY
3
STATEMENT. ALL RIGHTS RESERVED
, C. Encryption
D. Malware Removal - 🧠ANSWER ✔✔D. Malware Removal
4.8 What distinguishes an incident response plan from a disaster recovery
plan?
A. An incident response plan focuses on recovering from security incidents,
while a disaster recovery plan focuses on recovering from natural disasters.
B. An incident response plan focuses on preventing security incidents,
while a disaster recovery plan focuses on mitigating the impact of natural
disasters
C. An incident response plan focuses on detecting and responding to
security incidents, while a disaster recovery plan focuses on restoring IT
systems and infrastructure
D. An incident response plan focuses on restoring critical systems and
data, while a disaster recovery plan focuses on restoring business
operations. - 🧠ANSWER ✔✔C. An incident response plan focuses on
detecting and responding to security incidents, while a disaster recovery
plan focuses on restoring IT systems and infrastructure
4.9 What is the main objective of Business Continuity (BC)?
COPYRIGHT©JOSHCLAY 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER: 619652435. TERMS OF USE. PRIVACY
4
STATEMENT. ALL RIGHTS RESERVED
Practice Questions: Certification
Success - Unofficial By Certification
Terminal (Part 1) 2025/2026 Exam
Questions and Answers | 100% Solved
4.1 In the realm of information security, what constitutes the utmost crucial
element of privacy?
A. Protecting personal information from unauthorized access or disclosure
B. Ensuring data is accurate and unchanged
C. Making sure data is always accessible when needed
D. All of the above - 🧠ANSWER ✔✔A. Protecting personal information from
unauthorized access or disclosure
4.2 Choose the BEST example for a preventive control from the following:
A. A firewall
B. A backup generator
C. An intrusion detection system
COPYRIGHT©JOSHCLAY 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER: 619652435. TERMS OF USE. PRIVACY
1
STATEMENT. ALL RIGHTS RESERVED
,D. An antivirus software - 🧠ANSWER ✔✔A. A firewall
4.3 What distinguishes a private cloud from a public cloud?
A. A public cloud is less secure than a private cloud
B. A private cloud is more expensive than a public cloud
C. A public cloud is hosted by a third-party provider, while a private cloud is
dedicated to a single organization
D. A private cloud is only accessible from a single location - 🧠ANSWER
✔✔C. A public cloud is hosted by a third-party provider, while a private
cloud is dedicated to a single organization
4.4 What security principle asserts that a user should possess only the
requisite permissions to perform a task?
A. Separation of Duties
B. Defense in Depth
C. Least Privilege
D. Privileged Accounts - 🧠ANSWER ✔✔C. Least Privilege
4.5 What is the objective of implementing a security awareness and training
initiative?
COPYRIGHT©JOSHCLAY 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER: 619652435. TERMS OF USE. PRIVACY
2
STATEMENT. ALL RIGHTS RESERVED
,A. To develop technical specifications for security controls
B. To educate employees about security policies and procedures
C. To investigate and respond to security incidents
D. To enforce disciplinary actions for security violations - 🧠ANSWER ✔✔B.
To educate employees about security policies and procedures
4.6 In your roles as a cybersecurity analyst, your supervisor tasks you with
producing a document that delineates the sequential procedure for setting
up firewall rules within the organization's network infrastructure. What
specific type of document are you creating?
A. Guideline
B. Policy
C. Procedure
D. Standard - 🧠ANSWER ✔✔C. Procedure
4.7 What is the term used to denote the process of eliminating or
neutralizing malicious software (malware) from a computer?
A. Firewall configuration
B. Decryption
COPYRIGHT©JOSHCLAY 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER: 619652435. TERMS OF USE. PRIVACY
3
STATEMENT. ALL RIGHTS RESERVED
, C. Encryption
D. Malware Removal - 🧠ANSWER ✔✔D. Malware Removal
4.8 What distinguishes an incident response plan from a disaster recovery
plan?
A. An incident response plan focuses on recovering from security incidents,
while a disaster recovery plan focuses on recovering from natural disasters.
B. An incident response plan focuses on preventing security incidents,
while a disaster recovery plan focuses on mitigating the impact of natural
disasters
C. An incident response plan focuses on detecting and responding to
security incidents, while a disaster recovery plan focuses on restoring IT
systems and infrastructure
D. An incident response plan focuses on restoring critical systems and
data, while a disaster recovery plan focuses on restoring business
operations. - 🧠ANSWER ✔✔C. An incident response plan focuses on
detecting and responding to security incidents, while a disaster recovery
plan focuses on restoring IT systems and infrastructure
4.9 What is the main objective of Business Continuity (BC)?
COPYRIGHT©JOSHCLAY 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER: 619652435. TERMS OF USE. PRIVACY
4
STATEMENT. ALL RIGHTS RESERVED
