ISC2 Certified In Cybersecurity (CC) Practice Exam Questions 2025/2026 Exam All Answers and Illustrations Given

ISC2 Certified In Cybersecurity (CC)
Practice Exam Questions 2025/2026
Exam All Answers and Illustrations
Given



A vendor sells a particular operating system (OS). In order to deploy the

OS securely on different platforms, the vendor publishes several sets of

instructions on how to install it, depending on which platform the customer

is using. This is an example of ______.

A. Law

B. Procedure

C. Standard


D. Policy - 🧠ANSWER ✔✔B. Procedure


The city of Grampon wants to know where all its public vehicles (garbage

trucks, police cars, etc.) are at all times, so the city has GPS transmitters

installed in all the vehicles. What kind of control is this?

A. Administrative


COPYRIGHT©JOSHCLAY 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER: 619652435. TERMS OF USE. PRIVACY
1
STATEMENT. ALL RIGHTS RESERVED

,B. Entrenched

C. Physical


D. Technical - 🧠ANSWER ✔✔D. Technical


Triffid Corporation has a rule that all employees working with sensitive

hardcopy documents must put the documents into a safe at the end of the

workday, where they are locked up until the following workday. What kind

of control is the process of putting the documents into the safe?

A. Administrative

B. Tangential

C. Physical


D. Technical - 🧠ANSWER ✔✔A. Administrative


Grampon municipal code requires that all companies that operate within

city limits will have a set of processes to ensure employees are safe while

working with hazardous materials. Triffid Corporation creates a checklist of

activities employees must follow while working with hazardous materials

inside Grampon city limits. The municipal code is a ______, and the Triffid

checklist is a ________.

A. Law, procedure

COPYRIGHT©JOSHCLAY 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER: 619652435. TERMS OF USE. PRIVACY
2
STATEMENT. ALL RIGHTS RESERVED

,B. Standard, law

C. Law, standard

D. Policy, standard


E. Policy, law - 🧠ANSWER ✔✔A. Law, procedure


Which of the following is an example of a "something you know"

authentication factor?

A. User ID

B. Password

C. Fingerprint


D. Iris scan - 🧠ANSWER ✔✔B. Password


Tina is an (ISC)² member and is invited to join an online group of IT

security enthusiasts. After attending a few online sessions, Tina learns that

some participants in the group are sharing malware with each other, in

order to use it against other organizations online. What should Tina do?

A. Nothing

B. Stop participating in the group

C. Report the group to law enforcement


COPYRIGHT©JOSHCLAY 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER: 619652435. TERMS OF USE. PRIVACY
3
STATEMENT. ALL RIGHTS RESERVED

, D. Report the group to (ISC)2 - 🧠ANSWER ✔✔B. Stop participating


A bollard is a post set securely in the ground in order to prevent a vehicle

from entering an area or driving past a certain point. Bollards are an

example of ______ controls.

A. Physical

B. Administrative

C. Drastic


D. Technical - 🧠ANSWER ✔✔A. Physical


Triffid Corporation has a policy that all employees must receive security

awareness instruction before using email; the company wants to make

employees aware of potential phishing attempts that the employees might

receive via email. What kind of control is this instruction?

A. Administrative

B. Finite

C. Physical


D. Technical - 🧠ANSWER ✔✔A. Administrative




COPYRIGHT©JOSHCLAY 2025/2026. YEAR PUBLISHED 2025. COMPANY REGISTRATION NUMBER: 619652435. TERMS OF USE. PRIVACY
4
STATEMENT. ALL RIGHTS RESERVED