ISC2 CERTIFIED IN CYBERSECURITY (CC): 2025–2026 PRACTICE EXAM
QUESTIONS WITH MOST TESTED QUESTIONS (HARVARD STYLE)
INCLUDES 2025–2026 UPDATED PRACTICE QUESTIONS FOR THE ISC2 CERTIFIED IN CYBERSECURITY
(CC) EXAM. COVERS ALL DOMAINS: SECURITY PRINCIPLES, ACCESS CONTROL, NETWORK SECURITY,
INCIDENT RESPONSE, AND SECURITY OPERATIONS. QUESTIONS ARE BASED ON THE MOST
COMMONLY TESTED CONCEPTS AND INCLUDE HARVARD STYLE REFERENCING
A vendor sells a particular operating system (OS). In order to deploy the OS securely on different
platforms, the vendor publishes several sets of instructions on how to install it, depending on which
platform the customer is using. This is an example of ______.
A. Law
B. Procedure
C. Standard
D. Policy - CORRECT ANSWER-B. Procedure
The city of Grampon wants to know where all its public vehicles (garbage trucks, police cars, etc.) are
at all times, so the city has GPS transmitters installed in all the vehicles. What kind of control is this?
A. Administrative
B. Entrenched
C. Physical
D. Technical - CORRECT ANSWER-D. Technical
What is the risk associated with resuming full normal operations too soon after a DR effort?
A. The danger posed by the disaster might still be present
B. Investors might be upset
C. Regulators might disapprove
D. The organization could save money - CORRECT ANSWER-A. The danger posed by the disaster
might still be present
All of the following are important ways to practice an organization disaster recovery (DR) effort;
which one is the most important?
A. Practice restoring data from backups
B. Facility evacuation drills
,C. Desktop/tabletop testing of the plan
D. Running the alternate operating site to determine if it could handle critical function in time of
emergency - CORRECT ANSWER-B. Facility evacuation drills
Which of the following is likely to be included in the business continuity plan?
A. Alternate work areas for personnel affected by a natural disaster
B. The organization's approach security approach
C. Last year's budget information
D. Log data from all systems - CORRECT ANSWER-A. Alternate work areas for personnel affected
by a natural disaster
What is the overall objective of a disaster recovery (DR) effort?
A. Save money
B. Return to normal, full operations
C. Preserve critical business functions during a disaster
D. Enhance public perception of the organization - CORRECT ANSWER-B. Return to normal, full
operations
An attacker outside the organization attempts to gain access to the organization's internal files. This
is an example of a(n) ______.
A. Intrusion
B. Exploit
C. Disclosure
D. Publication - CORRECT ANSWER-A. Intrusion
What is the goal of Business Continuity efforts?
A. Save money
B. Impress customers
C. Ensure all IT system continue to operate
D. Keep critical business functions operational - CORRECT ANSWER-D. Keep critical business
functions operational
,Which of the following will have the most impact on determining the duration of log retention?
A. Personnel preference
B. Applicable laws
C. Industry standards
D. Types of storage media - CORRECT ANSWER-B. Applicable laws
Handel is a senior manager at Triffid, Inc., and is in charge of implementing a new access control
scheme for the company. Handel wants to ensure that operational managers have the utmost
personal choice in determining which employees get access to which systems/data. Which method
should Handel select?
A. Role-based access control (RBAC)
B. Mandatory access control (MAC)
C. Discretionary access control (DAC)
D. Security policy - CORRECT ANSWER-C. Discretionary access controls (DAC)
Which of the following is not an appropriate control to add to privileged accounts?
A. Increased logging
B. Multifactor authentication
C. Increased auditing
D. Security deposit - CORRECT ANSWER-D. Security deposit
Prachi works as a database administrator for Triffid, Inc. Prachi is allowed to add or delete users, but
is not allowed to read or modify the data in the database itself. When Prachi logs onto the system, an
access control list (ACL) checks to determine which permissions Prachi has.
In this situation, what is the ACL?
A. The subject
B. The object
C. The rule
D. The firmware - CORRECT ANSWER-C. The rule
All visitors to a secure facility should be _______.
A. Fingerprinted
, B. Photographed
C. Escorted
D. Required to wear protective equipment - CORRECT ANSWER-C. Escorted
Which of these is an example of a physical access control mechanism?
A. Software-based firewall at the perimeter of the network
B. A lock on a door
C. Network switches that filter according to MAC addresses
D. A process that requires two people to act at the same time to perform a function - CORRECT
ANSWER-B. A lock on a door
Network traffic originating from outside the organization might be admitted to the internal IT
environment or blocked at the perimeter by a ________.
A. Turnstile
B. Fence
C. Vacuum
D. Firewall - CORRECT ANSWER-D. Firewall
Trina is a security practitioner at Triffid, Inc. Trina has been tasked with selecting a new product to
serve as a security control in the environment. After doing some research, Trina selects a particular
product. Before that product can be purchased, a manager must review Trina's selection and
determine whether to approve the purchase. This is a description of:
A. Two-person integrity
B. Segregation of duties
C. Software
D. Defense in depth - CORRECT ANSWER-B. Segregation of duties
All of the following are typically perceived as drawbacks to biometric systems, except:
A. Lack of accuracy
B. Potential privacy concerns
C. Retention of physiological data past the point of employment
D. Legality - CORRECT ANSWER-A. Lack of accuracy
QUESTIONS WITH MOST TESTED QUESTIONS (HARVARD STYLE)
INCLUDES 2025–2026 UPDATED PRACTICE QUESTIONS FOR THE ISC2 CERTIFIED IN CYBERSECURITY
(CC) EXAM. COVERS ALL DOMAINS: SECURITY PRINCIPLES, ACCESS CONTROL, NETWORK SECURITY,
INCIDENT RESPONSE, AND SECURITY OPERATIONS. QUESTIONS ARE BASED ON THE MOST
COMMONLY TESTED CONCEPTS AND INCLUDE HARVARD STYLE REFERENCING
A vendor sells a particular operating system (OS). In order to deploy the OS securely on different
platforms, the vendor publishes several sets of instructions on how to install it, depending on which
platform the customer is using. This is an example of ______.
A. Law
B. Procedure
C. Standard
D. Policy - CORRECT ANSWER-B. Procedure
The city of Grampon wants to know where all its public vehicles (garbage trucks, police cars, etc.) are
at all times, so the city has GPS transmitters installed in all the vehicles. What kind of control is this?
A. Administrative
B. Entrenched
C. Physical
D. Technical - CORRECT ANSWER-D. Technical
What is the risk associated with resuming full normal operations too soon after a DR effort?
A. The danger posed by the disaster might still be present
B. Investors might be upset
C. Regulators might disapprove
D. The organization could save money - CORRECT ANSWER-A. The danger posed by the disaster
might still be present
All of the following are important ways to practice an organization disaster recovery (DR) effort;
which one is the most important?
A. Practice restoring data from backups
B. Facility evacuation drills
,C. Desktop/tabletop testing of the plan
D. Running the alternate operating site to determine if it could handle critical function in time of
emergency - CORRECT ANSWER-B. Facility evacuation drills
Which of the following is likely to be included in the business continuity plan?
A. Alternate work areas for personnel affected by a natural disaster
B. The organization's approach security approach
C. Last year's budget information
D. Log data from all systems - CORRECT ANSWER-A. Alternate work areas for personnel affected
by a natural disaster
What is the overall objective of a disaster recovery (DR) effort?
A. Save money
B. Return to normal, full operations
C. Preserve critical business functions during a disaster
D. Enhance public perception of the organization - CORRECT ANSWER-B. Return to normal, full
operations
An attacker outside the organization attempts to gain access to the organization's internal files. This
is an example of a(n) ______.
A. Intrusion
B. Exploit
C. Disclosure
D. Publication - CORRECT ANSWER-A. Intrusion
What is the goal of Business Continuity efforts?
A. Save money
B. Impress customers
C. Ensure all IT system continue to operate
D. Keep critical business functions operational - CORRECT ANSWER-D. Keep critical business
functions operational
,Which of the following will have the most impact on determining the duration of log retention?
A. Personnel preference
B. Applicable laws
C. Industry standards
D. Types of storage media - CORRECT ANSWER-B. Applicable laws
Handel is a senior manager at Triffid, Inc., and is in charge of implementing a new access control
scheme for the company. Handel wants to ensure that operational managers have the utmost
personal choice in determining which employees get access to which systems/data. Which method
should Handel select?
A. Role-based access control (RBAC)
B. Mandatory access control (MAC)
C. Discretionary access control (DAC)
D. Security policy - CORRECT ANSWER-C. Discretionary access controls (DAC)
Which of the following is not an appropriate control to add to privileged accounts?
A. Increased logging
B. Multifactor authentication
C. Increased auditing
D. Security deposit - CORRECT ANSWER-D. Security deposit
Prachi works as a database administrator for Triffid, Inc. Prachi is allowed to add or delete users, but
is not allowed to read or modify the data in the database itself. When Prachi logs onto the system, an
access control list (ACL) checks to determine which permissions Prachi has.
In this situation, what is the ACL?
A. The subject
B. The object
C. The rule
D. The firmware - CORRECT ANSWER-C. The rule
All visitors to a secure facility should be _______.
A. Fingerprinted
, B. Photographed
C. Escorted
D. Required to wear protective equipment - CORRECT ANSWER-C. Escorted
Which of these is an example of a physical access control mechanism?
A. Software-based firewall at the perimeter of the network
B. A lock on a door
C. Network switches that filter according to MAC addresses
D. A process that requires two people to act at the same time to perform a function - CORRECT
ANSWER-B. A lock on a door
Network traffic originating from outside the organization might be admitted to the internal IT
environment or blocked at the perimeter by a ________.
A. Turnstile
B. Fence
C. Vacuum
D. Firewall - CORRECT ANSWER-D. Firewall
Trina is a security practitioner at Triffid, Inc. Trina has been tasked with selecting a new product to
serve as a security control in the environment. After doing some research, Trina selects a particular
product. Before that product can be purchased, a manager must review Trina's selection and
determine whether to approve the purchase. This is a description of:
A. Two-person integrity
B. Segregation of duties
C. Software
D. Defense in depth - CORRECT ANSWER-B. Segregation of duties
All of the following are typically perceived as drawbacks to biometric systems, except:
A. Lack of accuracy
B. Potential privacy concerns
C. Retention of physiological data past the point of employment
D. Legality - CORRECT ANSWER-A. Lack of accuracy
