ISC2 CC (Certified in Cyber Security) Practice
Questions Certification Success - Unofficial By
Certification Terminal (Part 1) Exam Questions With
Correct Answers
4.1 |In |the |realm |of |information |security, |what |constitutes |the |utmost |crucial |element |of |
privacy?
A. |Protecting |personal |information |from |unauthorized |access |or |disclosure
B. |Ensuring |data |is |accurate |and |unchanged
C. |Making |sure |data |is |always |accessible |when |needed
D. |All |of |the |above |- |CORRECT |ANSWER✔✔-A. |Protecting |personal |information |from |
unauthorized |access |or |disclosure
4.2 |Choose |the |BEST |example |for |a |preventive |control |from |the |following:
A. |A |firewall
B. |A |backup |generator
C. |An |intrusion |detection |system
D. |An |antivirus |software |- |CORRECT |ANSWER✔✔-A. |A |firewall
4.3 |What |distinguishes |a |private |cloud |from |a |public |cloud?
A. |A |public |cloud |is |less |secure |than |a |private |cloud
B. |A |private |cloud |is |more |expensive |than |a |public |cloud
C. |A |public |cloud |is |hosted |by |a |third-party |provider, |while |a |private |cloud |is |dedicated |to |a |
single |organization
,D. |A |private |cloud |is |only |accessible |from |a |single |location |- |CORRECT |ANSWER✔✔-C. |A |public
|cloud |is |hosted |by |a |third-party |provider, |while |a |private |cloud |is |dedicated |to |a |single |
organization
4.4 |What |security |principle |asserts |that |a |user |should |possess |only |the |requisite |permissions |
to |perform |a |task?
A. |Separation |of |Duties
B. |Defense |in |Depth
C. |Least |Privilege
D. |Privileged |Accounts |- |CORRECT |ANSWER✔✔-C. |Least |Privilege
4.5 |What |is |the |objective |of |implementing |a |security |awareness |and |training |initiative?
A. |To |develop |technical |specifications |for |security |controls
B. |To |educate |employees |about |security |policies |and |procedures
C. |To |investigate |and |respond |to |security |incidents
D. |To |enforce |disciplinary |actions |for |security |violations |- |CORRECT |ANSWER✔✔-B. |To |educate |
employees |about |security |policies |and |procedures
4.6 |In |your |roles |as |a |cybersecurity |analyst, |your |supervisor |tasks |you |with |producing |a |
document |that |delineates |the |sequential |procedure |for |setting |up |firewall |rules |within |the |
organization's |network |infrastructure. |What |specific |type |of |document |are |you |creating?
A. |Guideline
B. |Policy
C. |Procedure
D. |Standard |- |CORRECT |ANSWER✔✔-C. |Procedure
4.7 |What |is |the |term |used |to |denote |the |process |of |eliminating |or |neutralizing |malicious |
software |(malware) |from |a |computer?
,A. |Firewall |configuration
B. |Decryption
C. |Encryption
D. |Malware |Removal |- |CORRECT |ANSWER✔✔-D. |Malware |Removal
4.8 |What |distinguishes |an |incident |response |plan |from |a |disaster |recovery |plan?
A. |An |incident |response |plan |focuses |on |recovering |from |security |incidents, |while |a |disaster |
recovery |plan |focuses |on |recovering |from |natural |disasters.
B. |An |incident |response |plan |focuses |on |preventing |security |incidents, |while |a |disaster |
recovery |plan |focuses |on |mitigating |the |impact |of |natural |disasters
C. |An |incident |response |plan |focuses |on |detecting |and |responding |to |security |incidents, |while |
a |disaster |recovery |plan |focuses |on |restoring |IT |systems |and |infrastructure
D. |An |incident |response |plan |focuses |on |restoring |critical |systems |and |data, |while |a |disaster |
recovery |plan |focuses |on |restoring |business |operations. |- |CORRECT |ANSWER✔✔-C. |An |
incident |response |plan |focuses |on |detecting |and |responding |to |security |incidents, |while |a |
disaster |recovery |plan |focuses |on |restoring |IT |systems |and |infrastructure
4.9 |What |is |the |main |objective |of |Business |Continuity |(BC)?
A. |To |minimize |expenses |during |unexpected |events
B. |To |maintain |operations |during |unexpected |events
C. |To |maximize |profits |during |unexpected |events
D. |To |maintain |the |status |quo |during |unexpected |events |- |CORRECT |ANSWER✔✔-B. |To |
maintain |operations |during |unexpected |even
4.10 |Which |of |the |options |below |is |an |example |that |does |NOT |represent |a |possible |model |for |
an |Incident |Response |Team |(IRT)?
A. |Leveraged
B. |Dedicated
C. |Hybrid
, D. |Pre-existing |- |CORRECT |ANSWER✔✔-D. |Pre-existing
4.11 |What |is |the |objective |of |a |risk |assessment |procedure?
A. |To |assign |risk |priorities |to |identified |risks
B. |To |assess |the |potential |impact |of |risks |on |the |organization
C. |To |implement |controls |and |measures |to |reduce |or |eliminate |risks
D. |To |provide |a |structured |approach |for |conducting |risk |assessments |- |CORRECT |ANSWER✔✔-
D. |To |provide |a |structured |approach |for |conducting |risk |assessments
4.12 |In |risk |management, |what |does |the |term |"impact" |refer |to?
A. |The |actions |taken |to |transfer |or |mitigate |risks
B. |Confidentiality
C. |The |severity |or |consequences |of |a |risk |event
D. |the |potential |vulnerabilities |in |a |system |or |process. |- |CORRECT |ANSWER✔✔-C. |The |severity |
or |consequences |of |a |risk |event
4.13 |How |do |you |define |integrity |in |the |context |of |Information |Security?
A. |The |maintenance |of |a |known |configuration |and |unexpected |operational |function |as |the |
system |processes |information
B. |The |maintenance |of |a |random |configuration |and |unpredictable |operational |function |as |the |
system |processes |information
C. |The |maintenance |of |a |known |bad |configuration |and |unexpected |operational |function |as |the
|system |processes |information
D. |The |maintenance |of |a |known |good |configuration |and |expected |operational |function |as |the |
system |processes |information |- |CORRECT |ANSWER✔✔-D. |The |maintenance |of |a |known |good |
configuration |and |expected |operational |function |as |the |system |processes |information
4.14 |What |is |the |primary |objective |of |risk |assessment?
Questions Certification Success - Unofficial By
Certification Terminal (Part 1) Exam Questions With
Correct Answers
4.1 |In |the |realm |of |information |security, |what |constitutes |the |utmost |crucial |element |of |
privacy?
A. |Protecting |personal |information |from |unauthorized |access |or |disclosure
B. |Ensuring |data |is |accurate |and |unchanged
C. |Making |sure |data |is |always |accessible |when |needed
D. |All |of |the |above |- |CORRECT |ANSWER✔✔-A. |Protecting |personal |information |from |
unauthorized |access |or |disclosure
4.2 |Choose |the |BEST |example |for |a |preventive |control |from |the |following:
A. |A |firewall
B. |A |backup |generator
C. |An |intrusion |detection |system
D. |An |antivirus |software |- |CORRECT |ANSWER✔✔-A. |A |firewall
4.3 |What |distinguishes |a |private |cloud |from |a |public |cloud?
A. |A |public |cloud |is |less |secure |than |a |private |cloud
B. |A |private |cloud |is |more |expensive |than |a |public |cloud
C. |A |public |cloud |is |hosted |by |a |third-party |provider, |while |a |private |cloud |is |dedicated |to |a |
single |organization
,D. |A |private |cloud |is |only |accessible |from |a |single |location |- |CORRECT |ANSWER✔✔-C. |A |public
|cloud |is |hosted |by |a |third-party |provider, |while |a |private |cloud |is |dedicated |to |a |single |
organization
4.4 |What |security |principle |asserts |that |a |user |should |possess |only |the |requisite |permissions |
to |perform |a |task?
A. |Separation |of |Duties
B. |Defense |in |Depth
C. |Least |Privilege
D. |Privileged |Accounts |- |CORRECT |ANSWER✔✔-C. |Least |Privilege
4.5 |What |is |the |objective |of |implementing |a |security |awareness |and |training |initiative?
A. |To |develop |technical |specifications |for |security |controls
B. |To |educate |employees |about |security |policies |and |procedures
C. |To |investigate |and |respond |to |security |incidents
D. |To |enforce |disciplinary |actions |for |security |violations |- |CORRECT |ANSWER✔✔-B. |To |educate |
employees |about |security |policies |and |procedures
4.6 |In |your |roles |as |a |cybersecurity |analyst, |your |supervisor |tasks |you |with |producing |a |
document |that |delineates |the |sequential |procedure |for |setting |up |firewall |rules |within |the |
organization's |network |infrastructure. |What |specific |type |of |document |are |you |creating?
A. |Guideline
B. |Policy
C. |Procedure
D. |Standard |- |CORRECT |ANSWER✔✔-C. |Procedure
4.7 |What |is |the |term |used |to |denote |the |process |of |eliminating |or |neutralizing |malicious |
software |(malware) |from |a |computer?
,A. |Firewall |configuration
B. |Decryption
C. |Encryption
D. |Malware |Removal |- |CORRECT |ANSWER✔✔-D. |Malware |Removal
4.8 |What |distinguishes |an |incident |response |plan |from |a |disaster |recovery |plan?
A. |An |incident |response |plan |focuses |on |recovering |from |security |incidents, |while |a |disaster |
recovery |plan |focuses |on |recovering |from |natural |disasters.
B. |An |incident |response |plan |focuses |on |preventing |security |incidents, |while |a |disaster |
recovery |plan |focuses |on |mitigating |the |impact |of |natural |disasters
C. |An |incident |response |plan |focuses |on |detecting |and |responding |to |security |incidents, |while |
a |disaster |recovery |plan |focuses |on |restoring |IT |systems |and |infrastructure
D. |An |incident |response |plan |focuses |on |restoring |critical |systems |and |data, |while |a |disaster |
recovery |plan |focuses |on |restoring |business |operations. |- |CORRECT |ANSWER✔✔-C. |An |
incident |response |plan |focuses |on |detecting |and |responding |to |security |incidents, |while |a |
disaster |recovery |plan |focuses |on |restoring |IT |systems |and |infrastructure
4.9 |What |is |the |main |objective |of |Business |Continuity |(BC)?
A. |To |minimize |expenses |during |unexpected |events
B. |To |maintain |operations |during |unexpected |events
C. |To |maximize |profits |during |unexpected |events
D. |To |maintain |the |status |quo |during |unexpected |events |- |CORRECT |ANSWER✔✔-B. |To |
maintain |operations |during |unexpected |even
4.10 |Which |of |the |options |below |is |an |example |that |does |NOT |represent |a |possible |model |for |
an |Incident |Response |Team |(IRT)?
A. |Leveraged
B. |Dedicated
C. |Hybrid
, D. |Pre-existing |- |CORRECT |ANSWER✔✔-D. |Pre-existing
4.11 |What |is |the |objective |of |a |risk |assessment |procedure?
A. |To |assign |risk |priorities |to |identified |risks
B. |To |assess |the |potential |impact |of |risks |on |the |organization
C. |To |implement |controls |and |measures |to |reduce |or |eliminate |risks
D. |To |provide |a |structured |approach |for |conducting |risk |assessments |- |CORRECT |ANSWER✔✔-
D. |To |provide |a |structured |approach |for |conducting |risk |assessments
4.12 |In |risk |management, |what |does |the |term |"impact" |refer |to?
A. |The |actions |taken |to |transfer |or |mitigate |risks
B. |Confidentiality
C. |The |severity |or |consequences |of |a |risk |event
D. |the |potential |vulnerabilities |in |a |system |or |process. |- |CORRECT |ANSWER✔✔-C. |The |severity |
or |consequences |of |a |risk |event
4.13 |How |do |you |define |integrity |in |the |context |of |Information |Security?
A. |The |maintenance |of |a |known |configuration |and |unexpected |operational |function |as |the |
system |processes |information
B. |The |maintenance |of |a |random |configuration |and |unpredictable |operational |function |as |the |
system |processes |information
C. |The |maintenance |of |a |known |bad |configuration |and |unexpected |operational |function |as |the
|system |processes |information
D. |The |maintenance |of |a |known |good |configuration |and |expected |operational |function |as |the |
system |processes |information |- |CORRECT |ANSWER✔✔-D. |The |maintenance |of |a |known |good |
configuration |and |expected |operational |function |as |the |system |processes |information
4.14 |What |is |the |primary |objective |of |risk |assessment?
