ISC2 Certified In Cybersecurity (CC) Practice Exam
Questions With Correct Answers
A |vendor |sells |a |particular |operating |system |(OS). |In |order |to |deploy |the |OS |securely |on |
different |platforms, |the |vendor |publishes |several |sets |of |instructions |on |how |to |install |it, |
depending |on |which |platform |the |customer |is |using. |This |is |an |example |of |______.
A. |Law
B. |Procedure
C. |Standard
D. |Policy |- |CORRECT |ANSWER✔✔-B. |Procedure
The |city |of |Grampon |wants |to |know |where |all |its |public |vehicles |(garbage |trucks, |police |cars, |
etc.) |are |at |all |times, |so |the |city |has |GPS |transmitters |installed |in |all |the |vehicles. |What |kind |of
|control |is |this?
A. |Administrative
B. |Entrenched
C. |Physical
D. |Technical |- |CORRECT |ANSWER✔✔-D. |Technical
Triffid |Corporation |has |a |rule |that |all |employees |working |with |sensitive |hardcopy |documents |
must |put |the |documents |into |a |safe |at |the |end |of |the |workday, |where |they |are |locked |up |until
|the |following |workday. |What |kind |of |control |is |the |process |of |putting |the |documents |into |the |
safe?
A. |Administrative
B. |Tangential
C. |Physical
D. |Technical |- |CORRECT |ANSWER✔✔-A. |Administrative
,Grampon |municipal |code |requires |that |all |companies |that |operate |within |city |limits |will |have |a
|set |of |processes |to |ensure |employees |are |safe |while |working |with |hazardous |materials. |Triffid
|Corporation |creates |a |checklist |of |activities |employees |must |follow |while |working |with |
hazardous |materials |inside |Grampon |city |limits. |The |municipal |code |is |a |______, |and |the |
Triffid |checklist |is |a |________.
A. |Law, |procedure
B. |Standard, |law
C. |Law, |standard
D. |Policy, |standard
E. |Policy, |law |- |CORRECT |ANSWER✔✔-A. |Law, |procedure
Which |of |the |following |is |an |example |of |a |"something |you |know" |authentication |factor?
A. |User |ID
B. |Password
C. |Fingerprint
D. |Iris |scan |- |CORRECT |ANSWER✔✔-B. |Password
Tina |is |an |(ISC)² |member |and |is |invited |to |join |an |online |group |of |IT |security |enthusiasts. |After
|attending |a |few |online |sessions, |Tina |learns |that |some |participants |in |the |group |are |sharing |
malware |with |each |other, |in |order |to |use |it |against |other |organizations |online. |What |should |
Tina |do?
A. |Nothing
B. |Stop |participating |in |the |group
C. |Report |the |group |to |law |enforcement
D. |Report |the |group |to |(ISC)2 |- |CORRECT |ANSWER✔✔-B. |Stop |participating
A |bollard |is |a |post |set |securely |in |the |ground |in |order |to |prevent |a |vehicle |from |entering |an |
area |or |driving |past |a |certain |point. |Bollards |are |an |example |of |______ |controls.
,A. |Physical
B. |Administrative
C. |Drastic
D. |Technical |- |CORRECT |ANSWER✔✔-A. |Physical
Triffid |Corporation |has |a |policy |that |all |employees |must |receive |security |awareness |instruction
|before |using |email; |the |company |wants |to |make |employees |aware |of |potential |phishing |
attempts |that |the |employees |might |receive |via |email. |What |kind |of |control |is |this |instruction?
A. |Administrative
B. |Finite
C. |Physical
D. |Technical |- |CORRECT |ANSWER✔✔-A. |Administrative
The |Triffid |Corporation |publishes |a |strategic |overview |of |the |company's |intent |to |secure |all |the
|data |the |company |possesses. |This |document |is |signed |by |Triffid |senior |management. |What |
kind |of |document |is |this?
A. |Policy
B. |Procedure
C. |Standard
D. |Law |- |CORRECT |ANSWER✔✔-A. |Policy
Chad |is |a |security |practitioner |tasked |with |ensuring |that |the |information |on |the |organization's |
public |website |is |not |changed |by |anyone |outside |the |organization. |This |task |is |an |example |of |
ensuring |_________.
A. |Confidentiality
B. |Integrity
C. |Availability
D. |Confirmation |- |CORRECT |ANSWER✔✔-B. |Integrity
, The |city |of |Grampon |wants |to |ensure |that |all |of |its |citizens |are |protected |from |malware, |so |
the |city |council |creates |a |rule |that |anyone |caught |creating |and |launching |malware |within |the |
city |limits |will |receive |a |fine |and |go |to |jail. |What |kind |of |rule |is |this?
A. |Policy
B. |Procedure
C. |Standard
D. |Law |- |CORRECT |ANSWER✔✔-D. |Law
Zarma |is |an |(ISC)² |member |and |a |security |analyst |for |Triffid |Corporation. |One |of |Zarma's |
colleagues |is |interested |in |getting |an |(ISC)2 |certification |and |asks |Zarma |what |the |test |
questions |are |like. |What |should |Zarma |do?
A. |Inform |(ISC)2
B. |Explain |the |style |and |format |of |the |questions, |but |no |detail
C. |Inform |the |colleague's |supervisor
D. |Nothing |- |CORRECT |ANSWER✔✔-B. |Explain |the |style |and |format |of |the |questions, |but |no |
detail
Druna |is |a |security |practitioner |tasked |with |ensuring |that |laptops |are |not |stolen |from |the |
organization's |offices. |Which |sort |of |security |control |would |probably |be |best |for |this |purpose?
A. |Technical
B. |Observe
C. |Physical
D. |Administrative |- |CORRECT |ANSWER✔✔-C. |Physical
For |which |of |the |following |assets |is |integrity |probably |the |most |important |security |aspect?
A. |One |frame |of |a |streaming |video
B. |The |file |that |contains |passwords |used |to |authenticate |users
Questions With Correct Answers
A |vendor |sells |a |particular |operating |system |(OS). |In |order |to |deploy |the |OS |securely |on |
different |platforms, |the |vendor |publishes |several |sets |of |instructions |on |how |to |install |it, |
depending |on |which |platform |the |customer |is |using. |This |is |an |example |of |______.
A. |Law
B. |Procedure
C. |Standard
D. |Policy |- |CORRECT |ANSWER✔✔-B. |Procedure
The |city |of |Grampon |wants |to |know |where |all |its |public |vehicles |(garbage |trucks, |police |cars, |
etc.) |are |at |all |times, |so |the |city |has |GPS |transmitters |installed |in |all |the |vehicles. |What |kind |of
|control |is |this?
A. |Administrative
B. |Entrenched
C. |Physical
D. |Technical |- |CORRECT |ANSWER✔✔-D. |Technical
Triffid |Corporation |has |a |rule |that |all |employees |working |with |sensitive |hardcopy |documents |
must |put |the |documents |into |a |safe |at |the |end |of |the |workday, |where |they |are |locked |up |until
|the |following |workday. |What |kind |of |control |is |the |process |of |putting |the |documents |into |the |
safe?
A. |Administrative
B. |Tangential
C. |Physical
D. |Technical |- |CORRECT |ANSWER✔✔-A. |Administrative
,Grampon |municipal |code |requires |that |all |companies |that |operate |within |city |limits |will |have |a
|set |of |processes |to |ensure |employees |are |safe |while |working |with |hazardous |materials. |Triffid
|Corporation |creates |a |checklist |of |activities |employees |must |follow |while |working |with |
hazardous |materials |inside |Grampon |city |limits. |The |municipal |code |is |a |______, |and |the |
Triffid |checklist |is |a |________.
A. |Law, |procedure
B. |Standard, |law
C. |Law, |standard
D. |Policy, |standard
E. |Policy, |law |- |CORRECT |ANSWER✔✔-A. |Law, |procedure
Which |of |the |following |is |an |example |of |a |"something |you |know" |authentication |factor?
A. |User |ID
B. |Password
C. |Fingerprint
D. |Iris |scan |- |CORRECT |ANSWER✔✔-B. |Password
Tina |is |an |(ISC)² |member |and |is |invited |to |join |an |online |group |of |IT |security |enthusiasts. |After
|attending |a |few |online |sessions, |Tina |learns |that |some |participants |in |the |group |are |sharing |
malware |with |each |other, |in |order |to |use |it |against |other |organizations |online. |What |should |
Tina |do?
A. |Nothing
B. |Stop |participating |in |the |group
C. |Report |the |group |to |law |enforcement
D. |Report |the |group |to |(ISC)2 |- |CORRECT |ANSWER✔✔-B. |Stop |participating
A |bollard |is |a |post |set |securely |in |the |ground |in |order |to |prevent |a |vehicle |from |entering |an |
area |or |driving |past |a |certain |point. |Bollards |are |an |example |of |______ |controls.
,A. |Physical
B. |Administrative
C. |Drastic
D. |Technical |- |CORRECT |ANSWER✔✔-A. |Physical
Triffid |Corporation |has |a |policy |that |all |employees |must |receive |security |awareness |instruction
|before |using |email; |the |company |wants |to |make |employees |aware |of |potential |phishing |
attempts |that |the |employees |might |receive |via |email. |What |kind |of |control |is |this |instruction?
A. |Administrative
B. |Finite
C. |Physical
D. |Technical |- |CORRECT |ANSWER✔✔-A. |Administrative
The |Triffid |Corporation |publishes |a |strategic |overview |of |the |company's |intent |to |secure |all |the
|data |the |company |possesses. |This |document |is |signed |by |Triffid |senior |management. |What |
kind |of |document |is |this?
A. |Policy
B. |Procedure
C. |Standard
D. |Law |- |CORRECT |ANSWER✔✔-A. |Policy
Chad |is |a |security |practitioner |tasked |with |ensuring |that |the |information |on |the |organization's |
public |website |is |not |changed |by |anyone |outside |the |organization. |This |task |is |an |example |of |
ensuring |_________.
A. |Confidentiality
B. |Integrity
C. |Availability
D. |Confirmation |- |CORRECT |ANSWER✔✔-B. |Integrity
, The |city |of |Grampon |wants |to |ensure |that |all |of |its |citizens |are |protected |from |malware, |so |
the |city |council |creates |a |rule |that |anyone |caught |creating |and |launching |malware |within |the |
city |limits |will |receive |a |fine |and |go |to |jail. |What |kind |of |rule |is |this?
A. |Policy
B. |Procedure
C. |Standard
D. |Law |- |CORRECT |ANSWER✔✔-D. |Law
Zarma |is |an |(ISC)² |member |and |a |security |analyst |for |Triffid |Corporation. |One |of |Zarma's |
colleagues |is |interested |in |getting |an |(ISC)2 |certification |and |asks |Zarma |what |the |test |
questions |are |like. |What |should |Zarma |do?
A. |Inform |(ISC)2
B. |Explain |the |style |and |format |of |the |questions, |but |no |detail
C. |Inform |the |colleague's |supervisor
D. |Nothing |- |CORRECT |ANSWER✔✔-B. |Explain |the |style |and |format |of |the |questions, |but |no |
detail
Druna |is |a |security |practitioner |tasked |with |ensuring |that |laptops |are |not |stolen |from |the |
organization's |offices. |Which |sort |of |security |control |would |probably |be |best |for |this |purpose?
A. |Technical
B. |Observe
C. |Physical
D. |Administrative |- |CORRECT |ANSWER✔✔-C. |Physical
For |which |of |the |following |assets |is |integrity |probably |the |most |important |security |aspect?
A. |One |frame |of |a |streaming |video
B. |The |file |that |contains |passwords |used |to |authenticate |users
