ISC2 CC Exam ACTUAL QUESTIONS
AND CORRECT ANSWERS
If two people want to use symmetric encryption to conduct a confidential
conversation, how many keys do they need?
A. 1
B. 8
C. 3
D. None - CORRECT ANSWERS A is correct
Hoshi is an (ISC)2 member who works for the Triffid Corporation as a data
manager. Triffid needs a new firewall solution, and Hoshi is asked to
recommend a product for Triffid to acquire and implement. Hoshi's cousin
works for a firewall
vendor; that vendor happens to make the best firewall available. What should
Hoshi do?
A. Recommend the cousin's product
B. Hoshi should ask to be recused from the task
C. Disclose the relationship, but recommend the vendor/product
D. Recommend a different vendor/product - CORRECT ANSWERS C is
correct
As an IT Security professional, you are expected to perform due care. What
does this mean?
Response:
A. Continue the security practices of your company.
B. Apply patches annually.
,C. Do what is right in the situation and your job. Act on the knowledge.
D. Researching and acquiring the knowledge to do your job right. - CORRECT
ANSWERS C is correct
Handel is a senior manager at Triffid, Inc., and is in charge of implementing a
new access control scheme for the company. Handel wants to ensure that
employees transferring from one department to another, getting promoted, or
cross-training to new positions can get access to the different assets they'll need
for their new positions, in the most efficient manner. Which method should
Handel select?
A. Role-based access control (RBAC)
B. Barbed wire
C. Mandatory access control (MAC)
D. Discretionary access control (DAC) - CORRECT ANSWERS A is
correct
For which of the following assets is integrity probably the most important
security aspect?
A. The file that contains passwords used to authenticate users
B. Software that checks the spelling of product descriptions for a retail website
C. The color scheme of a marketing website
D. One frame of a streaming video - CORRECT ANSWERS A is correct
Which of the following are not typically involved in incident detection?
A. Regulators
B. Automated tools
C. Security analysts
,D. Users - CORRECT ANSWERS A is correct
Which of the following is an example of a "something you know' authentication
factor?
A. Password
B. Iris scan
C. User ID
D. Fingerprint - CORRECT ANSWERS A is correct
_________is used to ensure that configuration management activities are
effective and enforced.
A. Inventory
B. Baseline
C. Verification and audit
D. Identification - CORRECT ANSWERS C is correct
In order for a biometric security to function properly, an authorized person's
physiological data must be__________
A. Modified
B. Stored
C. Deleted
D. Broadcast - CORRECT ANSWERS B is correct
A ________is a record of something that has occurred.
A. Log
, B. Law
C. Firewall
D. Biometric - CORRECT ANSWERS A is correct
"Wiring_________ "is a common term meaning "a place where wires/conduits
are often run, and equipment can be placed, in order to facilitate the use of local
networks."
A. Shelf
B. Closet
C. House
D. Bracket - CORRECT ANSWERS B is correct
Hashing is often used to provide_________
A. Confidentiality
B. Integrity
C. Availability
D. Value - CORRECT ANSWERS B is correct
Handel is a senior manager at Triffid, Inc., and is in charge of implementing a
new access control scheme for the company. Handel wants to ensure that
employees who are assigned to new positions in the company do not retain
whatever
access they had in their old positions. Which method should Handel select?
A. Mandatory access controls (MAC)
B. Role-based access controls (RBAC)
C. Logging
AND CORRECT ANSWERS
If two people want to use symmetric encryption to conduct a confidential
conversation, how many keys do they need?
A. 1
B. 8
C. 3
D. None - CORRECT ANSWERS A is correct
Hoshi is an (ISC)2 member who works for the Triffid Corporation as a data
manager. Triffid needs a new firewall solution, and Hoshi is asked to
recommend a product for Triffid to acquire and implement. Hoshi's cousin
works for a firewall
vendor; that vendor happens to make the best firewall available. What should
Hoshi do?
A. Recommend the cousin's product
B. Hoshi should ask to be recused from the task
C. Disclose the relationship, but recommend the vendor/product
D. Recommend a different vendor/product - CORRECT ANSWERS C is
correct
As an IT Security professional, you are expected to perform due care. What
does this mean?
Response:
A. Continue the security practices of your company.
B. Apply patches annually.
,C. Do what is right in the situation and your job. Act on the knowledge.
D. Researching and acquiring the knowledge to do your job right. - CORRECT
ANSWERS C is correct
Handel is a senior manager at Triffid, Inc., and is in charge of implementing a
new access control scheme for the company. Handel wants to ensure that
employees transferring from one department to another, getting promoted, or
cross-training to new positions can get access to the different assets they'll need
for their new positions, in the most efficient manner. Which method should
Handel select?
A. Role-based access control (RBAC)
B. Barbed wire
C. Mandatory access control (MAC)
D. Discretionary access control (DAC) - CORRECT ANSWERS A is
correct
For which of the following assets is integrity probably the most important
security aspect?
A. The file that contains passwords used to authenticate users
B. Software that checks the spelling of product descriptions for a retail website
C. The color scheme of a marketing website
D. One frame of a streaming video - CORRECT ANSWERS A is correct
Which of the following are not typically involved in incident detection?
A. Regulators
B. Automated tools
C. Security analysts
,D. Users - CORRECT ANSWERS A is correct
Which of the following is an example of a "something you know' authentication
factor?
A. Password
B. Iris scan
C. User ID
D. Fingerprint - CORRECT ANSWERS A is correct
_________is used to ensure that configuration management activities are
effective and enforced.
A. Inventory
B. Baseline
C. Verification and audit
D. Identification - CORRECT ANSWERS C is correct
In order for a biometric security to function properly, an authorized person's
physiological data must be__________
A. Modified
B. Stored
C. Deleted
D. Broadcast - CORRECT ANSWERS B is correct
A ________is a record of something that has occurred.
A. Log
, B. Law
C. Firewall
D. Biometric - CORRECT ANSWERS A is correct
"Wiring_________ "is a common term meaning "a place where wires/conduits
are often run, and equipment can be placed, in order to facilitate the use of local
networks."
A. Shelf
B. Closet
C. House
D. Bracket - CORRECT ANSWERS B is correct
Hashing is often used to provide_________
A. Confidentiality
B. Integrity
C. Availability
D. Value - CORRECT ANSWERS B is correct
Handel is a senior manager at Triffid, Inc., and is in charge of implementing a
new access control scheme for the company. Handel wants to ensure that
employees who are assigned to new positions in the company do not retain
whatever
access they had in their old positions. Which method should Handel select?
A. Mandatory access controls (MAC)
B. Role-based access controls (RBAC)
C. Logging
