2
ISC2 CC Exam Domain 2 questions with accurate detailed
|| || || || || || || || ||
solutions
Breach - ✔✔occurrence where a person other than the authorized user accesses PII or an
|| || || || || || || || || || || || || || ||
authorized person accesses the info for an unauthorized purpose || || || || || || || ||
event - ✔✔any observable occurrence in a net work or system
|| || || || || || || || || ||
exploit - ✔✔A particular attack. It is named this way because these attacks exploit system
|| || || || || || || || || || || || || || ||
vulnerabilities.
incident - ✔✔An event that actually or potentially jeopardizes the confidentiality, integrity or
|| || || || || || || || || || || || ||
availability of an information system or the information the system processes, stores or transmits.
|| || || || || || || || || || || || ||
intrusion - ✔✔A security event, or combination of security events, that constitutes a security
|| || || || || || || || || || || || || ||
incident in which an intruder gains, or attempts to gain, access to a system or system resource
|| || || || || || || || || || || || || || || || ||
without authorization. ||
threat - ✔✔circumstance or event with the potential to adversely impact org operations, assets,
|| || || || || || || || || || || || || ||
individuals, other orgs, or the nation through an info system via unauthorized access, destruction,
|| || || || || || || || || || || || || ||
disclosure, modification of information and/or DoS || || || || ||
vulnerability - ✔✔weakness in an info system, system security procedures, internal controls, or
|| || || || || || || || || || || || ||
implementation that could be exploited by a threat source || || || || || || || ||
Zero Source - ✔✔a previously unknown system vulnerability with the potential of exploitation
|| || || || || || || || || || || || ||
without risk of detection or prevention because it does not, in general, fit recognized patterns,
|| || || || || || || || || || || || || || ||
signatures, or methods. || ||
The goal of incident response - ✔✔protect life, health, society
|| || || || || || || || ||
, 2
choose safety first when choosing priorities
|| || || || ||
goal of incident management - ✔✔to be prepared for a crisis
|| || || || || || || || || ||
incident response plan is aimed at - ✔✔reducing impact of an incident so org can resume
|| || || || || || || || || || || || || || || ||
interrupted operations ASAP || ||
Business continuity planning (BCP) - ✔✔proactive development of procedures and controls to
|| || || || || || || || || || || ||
restore business operations after a significant disruption to the org whether natural or man made
|| || || || || || || || || || || || || ||
BCP also known as - ✔✔COOP Continuity of Operations Planning
|| || || || || || || || ||
BCP directly impacts which goal of information security - ✔✔availability
|| || || || || || || || ||
who helps create BCP - ✔✔members across the org to ensure everything is accounted for
|| || || || || || || || || || || || || ||
components of a comprehensive BCP - ✔✔- List of BCP team members (contact methods,
|| || || || || || || || || || || || || ||
backup members) ||
- Guidance for management (designation of authority)
|| || || || || ||
- Immediate response procedures (security + safety, fire suppression, emergency response
|| || || || || || || || || || ||
agencies)
- Notification system and call trees (for alerting personnel)
|| || || || || || || ||
- How/When to enact BCP
|| || || ||
- Contact numbers for critical members of the supply chain (vendors, customers, emergency
|| || || || || || || || || || || || ||
providers)
Business Impact Assessment (BIA) - ✔✔- A risk assessment that uses a quantitative or
|| || || || || || || || || || || || || ||
qualitative process ||
ISC2 CC Exam Domain 2 questions with accurate detailed
|| || || || || || || || ||
solutions
Breach - ✔✔occurrence where a person other than the authorized user accesses PII or an
|| || || || || || || || || || || || || || ||
authorized person accesses the info for an unauthorized purpose || || || || || || || ||
event - ✔✔any observable occurrence in a net work or system
|| || || || || || || || || ||
exploit - ✔✔A particular attack. It is named this way because these attacks exploit system
|| || || || || || || || || || || || || || ||
vulnerabilities.
incident - ✔✔An event that actually or potentially jeopardizes the confidentiality, integrity or
|| || || || || || || || || || || || ||
availability of an information system or the information the system processes, stores or transmits.
|| || || || || || || || || || || || ||
intrusion - ✔✔A security event, or combination of security events, that constitutes a security
|| || || || || || || || || || || || || ||
incident in which an intruder gains, or attempts to gain, access to a system or system resource
|| || || || || || || || || || || || || || || || ||
without authorization. ||
threat - ✔✔circumstance or event with the potential to adversely impact org operations, assets,
|| || || || || || || || || || || || || ||
individuals, other orgs, or the nation through an info system via unauthorized access, destruction,
|| || || || || || || || || || || || || ||
disclosure, modification of information and/or DoS || || || || ||
vulnerability - ✔✔weakness in an info system, system security procedures, internal controls, or
|| || || || || || || || || || || || ||
implementation that could be exploited by a threat source || || || || || || || ||
Zero Source - ✔✔a previously unknown system vulnerability with the potential of exploitation
|| || || || || || || || || || || || ||
without risk of detection or prevention because it does not, in general, fit recognized patterns,
|| || || || || || || || || || || || || || ||
signatures, or methods. || ||
The goal of incident response - ✔✔protect life, health, society
|| || || || || || || || ||
, 2
choose safety first when choosing priorities
|| || || || ||
goal of incident management - ✔✔to be prepared for a crisis
|| || || || || || || || || ||
incident response plan is aimed at - ✔✔reducing impact of an incident so org can resume
|| || || || || || || || || || || || || || || ||
interrupted operations ASAP || ||
Business continuity planning (BCP) - ✔✔proactive development of procedures and controls to
|| || || || || || || || || || || ||
restore business operations after a significant disruption to the org whether natural or man made
|| || || || || || || || || || || || || ||
BCP also known as - ✔✔COOP Continuity of Operations Planning
|| || || || || || || || ||
BCP directly impacts which goal of information security - ✔✔availability
|| || || || || || || || ||
who helps create BCP - ✔✔members across the org to ensure everything is accounted for
|| || || || || || || || || || || || || ||
components of a comprehensive BCP - ✔✔- List of BCP team members (contact methods,
|| || || || || || || || || || || || || ||
backup members) ||
- Guidance for management (designation of authority)
|| || || || || ||
- Immediate response procedures (security + safety, fire suppression, emergency response
|| || || || || || || || || || ||
agencies)
- Notification system and call trees (for alerting personnel)
|| || || || || || || ||
- How/When to enact BCP
|| || || ||
- Contact numbers for critical members of the supply chain (vendors, customers, emergency
|| || || || || || || || || || || || ||
providers)
Business Impact Assessment (BIA) - ✔✔- A risk assessment that uses a quantitative or
|| || || || || || || || || || || || || ||
qualitative process ||
