2
ISC2 Certified In Cybersecurity (CC) Practice Exam || || || || || || ||
Questions with accurate answers || || ||
A vendor sells a particular operating system (OS). In order to deploy the OS securely on different
|| || || || || || || || || || || || || || || || ||
platforms, the vendor publishes several sets of instructions on how to install it, depending on
|| || || || || || || || || || || || || || ||
which platform the customer is using. This is an example of ______.
|| || || || || || || || || || ||
A. Law ||
B. Procedure
||
C. Standard
||
D. Policy - ✔✔B. Procedure
|| || || ||
The city of Grampon wants to know where all its public vehicles (garbage trucks, police cars,
|| || || || || || || || || || || || || || || ||
etc.) are at all times, so the city has GPS transmitters installed in all the vehicles. What kind of
|| || || || || || || || || || || || || || || || || || ||
control is this? || ||
A. Administrative
||
B. Entrenched
||
C. Physical
||
D. Technical - ✔✔D. Technical
|| || || ||
Triffid Corporation has a rule that all employees working with sensitive hardcopy documents
|| || || || || || || || || || || || ||
must put the documents into a safe at the end of the workday, where they are locked up until the
|| || || || || || || || || || || || || || || || || || || ||
following workday. What kind of control is the process of putting the documents into the safe?
|| || || || || || || || || || || || || || ||
A. Administrative
||
B. Tangential
||
C. Physical
||
D. Technical - ✔✔A. Administrative
|| || || ||
Grampon municipal code requires that all companies that operate within city limits will have a set
|| || || || || || || || || || || || || || || ||
of processes to ensure employees are safe while working with hazardous materials. Triffid
|| || || || || || || || || || || || ||
,2
Corporation creates a checklist of activities employees must follow while working with hazardous
|| || || || || || || || || || || ||
materials inside Grampon city limits. The municipal code is a ______, and the Triffid checklist is
|| || || || || || || || || || || || || || || || ||
a ________.
||
A. Law, procedure || ||
B. Standard, law|| ||
C. Law, standard|| ||
D. Policy, standard || ||
E. Policy, law - ✔✔A. Law, procedure
|| || || || || ||
Which of the following is an example of a "something you know" authentication factor?
|| || || || || || || || || || || || ||
A. User ID || ||
B. Password ||
C. Fingerprint ||
D. Iris scan - ✔✔B. Password
|| || || || ||
Tina is an (ISC)² member and is invited to join an online group of IT security enthusiasts. After
|| || || || || || || || || || || || || || || || || ||
attending a few online sessions, Tina learns that some participants in the group are sharing
|| || || || || || || || || || || || || || ||
malware with each other, in order to use it against other organizations online. What should Tina
|| || || || || || || || || || || || || || || ||
do?
A. Nothing ||
B. Stop participating in the group
|| || || || ||
C. Report the group to law enforcement
|| || || || || ||
D. Report the group to (ISC)2 - ✔✔B. Stop participating
|| || || || || || || || ||
A bollard is a post set securely in the ground in order to prevent a vehicle from entering an area or
|| || || || || || || || || || || || || || || || || || || || ||
driving past a certain point. Bollards are an example of ______ controls.
|| || || || || || || || || || ||
A. Physical ||
B. Administrative
||
C. Drastic ||
,2
D. Technical - ✔✔A. Physical
|| || || ||
Triffid Corporation has a policy that all employees must receive security awareness instruction
|| || || || || || || || || || || || ||
before using email; the company wants to make employees aware of potential phishing attempts
|| || || || || || || || || || || || || ||
that the employees might receive via email. What kind of control is this instruction?
|| || || || || || || || || || || || ||
A. Administrative
||
B. Finite
||
C. Physical
||
D. Technical - ✔✔A. Administrative
|| || || ||
The Triffid Corporation publishes a strategic overview of the company's intent to secure all the
|| || || || || || || || || || || || || || ||
data the company possesses. This document is signed by Triffid senior management. What kind of
|| || || || || || || || || || || || || ||
document is this?
|| || ||
A. Policy
||
B. Procedure
||
C. Standard
||
D. Law - ✔✔A. Policy
|| || || ||
Chad is a security practitioner tasked with ensuring that the information on the organization's
|| || || || || || || || || || || || || ||
public website is not changed by anyone outside the organization. This task is an example of
|| || || || || || || || || || || || || || || ||
ensuring _________. ||
A. Confidentiality
||
B. Integrity
||
C. Availability
||
D. Confirmation - ✔✔B. Integrity
|| || || ||
The city of Grampon wants to ensure that all of its citizens are protected from malware, so the city
|| || || || || || || || || || || || || || || || || ||
council creates a rule that anyone caught creating and launching malware within the city limits
|| || || || || || || || || || || || || || || ||
will receive a fine and go to jail. What kind of rule is this?
|| || || || || || || || || || || || ||
A. Policy
||
, 2
B. Procedure
||
C. Standard
||
D. Law - ✔✔D. Law
|| || || ||
Zarma is an (ISC)² member and a security analyst for Triffid Corporation. One of Zarma's
|| || || || || || || || || || || || || || ||
colleagues is interested in getting an (ISC)2 certification and asks Zarma what the test questions
|| || || || || || || || || || || || || || ||
are like. What should Zarma do?
|| || || || ||
A. Inform (ISC)2
|| ||
B. Explain the style and format of the questions, but no detail
|| || || || || || || || || || ||
C. Inform the colleague's supervisor
|| || || ||
D. Nothing - ✔✔B. Explain the style and format of the questions, but no detail
|| || || || || || || || || || || || || ||
Druna is a security practitioner tasked with ensuring that laptops are not stolen from the
|| || || || || || || || || || || || || || ||
organization's offices. Which sort of security control would probably be best for this purpose? || || || || || || || || || || || || ||
A. Technical
||
B. Observe
||
C. Physical
||
D. Administrative - ✔✔C. Physical
|| || || ||
For which of the following assets is integrity probably the most important security aspect?
|| || || || || || || || || || || || ||
A. One frame of a streaming video
|| || || || || ||
B. The file that contains passwords used to authenticate users
|| || || || || || || || ||
C. The color scheme of a marketing website
|| || || || || || ||
D. Software that checks the spelling of product descriptions for a retail website - ✔✔B. The file
|| || || || || || || || || || || || || || || || ||
that contains passwords used to authenticate users
|| || || || || ||
Jengi is setting up security for a home network. Jengi decides to configure MAC address filtering
|| || || || || || || || || || || || || || || ||
on the router, so that only specific devices will be allowed to join the network. This is an example
|| || || || || || || || || || || || || || || || || || ||
of a(n)_______ control.
|| ||
ISC2 Certified In Cybersecurity (CC) Practice Exam || || || || || || ||
Questions with accurate answers || || ||
A vendor sells a particular operating system (OS). In order to deploy the OS securely on different
|| || || || || || || || || || || || || || || || ||
platforms, the vendor publishes several sets of instructions on how to install it, depending on
|| || || || || || || || || || || || || || ||
which platform the customer is using. This is an example of ______.
|| || || || || || || || || || ||
A. Law ||
B. Procedure
||
C. Standard
||
D. Policy - ✔✔B. Procedure
|| || || ||
The city of Grampon wants to know where all its public vehicles (garbage trucks, police cars,
|| || || || || || || || || || || || || || || ||
etc.) are at all times, so the city has GPS transmitters installed in all the vehicles. What kind of
|| || || || || || || || || || || || || || || || || || ||
control is this? || ||
A. Administrative
||
B. Entrenched
||
C. Physical
||
D. Technical - ✔✔D. Technical
|| || || ||
Triffid Corporation has a rule that all employees working with sensitive hardcopy documents
|| || || || || || || || || || || || ||
must put the documents into a safe at the end of the workday, where they are locked up until the
|| || || || || || || || || || || || || || || || || || || ||
following workday. What kind of control is the process of putting the documents into the safe?
|| || || || || || || || || || || || || || ||
A. Administrative
||
B. Tangential
||
C. Physical
||
D. Technical - ✔✔A. Administrative
|| || || ||
Grampon municipal code requires that all companies that operate within city limits will have a set
|| || || || || || || || || || || || || || || ||
of processes to ensure employees are safe while working with hazardous materials. Triffid
|| || || || || || || || || || || || ||
,2
Corporation creates a checklist of activities employees must follow while working with hazardous
|| || || || || || || || || || || ||
materials inside Grampon city limits. The municipal code is a ______, and the Triffid checklist is
|| || || || || || || || || || || || || || || || ||
a ________.
||
A. Law, procedure || ||
B. Standard, law|| ||
C. Law, standard|| ||
D. Policy, standard || ||
E. Policy, law - ✔✔A. Law, procedure
|| || || || || ||
Which of the following is an example of a "something you know" authentication factor?
|| || || || || || || || || || || || ||
A. User ID || ||
B. Password ||
C. Fingerprint ||
D. Iris scan - ✔✔B. Password
|| || || || ||
Tina is an (ISC)² member and is invited to join an online group of IT security enthusiasts. After
|| || || || || || || || || || || || || || || || || ||
attending a few online sessions, Tina learns that some participants in the group are sharing
|| || || || || || || || || || || || || || ||
malware with each other, in order to use it against other organizations online. What should Tina
|| || || || || || || || || || || || || || || ||
do?
A. Nothing ||
B. Stop participating in the group
|| || || || ||
C. Report the group to law enforcement
|| || || || || ||
D. Report the group to (ISC)2 - ✔✔B. Stop participating
|| || || || || || || || ||
A bollard is a post set securely in the ground in order to prevent a vehicle from entering an area or
|| || || || || || || || || || || || || || || || || || || || ||
driving past a certain point. Bollards are an example of ______ controls.
|| || || || || || || || || || ||
A. Physical ||
B. Administrative
||
C. Drastic ||
,2
D. Technical - ✔✔A. Physical
|| || || ||
Triffid Corporation has a policy that all employees must receive security awareness instruction
|| || || || || || || || || || || || ||
before using email; the company wants to make employees aware of potential phishing attempts
|| || || || || || || || || || || || || ||
that the employees might receive via email. What kind of control is this instruction?
|| || || || || || || || || || || || ||
A. Administrative
||
B. Finite
||
C. Physical
||
D. Technical - ✔✔A. Administrative
|| || || ||
The Triffid Corporation publishes a strategic overview of the company's intent to secure all the
|| || || || || || || || || || || || || || ||
data the company possesses. This document is signed by Triffid senior management. What kind of
|| || || || || || || || || || || || || ||
document is this?
|| || ||
A. Policy
||
B. Procedure
||
C. Standard
||
D. Law - ✔✔A. Policy
|| || || ||
Chad is a security practitioner tasked with ensuring that the information on the organization's
|| || || || || || || || || || || || || ||
public website is not changed by anyone outside the organization. This task is an example of
|| || || || || || || || || || || || || || || ||
ensuring _________. ||
A. Confidentiality
||
B. Integrity
||
C. Availability
||
D. Confirmation - ✔✔B. Integrity
|| || || ||
The city of Grampon wants to ensure that all of its citizens are protected from malware, so the city
|| || || || || || || || || || || || || || || || || ||
council creates a rule that anyone caught creating and launching malware within the city limits
|| || || || || || || || || || || || || || || ||
will receive a fine and go to jail. What kind of rule is this?
|| || || || || || || || || || || || ||
A. Policy
||
, 2
B. Procedure
||
C. Standard
||
D. Law - ✔✔D. Law
|| || || ||
Zarma is an (ISC)² member and a security analyst for Triffid Corporation. One of Zarma's
|| || || || || || || || || || || || || || ||
colleagues is interested in getting an (ISC)2 certification and asks Zarma what the test questions
|| || || || || || || || || || || || || || ||
are like. What should Zarma do?
|| || || || ||
A. Inform (ISC)2
|| ||
B. Explain the style and format of the questions, but no detail
|| || || || || || || || || || ||
C. Inform the colleague's supervisor
|| || || ||
D. Nothing - ✔✔B. Explain the style and format of the questions, but no detail
|| || || || || || || || || || || || || ||
Druna is a security practitioner tasked with ensuring that laptops are not stolen from the
|| || || || || || || || || || || || || || ||
organization's offices. Which sort of security control would probably be best for this purpose? || || || || || || || || || || || || ||
A. Technical
||
B. Observe
||
C. Physical
||
D. Administrative - ✔✔C. Physical
|| || || ||
For which of the following assets is integrity probably the most important security aspect?
|| || || || || || || || || || || || ||
A. One frame of a streaming video
|| || || || || ||
B. The file that contains passwords used to authenticate users
|| || || || || || || || ||
C. The color scheme of a marketing website
|| || || || || || ||
D. Software that checks the spelling of product descriptions for a retail website - ✔✔B. The file
|| || || || || || || || || || || || || || || || ||
that contains passwords used to authenticate users
|| || || || || ||
Jengi is setting up security for a home network. Jengi decides to configure MAC address filtering
|| || || || || || || || || || || || || || || ||
on the router, so that only specific devices will be allowed to join the network. This is an example
|| || || || || || || || || || || || || || || || || || ||
of a(n)_______ control.
|| ||
