©SIRJOEL EXAM SOLUTIONS 2024/2025
ALL RIGHTS RESERVED.
ISC2 CC (Certified in CyberSecurity)
Practice Questions : Certification Success -
Unofficial By Certification Terminal (Part 1).
Exam Questions And Answers
4.1 In the realm of information security, what constitutes the utmost crucial element of
privacy?
A. Protecting personal information from unauthorized access or disclosure
B. Ensuring data is accurate and unchanged
C. Making sure data is always accessible when needed
D. All of the above - Answers✔A. Protecting personal information from unauthorized access or
disclosure
4.2 Choose the BEST example for a preventive control from the following:
A. A firewall
B. A backup generator
C. An intrusion detection system
1|Page
, ©SIRJOEL EXAM SOLUTIONS 2024/2025
ALL RIGHTS RESERVED.
D. An antivirus software - Answers✔A. A firewall
4.3 What distinguishes a private cloud from a public cloud?
A. A public cloud is less secure than a private cloud
B. A private cloud is more expensive than a public cloud
C. A public cloud is hosted by a third-party provider, while a private cloud is dedicated to a
single organization
D. A private cloud is only accessible from a single location - Answers✔C. A public cloud is hosted
by a third-party provider, while a private cloud is dedicated to a single organization
4.4 What security principle asserts that a user should possess only the requisite permissions to
perform a task?
A. Separation of Duties
B. Defense in Depth
C. Least Privilege
D. Privileged Accounts - Answers✔C. Least Privilege
4.5 What is the objective of implementing a security awareness and training initiative?
A. To develop technical specifications for security controls
B. To educate employees about security policies and procedures
2|Page
, ©SIRJOEL EXAM SOLUTIONS 2024/2025
ALL RIGHTS RESERVED.
C. To investigate and respond to security incidents
D. To enforce disciplinary actions for security violations - Answers✔B. To educate employees
about security policies and procedures
4.6 In your roles as a cybersecurity analyst, your supervisor tasks you with producing a
document that delineates the sequential procedure for setting up firewall rules within the
organization's network infrastructure. What specific type of document are you creating?
A. Guideline
B. Policy
C. Procedure
D. Standard - Answers✔C. Procedure
4.7 What is the term used to denote the process of eliminating or neutralizing malicious
software (malware) from a computer?
A. Firewall configuration
B. Decryption
C. Encryption
D. Malware Removal - Answers✔D. Malware Removal
4.8 What distinguishes an incident response plan from a disaster recovery plan?
3|Page
, ©SIRJOEL EXAM SOLUTIONS 2024/2025
ALL RIGHTS RESERVED.
A. An incident response plan focuses on recovering from security incidents, while a disaster
recovery plan focuses on recovering from natural disasters.
B. An incident response plan focuses on preventing security incidents, while a disaster recovery
plan focuses on mitigating the impact of natural disasters
C. An incident response plan focuses on detecting and responding to security incidents, while a
disaster recovery plan focuses on restoring IT systems and infrastructure
D. An incident response plan focuses on restoring critical systems and data, while a disaster
recovery plan focuses on restoring business operations. - Answers✔C. An incident response
plan focuses on detecting and responding to security incidents, while a disaster recovery plan
focuses on restoring IT systems and infrastructure
4.9 What is the main objective of Business Continuity (BC)?
A. To minimize expenses during unexpected events
B. To maintain operations during unexpected events
C. To maximize profits during unexpected events
D. To maintain the status quo during unexpected events - Answers✔B. To maintain operations
during unexpected even
4.10 Which of the options below is an example that does NOT represent a possible model for an
Incident Response Team (IRT)?
A. Leveraged
4|Page
ALL RIGHTS RESERVED.
ISC2 CC (Certified in CyberSecurity)
Practice Questions : Certification Success -
Unofficial By Certification Terminal (Part 1).
Exam Questions And Answers
4.1 In the realm of information security, what constitutes the utmost crucial element of
privacy?
A. Protecting personal information from unauthorized access or disclosure
B. Ensuring data is accurate and unchanged
C. Making sure data is always accessible when needed
D. All of the above - Answers✔A. Protecting personal information from unauthorized access or
disclosure
4.2 Choose the BEST example for a preventive control from the following:
A. A firewall
B. A backup generator
C. An intrusion detection system
1|Page
, ©SIRJOEL EXAM SOLUTIONS 2024/2025
ALL RIGHTS RESERVED.
D. An antivirus software - Answers✔A. A firewall
4.3 What distinguishes a private cloud from a public cloud?
A. A public cloud is less secure than a private cloud
B. A private cloud is more expensive than a public cloud
C. A public cloud is hosted by a third-party provider, while a private cloud is dedicated to a
single organization
D. A private cloud is only accessible from a single location - Answers✔C. A public cloud is hosted
by a third-party provider, while a private cloud is dedicated to a single organization
4.4 What security principle asserts that a user should possess only the requisite permissions to
perform a task?
A. Separation of Duties
B. Defense in Depth
C. Least Privilege
D. Privileged Accounts - Answers✔C. Least Privilege
4.5 What is the objective of implementing a security awareness and training initiative?
A. To develop technical specifications for security controls
B. To educate employees about security policies and procedures
2|Page
, ©SIRJOEL EXAM SOLUTIONS 2024/2025
ALL RIGHTS RESERVED.
C. To investigate and respond to security incidents
D. To enforce disciplinary actions for security violations - Answers✔B. To educate employees
about security policies and procedures
4.6 In your roles as a cybersecurity analyst, your supervisor tasks you with producing a
document that delineates the sequential procedure for setting up firewall rules within the
organization's network infrastructure. What specific type of document are you creating?
A. Guideline
B. Policy
C. Procedure
D. Standard - Answers✔C. Procedure
4.7 What is the term used to denote the process of eliminating or neutralizing malicious
software (malware) from a computer?
A. Firewall configuration
B. Decryption
C. Encryption
D. Malware Removal - Answers✔D. Malware Removal
4.8 What distinguishes an incident response plan from a disaster recovery plan?
3|Page
, ©SIRJOEL EXAM SOLUTIONS 2024/2025
ALL RIGHTS RESERVED.
A. An incident response plan focuses on recovering from security incidents, while a disaster
recovery plan focuses on recovering from natural disasters.
B. An incident response plan focuses on preventing security incidents, while a disaster recovery
plan focuses on mitigating the impact of natural disasters
C. An incident response plan focuses on detecting and responding to security incidents, while a
disaster recovery plan focuses on restoring IT systems and infrastructure
D. An incident response plan focuses on restoring critical systems and data, while a disaster
recovery plan focuses on restoring business operations. - Answers✔C. An incident response
plan focuses on detecting and responding to security incidents, while a disaster recovery plan
focuses on restoring IT systems and infrastructure
4.9 What is the main objective of Business Continuity (BC)?
A. To minimize expenses during unexpected events
B. To maintain operations during unexpected events
C. To maximize profits during unexpected events
D. To maintain the status quo during unexpected events - Answers✔B. To maintain operations
during unexpected even
4.10 Which of the options below is an example that does NOT represent a possible model for an
Incident Response Team (IRT)?
A. Leveraged
4|Page
