(ISC)2 Certified in Cybersecurity - Exam Prep
If two people want to use symmetric encryption to conduct a confidential conversation, how many keys do they need? (D5.1, L5.1.3) A) 1 B) 3 C) 8 D) none
A) 1
Range for a Bluetooth network is what? A) 30 FT / 10 meters B) 25 FT / 8 meters C) 10 FT / 2 meters D) Unlimited
A) 30 FT / 10 meters
RJ-11 cables have how many pins? A) 6 B) 4 C) 8 D) 10
A) 6
Triffid Corporation has a policy that all employees must receive security awareness instruction before using email; the company wants to make employees aware of potential phishing attempts that the employees might receive via email. What kind of control is this instruction? (D1, L1.3.1) A) Administrative B) Finite C) Physical D) Technical
A) Administrative
Triffid Corporation has a rule that all employees working with sensitive hardcopy documents must put the documents into a safe at the end of the workday, where they are locked up until the following workday. What kind of control is the process of putting the documents into the safe? (D1, L1.3.1) A) Administrative B) Tangential C) Physical D) Technical
A) Administrative
Ludwig is a security analyst at Triffid, Inc. Ludwig notices network traffic that might indicate an attack designed to affect the availability of the environment. Which of the following might be the attack Ludwig sees? (D4.2 L4.2.1) A) DDOS (distributed denial of service) B) Spoofing C) Exfiltrating stolen data D) An insider sabotaging the power supply
A) DDOS (distributed denial of service)
During the offboarding process, administrators disable accounts and revoke authorizations at the appropriate time. What is this known as? A) Deprovisioning B) Provisioning C) Setup D) Installation
A) Deprovisioning
When data has reached the end of the retention period, it should be _____. (D5.1, L5.1.1) A) Destroyed B) Archived C) Enhanced D) Sold
A) Destroyed
A human guard monitoring a hidden camera could be considered a ______ control. (D3, L3.2.1) A) Detective B) Preventive C) Deterrent D) Logical
A) Detective
An attacker outside the organization attempts to gain access to the organization's internal files. This is an example of a(n) ______. (D2, L2.1.1) A) Intrusion B) Exploit C) Disclosure D) Publication
A) Intrusion
All of the following are typically perceived as drawbacks to biometric systems, except: (D3, L3.2.1) A) Lack of accuracy B) Potential privacy concerns C) Retention of physiological data past the point of employment D) Legality
A) Lack of accuracy
What principle states that individuals should only have the minimum set of permissions necessary to carry out their job functions? A) Least privilege B) Two person control C) Job rotation D) Separation of privileges
A) Least privilege
Tekila works for a government agency. All data in the agency is assigned a particular sensitivity level, called a "classification." Every person in the agency is assigned a "clearance" level, which determines the classification of data each person can access. What is the access control model being implemented in Tekila's agency? (D3, L3.3.1) A) MAC (mandatory access control) B) DAC (discretionary access control) C) RBAC (role-based access control) D) FAC (formal access control)
A) MAC (mandatory access control)
What are the most stringent access control types? A) Mandatory Access Control (MAC) B) Role-Based Access Control (RBAC) C) Discretionary Access Control (DAC) D) None of the above
A) Mandatory Access Control (MAC)
A system that collects transactional information and stores it in a record in order to show which users performed which actions is an example of providing ________. (D1, L1.1.1) A) Non-repudiation B) Multifactor authentication C) Biometrics D) Privacy
A) Non-repudiation
Bluetooth devices create what type of networks? A) Personal Area Networks (PANs) B) Wide Area Networks (WANs) C) Mobile Area Networks (MANs) D) Wireless Local Area Networks (WLANs)
A) Personal Area Networks (PANs)
Handel is a senior manager at Triffid, Inc., and is in charge of implementing a new access control scheme for the company. Handel wants to ensure that employees transferring from one department to another, getting promoted, or cross-training to new positions can get access to the different assets they'll need for their new positions, in the most efficient manner. Which method should Handel select? (D3, L3.3.1) A) Role-based access controls (RBAC) B) Mandatory access controls (MAC) C) Discretionary access controls (DAC) D) Barbed wire
A) Role-based access controls (RBAC)
Handel is a senior manager at Triffid, Inc., and is in charge of implementing a new access control scheme for the company. Handel wants to ensure that employees who are assigned to new positions in the company do not retain whatever access they had in their old positions. Which method should Handel select? (D3, L3.3.1) A) Role-based access controls (RBAC) B) Mandatory access controls (MAC) C) Discretionary access controls (DAC) D) Logging
A) Role-based access controls (RBAC)
How does the TCP Threeway Handshake look? A) SYN > SYN/ACK > ACK B) ACK > SYN > ACK/SYN C) SYN > ACK > SYN/ACK D) SYN/ACK > ACK > SYN
A) SYN > SYN/ACK > ACK
What is the risk associated with resuming full normal operations too soon after a DR effort? (D2, L2.3.1) A) The danger posed by the disaster might still be present B) Investors might be upset C) Regulators might disapprove D) The organization could save money
A) The danger posed by the disaster might still be present
The output of any given hashing algorithm is always _____. (D5.1, L5.1.3) A) The same length B) The same characters C) The same language D) Different for the same inputs
A) The same length
Attestation reviews formal approval documentation. A) True B) False
A) True
True or False A Emergency Workflow is when an administrator disables accounts immediately when a user is unexpectedly terminated. A) True B) False
A) True
True or False A Routine Workflow is when an administrator disables accounts on a scheduled basis for planned departures. A) True B) False
A) True
Two people must enter sensitive areas together is known as what? A) Two Person Integrity B) Two Person Control
A) Two Person Integrity
Which type of fire-suppression system is typically the safest for humans? (D4.3 L4.3.1) A) Water B) Dirt C) Oxygen-depletion D) Gaseous
A) Water
TCP is a ________________________ oriented protocol. A) connection B) connectionless C) seamless D) universal
A) connection
If two people want to use asymmetric communication to conduct a confidential conversation, how many keys do they need? (D5.1, L5.1.2) A) 1 B) 4 C) 8 D) 11
B) 4
Carol is browsing the Web. Which of the following ports is she probably using? (D4, L4.1.2) A) 12 B) 80 C) 247 D) 999
B) 80
Which of the following is probably most useful at the perimeter of a property? (D3, L3.2.1) A) A safe B) A fence C) A data center D) A centralized log storage facility
B) A fence
A tool that monitors local devices to reduce potential threats from hostile software. (D4.2 L4.2.3) A) NIDS (network-based intrusion-detection systems) B) Anti-malware C) DLP (data loss prevention) D) Firewall
B) Anti-malware
In risk management concepts, a(n) _________ is something a security practitioner might need to protect. (D1, L1.2.1) A) Vulnerability B) Asset C) Threat D) Likelihood
B) Asset
What type of physical security control should always be disclosed to visitors when used? A) Fences B) Cameras C) Intrusion alarms D) Security guards
B) Cameras
The section of the IT environment that is closest to the external world; where we locate IT systems that communicate with the Internet. (D4.3 L4.3.3) A) VLAN B) DMZ C) MAC D) RBAC
B) DMZ
Zarma is an (ISC)² member and a security analyst for Triffid Corporation. One of Zarma's colleagues is interested in getting an (ISC)2 certification and asks Zarma what the test questions are like. What should Zarma do? (D1, L1.5.1) A) Inform (ISC)² B) Explain the style and format of the questions, but no detail C) Inform the colleague's supervisor D) Nothing
B) Explain the style and format of the questions, but no detail
True or False? Business continuity planning is a reactive procedure that restores business operations after a disruption occurs. A) True B) False
B) False
True or False Authentication determines what an authorized user can do. A) True B) False
B) False Correct Answer: Authorization determines what an authenticated user can do.
Visitors to a secure facility need to be controlled. Controls useful for managing visitors include all of the following except: (D3, L3.2.1) A) Sign-in sheet/tracking log B) Fence C) Badges that differ from employee badges D) Receptionist
B) Fence
Glen is an (ISC)² member. Glen receives an email from a company offering a set of answers for an (ISC)² certification exam. What should Glen do? (D1, L1.5.1) A) Nothing B) Inform (ISC)² C) Inform law enforcement D) Inform Glen's employer
B) Inform (ISC)²
Which common cloud service model offers the customer the most control of the cloud environment? (D4.3 L4.3.2) A) Lunch as a service (LaaS) B) Infrastructure as a service (IaaS) C) Platform as a service (PaaS) D) Software as a service (SaaS)
B) Infrastructure as a service (IaaS)
The logical address of a device connected to the network or Internet. (D4.1 L4.1.1) A) Media access control (MAC) address B) Internet Protocol (IP) address C) Geophysical address D) Terminal address
B) Internet Protocol (IP) address
Which of the following would be best placed in the DMZ of an IT environment? (D4.3 L4.3.3) A) User's workplace laptop B) Mail server C) Database engine D) SIEM log storage
B) Mail server
Cyril wants to ensure all the devices on his company's internal IT environment are properly synchronized. Which of the following protocols would aid in this effort? (D4, L4.1.2) A) FTP (File Transfer Protocol) B) NTP (Network Time Protocol) C) SMTP (Simple Mail Transfer Protocol) D) HTTP (Hypertext Transfer Protocol)
B) NTP (Network Time Protocol)
Siobhan is an (ISC)² member who works for Triffid Corporation as a security analyst. Yesterday, Siobhan got a parking ticket while shopping after work. What should Siobhan do? (D1, L1.5.1) A) Inform (ISC)² B) Pay the parking ticket C) Inform supervisors at Triffid D) Resign employment from Triffid
B) Pay the parking ticket
The senior leadership of Triffid Corporation decides that the best way to minimize liability for the company is to demonstrate the company's commitment to adopting best practices recognized throughout the industry. Triffid management issues a document that explains that Triffid will follow the best practices published by SANS, an industry body that addresses computer and information security. The Triffid document is a ______, and the SANS documents are ________. (D1, L1.4.2) A) Law, policy B) Policy, standard C) Policy, law D) Procedure, procedure
B) Policy, standard
By far, the most crucial element of any security instruction program. (D5.4, L5.4.1) A) Protect assets B) Preserve health and human safety C) Ensure availability of IT systems D) Preserve shareholder value
B) Preserve health and human safety
The Triffid Corporation publishes a policy that states all personnel will act in a manner that protects health and human safety. The security office is tasked with writing a detailed set of processes on how employees should wear protective gear such as hardhats and gloves when in hazardous areas. This detailed set of processes is a _________. (D1, L1.4.1) A) Policy B) Procedure C) Standard D) Law
B) Procedure
After onboarding, administrators create authentication credentials and grant appropriate authorization. What is this known as? A) Deprovisioning B) Provisioning C) Setup D) Installation
B) Provisioning
What is the goal of an incident response effort? (D2, L2.1.1) A) No incidents ever happen B) Reduce the impact of incidents on operations C) Punish wrongdoers D) Save money
B) Reduce the impact of incidents on operations
What is the overall objective of a disaster recovery (DR) effort? (D2, L2.3.1) A) Save money B) Return to normal, full operations C) Preserve critical business functions during a disaster D) Enhance public perception of the organization
B) Return to normal, full operations
What access control type grants permissions to groups of people? A) Mandatory Access Control (MAC) B) Role-Based Access Control (RBAC) C) Discretionary Access Control (DAC) D) None of the above
B) Role-Based Access Control (RBAC)
Proper alignment of security policy and business goals within the organization is important because: (D5.3, L5.3.1) A) Security should always be as strict as possible B) Security policy that conflicts with business goals can inhibit productivity C) Bad security policy can be illegal D) Security is more important than business
B) Security policy that conflicts with business goals can inhibit productivity
Trina is a security practitioner at Triffid, Inc. Trina has been tasked with selecting a new product to serve as a security control in the environment. After doing some research, Trina selects a particular product. Before that product can be purchased, a manager must review Trina's selection and determine whether to approve the purchase. This is a description of: (D3, L3.1.1) A) Two-person integrity B) Segregation of duties C) Software D) Defense in depth
B) Segregation of duties
Tina is an (ISC)² member and is invited to join an online group of IT security enthusiasts. After attending a few online sessions, Tina learns that some participants in the group are sharing malware with each other, in order to use it against other organizations online. What should Tina do? (D1, L1.5.1) A) Nothing B) Stop participating in the group C) Report the group to law enforcement D) Report the group to (ISC)²
B) Stop participating in the group
In order for a biometric security to function properly, an authorized person's physiological data must be ______. (D3, L3.2.1) A) Broadcast B) Stored C) Deleted D) Modified
B) Stored
When Pritha started working for Triffid, Inc., Pritha had to sign a policy that described how Pritha would be allowed to use Triffid's IT equipment. What policy was this? (D5.3, L5.3.1) A) The organizational security policy B) The acceptable use policy (AUP) C) The bring-your-own-device (BYOD) policy D) The workplace attire policy
B) The acceptable use policy (AUP)
In risk management concepts, a(n) ___________ is something or someone that poses risk to an organization or asset. (D1, L1.2.1) A) Fear B) Threat C) Control D) Asset
B) Threat
Two people must jointly approve sensitive actions is known as what? A) Two Person Integrity B) Two Person Control
B) Two Person Control
Triffid, Inc., has deployed anti-malware solutions across its internal IT environment. What is an additional task necessary to ensure this control will function properly? (D4.2 L4.2.3) A) Pay all employees a bonus for allowing anti-malware solutions to be run on their systems B) Update the anti-malware solution regularly C) Install a monitoring solution to check the anti-malware solution D) Alert the public that this protective measure has been taken
B) Update the anti-malware solution regularly
Local Area Networks (LAN) are connected to what? A) WiFI B) WAN C) TAN D) MAN
B) WAN
RJ-45 (Ethernet Cables) connectors have how many pins? A) 6 B) 4 C) 8 D) 10
C) 8
Of the following, which would probably not be considered a threat? (D1, L1.2.1) A) Natural disaster B) Unintentional damage to the system caused by a user C) A laptop with sensitive data on it D) An external attacker trying to gain unauthorized access to the environment
C) A laptop with sensitive data on it
Data retention periods apply to ____ data. (D5.1, L5.1.1) A) Medical B) Sensitive C) All D) Secret
C) All
Trina and Doug both work at Triffid, Inc. Doug is having trouble logging into the network. Trina offers to log in for Doug, using Trina's credentials, so that Doug can get some work done. What is the problem with this? (D3, L3.3.1) A) Doug is a bad person B) If Trina logs in for Doug, then Doug will never be encouraged to remember credentials without assistance C) Anything either of them do will be attributed to Trina D) It is against the law
C) Anything either of them do will be attributed to Trina
What set of principles uses the built environment to improve security? A) CSA B) NSA C) CPTED D) NIST
C) CPTED
At Parvi's place of work, the perimeter of the property is surrounded by a fence; there is a gate with a guard at the entrance. All inner doors only admit personnel with badges, and cameras monitor the hallways. Sensitive data and media are kept in safes when not in use. (D3, L3.1.1) A) Two-person integrity B) Segregation of duties C) Defense in depth D) Penetration testing
C) Defense in depth
What are access control system is flexible and is determined by file owners? (This access control is most common) A) Mandatory Access Control (MAC) B) Role-Based Access Control (RBAC) C) Discretionary Access Control (DAC) D) None of the above
C) Discretionary Access Control (DAC)
_____________ alerts when a device leaves defined boundaries. A) NIDS B) Firewalls C) Geofencing D) Routers
C) Geofencing
_____________ adds user location information to logs. A) Caching B) Hashing C) Geotagging D) Stickies
C) Geotagging
Aphrodite is a member of (ISC)² and a data analyst for Triffid Corporation. While Aphrodite is reviewing user log data, Aphrodite discovers that another Triffid employee is violating the acceptable use policy and watching streaming videos during work hours. What should Aphrodite do? (D1, L1.5.1) A) Inform (ISC)² B) Inform law enforcement C) Inform Triffid management D) Nothing
C) Inform Triffid management
Kerpak works in the security office of a medium-sized entertainment company. Kerpak is asked to assess a particular threat, and he suggests that the best way to counter this threat would be to purchase and implement a particular security solution. This is an example of _______. (D1, L1.2.2) A) Acceptance B) Avoidance C) Mitigation D) Transference
C) Mitigation
Gary is an attacker. Gary is able to get access to the communication wire between Dauphine's machine and Linda's machine and can then surveil the traffic between the two when they're communicating. What kind of attack is this? (D4.2 L4.2.1) A) Side channel B) DDOS C) On-path D) Physical
C) On-path
Data _____ is data left behind on systems/media after normal deletion procedures have been attempted. (D5.1, L5.1.1) A) Fragments B) Packets C) Remanence D) Residue
C) Remanence
Document specific requirements that a customer has about any aspect of a vendor's service performance. A) DLR B) Contract C) SLR D) NDA
C) SLR (Service-Level Requirements)
Who dictates policy? (D5.3, L5.3.1) A) The security manager B) The Human Resources office C) Senior management D) Auditors
C) Senior management
A device typically accessed by multiple users, often intended for a single purpose, such as managing email or web pages. (D4.1 L4.1.1) A) Router B) Switch C) Server D) Laptop
C) Server
The Payment Card Industry (PCI) Council is a committee made up of representatives from major credit card providers (Visa, Mastercard, American Express) in the United States. The PCI Council issues rules that merchants must follow if the merchants choose to accept payment via credit card. These rules describe best practices for securing credit card processing technology, activities for securing credit card information, and how to protect customers' personal data. This set of rules is a _____. (D1, L1.4.2) A) Law B) Policy C) Standard D) Procedure
C) Standard
Which of the following activities is usually part of the configuration management process, but is also extremely helpful in countering potential attacks? (D4.2 L4.2.3) A) Annual budgeting B) Conferences with senior leadership C) Updating and patching systems D) The annual shareholders' meeting
C) Updating and patching systems
When should a business continuity plan (BCP) be activated? (D2, L2.2.1) A) As soon as possible B) At the very beginning of a disaster C) When senior management decides D) When instructed to do so by regulators
C) When senior management decides
Which of the following is a biometric access control mechanism? (D3, L3.2.1) A) A badge reader B) A copper key C) A fence with razor tape on it D) A door locked by a voiceprint identifier
D) A door locked by a voiceprint identifier
Which of the following is an example of a "something you are" authentication factor? (D1, L1.1.1) A) A credit card presented to a cash machine B) Your password and PIN C) A user ID D) A photograph of your face
D) A photograph of your face
Security needs to be provided to ____ data. (D5.1, L5.1.1) A) Restricted B) Illegal C) Private D) All
D) All
Which of these is the most important reason to conduct security instruction for all employees. (D5.4, L5.4.1) A) Reduce liability B) Provide due diligence C) It is a moral imperative D) An informed user is a more secure user
D) An informed user is a more secure user
What type of lock always requires entering a code to enter the facility? A) Magnetic stripe card lock B) Proximity card lock C) Biometric lock D) Cipher lock
D) Cipher lock
Larry and Fern both work in the data center. In order to enter the data center to begin their workday, they must both present their own keys (which are different) to the key reader, before the door to the data center opens. Which security concept is being applied in this situation? (D3, L3.1.1) A) Defense in depth B) Segregation of duties C) Least privilege D) Dual control
D) Dual control
A device that filters network traffic in order to enhance overall security/performance. (D4.1 L4.1.1) A) Endpoint B) Laptop C) MAC (media access control) D) Firewall
D) Firewall
A tool that filters inbound traffic to reduce potential threats. (D4.2 L4.2.3) A) NIDS (network-based intrusion-detection systems) B) Anti-malware C) DLP (data loss prevention) D) Firewall
D) Firewall
Network traffic originating from outside the organization might be admitted to the internal IT environment or blocked at the perimeter by a ________. (D3, L3.2.1) A) Turnstile B) Fence C) Vacuum D) Firewall
D) Firewall
Which of the following is not a typical benefit of cloud computing services? (D4.3 L4.3.2) A) Reduced cost of ownership/investment B) Metered usage C) Scalability D) Freedom from legal constraints
D) Freedom from legal constraints
Gary is unable to log in to the production environment. Gary tries three times and is then locked out of trying again for one hour. Why? (D3, L3.3.1) A) Gary is being punished B) The network is tired C) Users remember their credentials if they are given time to think about it D) Gary's actions look like an attack
D) Gary's actions look like an attack
Which of the following statements is true? (D3, L3.3.1) A) Logical access controls can protect the IT environment perfectly; there is no reason to deploy any other controls B) Physical access controls can protect the IT environment perfectly; there is no reason to deploy any other controls C) Administrative access controls can protect the IT environment perfectly; there is no reason to deploy any other controls D) It is best to use a blend of controls in order to provide optimum security
D) It is best to use a blend of controls in order to provide optimum security
The city of Grampon wants to ensure that all of its citizens are protected from malware, so the city council creates a rule that anyone caught creating and launching malware within the city limits will receive a fine and go to jail. What kind of rule is this? (D1, L1.4.1) A) Policy B) Procedure C) Standard D) Law
D) Law
Prachi works as a database administrator for Triffid, Inc. Prachi is allowed to add or delete users, but is not allowed to read or modify the data in the database itself. When Prachis logs onto the system, an access control list (ACL) checks to determine which permissions Prachi has. Which security concept is being applied in this situation? (D3, L3.1.1) A) Defense in depth B) Layered defense C) Two-person integrity D) Least privilege
D) Least privilege
A VLAN is a _____ method of segmenting networks. (D4.3 L4.3.3) A) Secret B) Physical C) Regulated D) Logical
D) Logical
For which of the following systems would the security concept of availability probably be most important? (D1, L1.1.1) A) Medical systems that store patient data B) Retail records of past transactions C) Online streaming of camera feeds that display historical works of art in museums around the world D) Medical systems that monitor patient condition in an intensive care unit
D) Medical systems that monitor patient condition in an intensive care unit
What is the most important goal of a business continuity effort? (D2, L2.2.1) A) Ensure all IT systems function during a potential interruption B) Ensure all business activities are preserved during a potential disaster C) Ensure the organization survives a disaster D) Preserve health and human safety
D) Preserve health and human safety
An organization must always be prepared to ______ when applying a patch. (D5.2, L5.2.1) A) Pay for the updated content B) Buy a new system C) Settle lawsuits D) Rollback
D) Rollback
A tool that aggregates log data from multiple sources, and typically analyzes it and reports potential threats. (D4.2 L4.2.2) A) HIDS B) Anti-malware C) Router D) SIEM
D) SIEM
A software firewall is an application that runs on a device and prevents specific types of traffic from entering that device. This is a type of ________ control. (D1, L1.3.1) A) Physical B) Administrative C) Passive D) Technical
D) Technical
What are RJ-11 cables used for? A) Computers B) Monitors C) Printers D) Telephone connections
D) Telephone connections