Udemy ISC2 Test 4
A
Which of the following documents establishes context and sets out strategic direction and priorities? A. Policies B. Procedures C. Regulations D. Standards
A
Which of the following is an example of a measure to protect confidentiality? A. Access controls and encryption B. Routers and VLANs (Virtual Local Area Network) C. Digital signatures and checksums D. Backup systems and fault tolerance
B
Which of the following is an example of a threat actor? A. A phishing email B. A nation-state-sponsored hacking group C. A denial-of-service attack D. A software vulnerability
A
Which of the following is an example of a threat vector? A. A phishing email that tricks users into revealing their passwords B. A criminal hacking group targeting a specific organization C. A natural disaster that could damage a data center D. A software bug that allows unauthorized access to a system
A
Which of the following is not a physical control? A. Stop Sign in a Parking Lot B. Bollards C. Turnstile D. Door lock
B
Which technology is BEST for port-based authentication to ensure that network clients authenticate before use? A. 802.3 B. 802.1x C. 802.15.1 D. 802.11g
B
Which type of token-based authentication generates codes at fixed intervals without a server challenge? A. Asynchronous B. Synchronous C. RFID D. Smart card
B
A security analyst discovers a vulnerability in a client's system but decides to withhold the information, fearing negative publicity for the client. Which ISC2 Code of Ethics Canon has the analyst potentially violated? A. Act honorably, honestly, justly, responsibly, and legally B. Provide diligent and competent service to principals C. Advance and protect the profession D. Protect society, the common good, necessary public trust and confidence, and the infrastructure
A
Alice and Bob are good friends and want to exchange messages securely. Alice receives a message from Bob. What key does Alice use to decrypt the encrypted message she received? A. Alice's private key B. Alice's public key C. Bob's public key D. Bob's private key
A
An organization wants to decrease the number of help desk cases related to password changes. What measure can the organization take? (★) A. Self-service password reset B. Passphrases C. Biometric authentication D. Two-factor authentication
B
Defense in depth is a strategy that ...: A. ...emphasizes physical security over digital security B. ...that employs multiple layers of security measures for comprehensive protection C. ...relies on a single layer of security measures for protection D. ...that focuses on incident response rather than prevention
D
Digital signatures PRIMARILY rely on which cryptographic technique? A. Stream ciphers B. Hash functions C. Symmetric-key cryptography D. Asymmetric-key cryptography
B
During which phase of the incident response process would be most appropriate to implement long-term fixes to prevent similar incidents in the future? A. Detection B. Recovery C. Analysis D. Mitigation
D
How does a Business Impact Analysis (BIA) contribute to the disaster recovery planning process? A. By avoiding the consideration of potential impacts on the organization B. By focusing solely on preventing disasters from occurring C. By disregarding the need for a coordinated response to a disaster D. By identifying the critical systems and processes that must be prioritized
A
How does encryption contribute to system hardening? (★) A. By protecting data at rest and in transit from unauthorized access B. By managing user permissions and access controls C. By reducing the attack surface of the system D. By implementing strong password policies
B
In an organization, which document provides step-by-step guidance in implementing a security measure? A. Policies B. Procedures C. Regulations D. Standards
A
In the context of physical access controls, what is the purpose of implementing a mantrap? A. To prevent tailgating B. To provide a comfortable waiting area for visitors C. To enable unrestricted access to secure areas D. To eliminate the need for security personnel
C
In the context of risk management, what is the purpose of risk mitigation? A. To avoid the need for a risk management process B. To focus solely on reactive measures C. To implement controls and countermeasures that reduce the likelihood or impact of identified risks D. To disregard potential risks and their impacts
B
In the context of the CIA Triad, which of the following security controls would primarily enhance data availability? (★) A. Encrypting data at rest and in transit B. Regularly backing up data and using redundant systems C. Monitoring network traffic for signs of intrusion D. Implementing two-factor authentication
D
In the context of the risk management process, what does the term 'residual risk' refer to? A. The risks that are considered irrelevant or insignificant B. The total elimination of risk within an organization C. The risk associated with an organization's assets before any controls are implemented D. The risk that remains after all possible controls and countermeasures have been applied
D
In the risk management process, which of the following best describes the concept of 'risk acceptance'? A. Implementing controls and countermeasures to eliminate all risks B. Avoiding the need for a risk management process C. Ignoring potential risks and their impacts D. Acknowledging that certain risks are too costly or impractical to mitigate and accepting the potential consequences
D
To ensure cybersecurity practices remain effective, which documents should be regularly updated and reviewed? A. Procedures B. Standards C. Regulations D. Policies
B
To which OSI layer does a MAC address belong to? A. The Application layer B. The Data Link layer C. The Session layer D. The Physical layer
A
What access control model allows the owner of a file to grant access to others via an access control list? A. Discretionary B. Rule based C. Role based D. Non discretionary
A
What access control problems arise if during an audit it is found that an IT manager retains permission access to shared folders from his previous company roles? (★) A. Privilege creep B. Excessive provisioning C. Unauthorized access D. Account review
D
What attribute is NOT associated with a hashing algorithm? A. It is difficult to find two messages with the same hash value B. They are irreversible C. They take variable-length input D. A cryptographic key is required
C
What is created when permissions are listed for individual users on a Unix file system? A. An access control list B. Role-based access control C. An access control entry D. Mandatory access control
D
What is the PRIMARY benefit of incorporating real-life examples and scenarios into security awareness training? A. To reduce the overall security posture of the organization B. To encourage employees to share sensitive information with unauthorized individuals C. To demonstrate that security threats are not a concern for the organization D. To make the training more engaging and help employees better understand the practical implications of security best practices
D
What is the PRIMARY difference between a threat and a vulnerability? A. A threat is a type of attacker, while a vulnerability is an attack method B. A threat is an attack method, while a vulnerability is a type of threat actor C. A threat is a weakness in a system, while a vulnerability is a potential source of harm D. A threat is a potential source of harm, while a vulnerability is a weakness in a system
B
What is the PRIMARY goal of a Disaster Recovery Plan (DRP)? A. Maintaining critical business functions during a disruption B. Restoring the business to full last-known reliable operations C. Ensuring the sustainability of business operations after an interruption D. Guiding emergency response personnel during a disaster
B
What is the PRIMARY identity and access management function you use when providing a user ID and password? A. Authorization B. Authentication C. Login D. Validation
D
What is the PRIMARY objective of baselines? A. To identify potential threats B. To monitor and detect security events C. To protect data from unauthorized access D. To establish a minimum level of protection that can be used as a reference point
C
What is the PRIMARY problem typically associated with decentralized access control? A. Potential for access interruptions B. Training expenses are elevated C. Inconsistent control D. Control is excessively detailed
C
What is the PRIMARY purpose of a firewall? A. To correctly identify legitimate users B. To detect threats C. To stop or block attacks D. To prevent malicious software
B
What is the PRIMARY purpose of a forensic investigation during the analysis phase of an incident response? A. To identify the attacker and their motivation B. To collect evidence and maintain its chain of custody for potential legal proceedings C. To update the risk registry and minimize the impact of an incident D. To document lessons learned and develop an incident response plan
B
What is the PRIMARY purpose of a password policy? A. To ensure users have a unique password for every system B. To enforce the use of strong, complex passwords and periodic password changes C. To allow users to share passwords for convenience D. To require users to write down their passwords for easy retrieval
A
What is the PRIMARY purpose of implementing role-based access control (RBAC)? A. To grant users access to resources based on their job responsibilities B. To prevent unauthorized physical access to facilities C. To monitor user activity within a network D. To provide an additional layer of security through encryption
C
What is the PRIMARY purpose of using a mantrap in physical access control? A. To serve as a secondary authentication method B. To allow multiple people to enter a secured area simultaneously C. To prevent tailgating or piggybacking D. To monitor employee activity
B
What is the PRIMARY purpose of using an intrusion detection and prevention system? A. To stop malicious code B. To detect and block malicious attacks C. To detect attempts to connect to a system D. To prevent existing threats
B
What is the cloud computing model where customers share computing infrastructure without knowing each other's identity? A. Shared cloud B. Public cloud C. Community cloud D. Private cloud
D
What is the main difference between symmetric and asymmetric encryption? A. A symmetric encryption is commonly more secure than asymmetric encryption B. Asymmetric encryption uses the same key for encryption and decryption, while asymmetric encryption uses the same keys for encryption and decryption C. A symmetric encryption is slower than asymmetric encryption D. Symmetric encryption uses the same key for encryption and decryption, while asymmetric encryption uses different keys for encryption and decryption
B
What is the primary goal of an Advanced Persistent Threat (APT) attack? A. To disrupt network services and cause downtime B. To gain unauthorized access to sensitive data and maintain a long-term presence in the target network C. To spread quickly and infect as many systems as possible D. To exploit vulnerabilities in web applications for financial gain
D
What is the primary goal of the Health Insurance Portability and Accountability Act (HIPAA)? A. To protect consumers' financial data B. To regulate the security of credit card transactions C. To standardize data protection measures across countries D. To ensure the security and privacy of patients' health information
D
What is the primary objective of a Business Continuity Plan (BCP) in the context of incident response, business continuity, and disaster recovery concepts? A. To avoid implementing any recovery strategies B. To disregard the need for a coordinated response to a major incident C. To focus solely on preventing incidents from occurring D. To ensure the organization can continue to operate during and after a disaster or major incident
A
What is the recommended appropriate frequency for testing an organization's Business Continuity Plan (BCP)? A. According to business needs and requirements B. Every six months C. Annually D. Every five year
B
What is the situation that occurs when a user accumulates system privileges that exceed the requirements of the user's job? A. Least privilege B. Privilege creep C. Excessive privileges D. Rights collision
D
What is the term for the GDPR requirement allowing individuals to request the termination of their data dissemination? (★) A. The right of data portability B. The right to access C. Privacy by design D. The right to be forgotten
C
What is the term for the random value added to a password to prevent rainbow table attacks? (★) A. Hash B. Extender C. Salt D. MD5
D
What network security device allows remote users to securely connect to a private network over the public Internet by encrypting their communications? A. Proxy Server B. Intrusion Detection System (IDS) C. Firewall D. Virtual Private Network (VPN)
A
What network security device filters incoming and outgoing network traffic based on predefined rules and is designed to prevent unauthorized access to or from a protected network? A. Firewall B. Proxy Server C. Intrusion Prevention System (IPS) D. Virtual Private Network (VPN) Gateway
C
What security principle can help detect fraudulent behavior, such as employees transferring funds to their personal accounts? A. Least privilege B. Zero Trust C. Mandatory vacation D. Separation of duties
B
What technology is used to ensure authorized software is used within an organization? (★) A. Configuration management B. Allow list C. Greylisting D. Deny list
D
What technology prioritizes critical network traffic over browsing and social media? (★) A. TLS B. VLANs C. VPN D. QoS
B
What term is used to describe phishing attacks that specifically target company administrators? A. Shark attacks B. Whaling attacks C. Barracuda attacks D. Piranha attacks
B
What type of attack attempts to misdirect legitimate users to malicious websites by abusing URLs or hyperlinks in emails? A. Spoofing B. Phishing C. Denial-of-Service (DoS) D. Trojan
C
What type of authentication factor is voice pattern recognition? A. Somewhere you are B. Something you know C. Something you are D. Something you have
D
What type of factor is a callback to a mobile phone? A. Somewhere you are B. Something you know C. Something you are D. Something you have
A
What type of malware is designed to replicate itself and spread to other devices without any user intervention? A. Worm B. Ransomware C. Trojan D. Virus
D
What type of network attack involves an attacker creating a malicious email that appears to come from a legitimate source to trick recipients into revealing sensitive information or downloading malware? A. Distributed Denial-of-Service Attack B. Man-in-the-Middle Attack C. Cross-Site Scripting Attack D. Spear Phishing Attack
D
What type of physical access control mechanism involves the use of electronic cards or key fobs that contain unique identifying information? A. Mechanical locks and keys B. Tailgating prevention C. Biometric access control D. Electronic access control
D
When developing a banking website, what is the advised method to confirm user identities? A. Requiring password and pin code B. Requiring password and username C. Requiring password and personal answers D. Requiring password and sms token
B
Which ISC2 code of ethics canons is being enacted when an employee refuses a bribe from a vendor to recommend their product and reports the incident? A. Provide diligent and competent service to principals B. Act honorably, honestly, justly, responsibly, and legally C. Protect society, the common good, necessary public trust and confidence, and the infrastructure D. Advance and protect the profession
A
Which U.S. government agency within the Department of Commerce publishes and makes available for free download a wide variety of technical standards, including those for information technology and information security? A. National Institute of Standards and Technology (NIST) B. Internet Engineering Task Force (IETF) C. Institute of Electrical and Electronics Engineers (IEEE) D. International Organization for Standardization (ISO)
B
Which aspect ensures that authorized users have timely and reliable access to information and resources? A. Confidentiality B. Availability C. Integrity D. Authentication
C
Which attacks involve an attacker using a list of pre-computed hashes to find a matching hash value for a user's password? (★) A. Spoofing Attack B. Dictionary Attack C. Rainbow Table Attack D. Brute Force Attack
C
Which category of cloud services does a ready-to-use email service fall into? A. CaaS B. PaaS C. SaaS D. IaaS
A
Which is the second phase of the data handling life cycle? A. Storage phase B. Sharing phase C. Creation phase D. Destruction phase
D
Which network security device is PRIMARILY responsible for monitoring network traffic and detecting potential threats based on predefined rules or signatures? A. Virtual Private Network (VPN) Gateway B. Proxy Server C. Firewall D. Intrusion Detection System (IDS)
B
Which of the following best describes non-repudiation in the context of digital signatures? A. Ensuring that a message cannot be read by unauthorized parties B. Providing proof that a specific sender sent a specific message C. Verifying the identity of a user attempting to access a system D. Guaranteeing that a message has not been tampered with during transmission
B
Which of the following cloud models puts MOST responsibility on the cloud provider? A. PaaS B. SaaS C. IaaS D. On-premises
A
Which of the following controls safeguards an organization during a blackout power outage? A. Uninterruptible power supply (UPS) B. RAID C. Generator D. Redundant servers
D
Which of the following incident response team roles is responsible for coordinating communication between the incident response team and external stakeholders, such as law enforcement or media? A. Incident lead B. Legal advisor C. Technical lead D. Public relations coordinator
A
Which of the following is NOT a common system hardening practice? A. Regularly performing backups B. Disabling unnecessary services and protocols C. Implementing strong-password policies D. Regularly updating antivirus software
B
Which of the following is NOT a recommended practice for password protection according to the security awareness training examples? A. Avoiding the sharing of passwords with co-workers B. Reusing passwords for multiple systems C. Using a password management solution D. Using different passwords for different systems
D
Which of the following is NOT considered an insider threat? A. An employee accidentally downloading malware B. An employee knowingly stealing sensitive data C. A vendor misusing company data D. An external hacker breaching the company's firewall
A
Which of the following is a PRIMARY objective of implementing physical access controls in an organization? A. To prevent unauthorized access to facilities and protect sensitive information and resources B. To ensure all employees have unrestricted access to all areas C. To allow public access to sensitive areas for increased transparency D. To avoid the need for technical security controls
A
Which of the following is a best practice to support regulatory and contractual obligations? A. Complying with legal definitions and regulations B. Ensuring simplicity for user understanding C. Defining appropriate data usage within the organization D. Encompassing all requirements in a single policy
D
Which of the following is a key component of a Business Continuity Plan (BCP)? A. Focusing solely on the prevention of incidents, rather than maintaining operations during a disruption B. Ignoring the need for an incident response plan C. Avoiding the use of offsite facilities or alternative work locations D. Developing strategies to maintain essential operations during and after a major incident
D
Which of the following is a key component of a Disaster Recovery Plan (DRP)? A. Avoiding the use of offsite backup facilities or cloud-based services B. Focusing solely on the prevention of disasters, rather than recovery efforts C. Ignoring the need for data backups and redundancy D. Establishing clear roles and responsibilities for personnel during disaster recovery efforts
C
Which of the following is a key component of the risk assessment process? A. Focusing solely on risks with minimal impact B. Avoiding the use of risk assessment methodologies or frameworks C. Identifying and evaluating potential risks based on their likelihood and impact D. Ignoring potential threats and vulnerabilities
A
Which of the following is a logical access control method that verifies the identity of a user before granting access to a system? A. Authentication B. Intrusion detection system C. Encryption D. Firewall
A
Which of the following is a technical control? A. Access control list (ACL) B. Emergency operation procedure C. Acceptable use policy D. Stop Sign in a Parking Lot
A
Which of the following is the MOST effective method to destroy a data tape disk? A. Degaussing B. Disk formatting C. Disk zeroing D. Disk encryption
B
Which of the following options is NOT an access control layer? A. Physical B. Policy C. Technical D. Administrative
C
Which of the following physical access control methods is designed to authenticate the identity of individuals entering a facility? A. Security guards B. Visitor sign-in sheets C. Key cards D. Video surveillance
D
Which of the following principles states that individuals should be held to a standard of doing what a reasonable person would do under similar circumstances? A. Separation of duties B. Due diligence C. Least privilege D. Due care
C
Which of the following security measures is most effective in protecting PII stored on a laptop in case of theft? A. Using strong passwords B. Enabling a firewall C. Full-disk encryption D. Regularly updating antivirus software
D
Which of the following system hardening techniques involves reducing the attack surface by removing unnecessary software and services? (★) A. Least privilege principle B. Security configuration management C. Patch management D. Reducing the number of elements of a system
C
Which of the following tools would be the BEST to prevent unauthorized data exfiltration from a corporate network? (★) A. Full Disk Encryption (FDE) B. Application Firewall C. Data Loss Prevention (DLP) D. Network Intrusion Detection System (NIDS)
B
Which of the following types of information is considered PII? A. A public blog post B. A user's date of birth C. A corporate policy document D. A network topology diagram
D
Which of the options does not have attributes of a Privileged User Account? A. It can often create users and assign permissions B. It should have the highest level of logging associated with actions C. It should require the use of MFA D. It does not interact directly with servers and other infrastructure devices
A
Which one of the following security tools would be in the best position to detect malicious behavior in a device (e.g., your personal computer)? A. HIDS B. DLP C. Firewall D. NIDS
A
Which policy will outline if personally owned equipment is permitted for business purposes? A. Bring Your Own Device (BYOD) Policy B. Password Policy (PP) C. Acceptable Use Policy (AUP) D. Data Handling Policy (DHP)
B
Which principle is PRIMARILY concerned with preventing unauthorized data alteration or destruction? A. Authentication B. Integrity C. Availability D. Confidentiality
C
Which principle of the ISC2 Code of Ethics Canons highlights the importance of providing quality service to clients or employers? A. Advance and protect the profession B. Protect society, the common good, necessary public trust and confidence, and the infrastructure C. Provide diligent and competent service to principals D. Act honorably, honestly, justly, responsibly, and legally
C
Which principle of the ISC2 Code of Ethics Canons obliges to prioritize public interest and protect critical infrastructure over personal or organizational interests? A. Advance and protect the profession B. Act honorably, honestly, justly, responsibly, and legally C. Protect society, the common good, necessary public trust and confidence, and the infrastructure D. Provide diligent and competent service to principals
A
Which three OSI model layers correspond to the TCP/IP model's Application layer? A. Application, Presentation, and Session B. Presentation, Session, and Transport C. There is not a direct match (the TCP model was created before the OSI model) D. Application, Presentation, and Transport
A
Which type of network attack involves an attacker intercepting and potentially altering the communication between two parties without their knowledge? A. Man-in-the-Middle Attack B. Phishing Attack C. SQL Injection Attack D. Distributed Denial-of-Service Attack
B
Which type of network attack involves an attacker sending specially crafted malicious data to an application or system, causing it to crash or become unresponsive? (★) A. Man-in-the-Middle Attack B. Buffer Overflow Attack C. SQL Injection Attack D. Distributed Denial-of-Service Attack
