CC Certification Practice Questions (Coffee with Prabh Nair)

(V3) Which of the following processes is a first source for determining resiliency and contingency planning strategies? A. BIA B. Recovery Strategy C. Contingency Solutions D. BCP Policy

A. BIA

(V4) Which of the following approaches, design building and spaces that emphasize passive features to reduce the likelihood of criminal design? A. CPTED B. Security Perimeter C. Privacy by Design D. DMZ

A. CPTED (Crime Prevention Through Environmental Design)

(V4) Which access control model has a very limited user functionality, requires a lot of administrative overhead, are extremely expensive, and are not user friendly? A. MAC B. DAC C. RBAC D. RUBAC

A. MAC

(V2) Which document helps us with strategic direction for security and assigns resources for its implementation within the organization? A. Policy B. Procedure C. Guidelines D. Standard

A. Policy

(v6) Which of the following attack is where attackers encrypt an organization's data and demand payment to restore access? A. DOS attack B. Ransomware attack C. Sniffing attack D. Monitoring attack

B. Ransomware attack

(V1) What is the purpose of the backup of electronically stored data on HDD? A. Data Confidentiality B. Data Integrity C. Data Availability D. Data Authenticity.

C. Data Availability

(V1) Security professionals with a (ISC)2 certification are expected to serve first? A. Company B. Happy Client C. Humanity D. Good Security Advisor

C. Humanity

Which type of access control system enforces the system's security policy through the use of security labels> A. DAC B. NDAC C. MAC D. RBAC

C. MAC

(v5) A device operating at Layer 3 of the OSI model uses which of the following protocols to determine the path to a different network? A. TCP B. SIP C. RIP D. HTTP

C. RIP Routing information protocol

Which of the following is the appropriate risk response practice of passing the risk to another party, who will accept the financial impact of the harm? A. Risk Mitigation B. Risk Acceptance C. Risk Transfer D. Risk Avoidance

C. Risk Transfer

Which of the following options does not represent a type of control? A. Physical control B. Technical control C. Administrative control D. Preventative control

D. Preventative control

(V2) Which of the following is not a Canon of ISC2? A. Protect society, the common good, necessary public trust and confidence, and the infrastructure B. Act honorably, honestly, justly, responsibly, and legally. C. Provide diligent and competent service to principals D. Provide the profession good job

D. Provide the profession good job

(V2) Which document serves as specifications for the implementation of policy and dictates mandatory requirements? A. Policy B. Procedure C. Guidelines D. Standard

D. Standard

(V7) Making an organizational culture that prioritizes information security starts with: A. implement stronger controls B. conduct periodic awareness training C. actively monitor operations D. gain the endorsement of executive management

D. gain the endorsement of executive management without D, options A, B and C is not possible... gaining the endorsement of executive management is the most important thing to implement security

What type of control is introduced in an organization to direct an employee's behavior? A. Administrative control B. Technical control C. Physical control D. Preventive control

A. Administrative control

(V3) Which of the following process primary provide the justification for the business continuity plan and its requirement? A. BIA B. Change management C. Configuration management D. Release management

A. BIA

(V3) A user received an email from someone outside the company inquiring about the company's upcoming new launch and business migration. The user has a detailed spec sheet, but it says 'confidential' on it. NEXT, the user should do which of the following? A. Call the help desk or the incident response team to find out what to do next. B. Respond to the requester to find out how to reach them , then call them. C. Reject the request D. Inform the department and halt the product

A. Call the help desk or the incident response team to find out what to do next.

(V2) Which of the following things MUST be required for a good decision in an Enterprise? A. Good governance B. Effective roles and responsibilities C. Effective policies D. External audit

A. Good governance If we don't have a good governance, B, C, and D is ineffective

(v6) Which type of cloud deployment is where data standards, portability and integration is required? A. Hybrid cloud B. Public cloud C. Private cloud D. Community cloud

A. Hybrid cloud

(V4) What is the most important parameter to consider while categorizing and prioritizing an incident? A. Impact and criticality B. confidentiality and integrity C. sensitivity and availability D. Authenticity and visibly

A. Impact and criticality Is the combination of anything so he effect of the incident has and operation

(V7)Which of the following is the MOST critical for Patch Management, Configuration Management, Risk Management, with overall security posture for an enterprise? A. Inventories B. Incident management C. Identity and access D. Strong authentication

A. Inventories Without Inventories, B, C and D cannot be achieved.

(V4) Which type of access control is primary utilized in High security environments? A. MAC B. DAC C. RBAC D. RUBAC

A. MAC

(V3) Which site is most expensive and extensive IT risk mitigation strategy? A. Mirror site B. Hot site C. Warm site D. Cold site

A. Mirror site

(V3) At which particular stage of incident management process we do the following activities? 1. Remove the system from the network. 2. Update the firewall to reduce impact 3. Move the system to quarantine A. Mitigation B. Reporting C. Remediation D. Lessons Learned

A. Mitigation Remediation is a permanent solution, whereas Mitigation is a temporary solution... All 3 actions are temporary

(v5) Which of the following metrics used by CHAP by which hey defeat the man-in-the-middle attack which occurs in PAP? A. NONCE B. TOKEN C. TICKET D. Encryption

A. NONCE

(V1) The purpose of mandatory vacations as a security measure is to discover which of the following? A. Network administrator fraud B. Vulnerabilities on a system C. Comply with Regulation D. Software vulnerabilities in vendor code

A. Network administrator fraud

(v5) Which of the following is the least secure authentication method that sends the credentials in cleartext? A. PAP B. CHAP C. EAP D. RADIUS

A. PAP

(V2) Which of the following documents identifies the principles and rules governing an organization's protection of information systems and data? A. Policy B. Procedure C. Guidelines D. Standard

A. Policy

(v5) Which layer provides services to ensure that the peer applications use a common format to represent data? A. Presentation B. Application C. Transport D. Session

A. Presentation

What is the primary objective of Risk Assessment? A. Prioritized by risk level and used to inform risk response decisions B. Identify threat events that could be produced by those sources C. Communicate risk assessment results to designated organizational stakeholders D. Mitigate the risk

A. Prioritized by risk level and used to inform risk response decisions B is part of the risk identification C is covered in A D is part of the risk assessment

(V4) Which type of account represents a high-value target and requires more protection? A. Privileged account B. User account C. Service account D. File account

A. Privileged account

(V1) Which of the following is a true statement of Identification? A. Process of asserting a identity and having it confirmed B. Process of validating that the identity being claimed by a user or entity is known to the system C. The process of granting or denying specific requests D. Process of sender denying his action

A. Process of asserting a identity and having it confirmed B is the definition of authentication C is the definition of authorization D is the definition of non-repudiation

What is the primary purpose of a Business Continuity Plan in the Enterprise? A. Provides procedures for sustaining mission/business operations while recovering from a significant disruption B. Provides procedures for disseminating internal and external communications C. Provides procedure for mitigating and correcting a cyber attack D. Provides procedures for relocating information systems operations ato an alternative location

A. Provides procedures for sustaining mission/business operations while recovering from a significant disruption

(V3) Which of the following true statement below defines the relation of MTD and RTO? A. RTO must normally be shorter than the MTD B. RTO must normally be higher that the MTD C. RTO is more about RPO D. RTO can exceed time limit established by the MTD

A. RTO must normally be shorter than the MTD B. RTO must normally be higher that the MTD - NOT TRUE C. RTO is more about RPO - NOT TRUE D. RTO can exceed time limit established by the MTD - not possible

(V3) What is the primary goal of the incident management team in the organization? A. Reducing the impact and restore services B. Gathering and analyzing information C. Roles and responsibilities for the IR team personnel in each incident type D. Conducting tests and exercises of the IR plan

A. Reducing the impact and restore services

Which of the following is an appropriate risk response that includes taking actions to prevent or reduce the possibility of impact? A. Risk Mitigation B. Risk Acceptance C. Risk Transfer D. Risk Avoidance

A. Risk Mitigation

(v6) Which of the following attacks can be used to exploit a vulnerability that untrained users created? A. Spear phishing email with a file attachment B. DNS Poisoning C. man in the middle attack D. A domain hijacking of a bank website

A. Spear phishing email with a file attachment

(v5) In which kind of attack does the attacker submit a lot of connection requests extremely quickly, but then ignore the reply that is delivered back to them by the server? A. Syn flood B, Smurf attack C, Ping of Death D. ICMP Flood

A. Syn flood

(V2) Firewalls, electronic badge readers, access control lists is an example of which type of control? A. Technical control B. Administrative control C. Physical control D. Generic control

A. Technical control

(V4) Which type of control is primary implemented and executed by information systems through a mechanism contained in the firmware or software of the system? A. Technical control B. Administrative control C. Physical control D. Service control

A. Technical control

(V7)Which of the following is the most important to consider while protecting the assets? A. Value and risk B. Security and risk C. Market and reputation D. Vulnerabilities vs risk

A. Value and risk need to know the value of the asset and risk of it

(V3) What is the true statement regarding primary difference between a mirrored site and a hot site? A. identical configuration different B. same configuration/same data C. hot site is active/active and mirrored site is active/passive D. hot site configured with no server where mirrored site is configured with out active server, no data.

A. identical configuration different In organizations with very short RTO and MTO windows, dividing staff, resources, and processes permanently between multiple sites is an acceptable but costly solution known as a mirror site. A hot site has the same infrastructure and data as the primary site, which is costly, but useful for meeting a short RTO or RPO

(V1) What is the MOST feasible risk response when the cost of anti-malware exceeds the damage probability of computer viruses? A. risk acceptance B. risk transfer C. risk avoidance D. risk tolerance

A. risk acceptance *Cost of control is higher than the cost of impact so in this case we accept the risk or transfer the risk, but primarily here -the question it's using the possible risk response. Between A and B, transferring it to insurance - cost of insurance could be higher too

(V1) What kind of risk response enterprise is used to stop or remove the activity or technology that causes the risk in the first place? A. risk avoidance B. risk transfer C. risk acceptance D. risk mitigation

A. risk avoidance regarding the risk capacity, risk appetite and risk tolerance...

(V3) Which of the following statement defines MTD (Maximum Tolerable Downtime)? A. the amount of time mission/business process can be disrupted without causing significant harm to the organization's mission. B. The overall length of time an information system's components can be in the recovery phase before negatively impacting the organization's mission or mission/business processes. C. The point in time to which data must be recovered after an outage D. The amount of time mission/business process can be disrupted with causing significant harm to the organizations' mission.

A. the amount of time mission/business process can be disrupted without causing significant harm to the organization's mission. B - the RTO (Recovery Time Objective) C - is the RPO (Recovery Point Objective) D - is not true

(V3) After a production outage, which of the following documents contains detailed information on the order in which a system should be restored to service? A. Succession planning B, Disaster recovery plan C. Information security plan D. Change management plan

B, Disaster recovery plan

(V2) Which controls implemented though policy and procedure in an organization? A. Technical control B. Administrative control C. Physical control D. Generic control

B. Administrative control

(v6) ACME LLP establishes a corporate infrastructure and develops a customer-facing web application by utilizing several SaaS and IaaS platforms. Which of the following solutions would be BEST for providing platform monitoring and visibility? A. SIEM B. CASB C. Firewall D. Vulnerability scanner

B. CASB A cloud access security broker is on-premises or cloud based software that sits between cloud service users and cloud applications, and monitors all activity and enforces security policies.

(V1) What was the primary purpose of Separation of Duties in an organization? A. Data Confidentiality B. Data Integrity C. Data Availability D. Data Authenticity. y

B. Data Integrity So one person doesn't have control of all processes - Integrity = fraud

(V4) Which of the following strategy integrating people, technology and operations capabilities to establish variable barriers across multiple layers and missions of the organization? A. Privacy by Design strategy B. Defense in Depth strategy C. Security Perimeter strategy D. Network by Design strategy

B. Defense in Depth strategy

(v6) Which of the following BEST describes an attack where communications between two parties are intercepted and forwarded to each party with neither party being aware of the interception and potential modification to the communications? A. Spear phishing B. Man-in-the-Middle C. URL hijacking D. Transitive Access

B. Man-in-the-Middle

Which of the following principle dictates that each task, process, or user is granted the minimum rights required to perform its job? A. Separation of Duties B. Principle of Least Privilege C. Defense of Depth D. Privilege Function

B. Principle of Least Privilege

(V7) From an information security perspective, information that no longer supports the main purpose of the business should be? A. Protect under the Risk Assessment B. Review under the retention policy C. Review under access policy D. Review under classification policy

B. Review under the retention policy

Which of the following is the appropriate risk response when the identified risk falls within the organizational risk tolerance? A. Risk Mitigation B. Risk Acceptance C. Risk Transfer D. Risk Avoidance

B. Risk Acceptance

(V2) Risk officer has recommended several controls such as a firewall and anti-malware to protect the enterprise's information systems. Which Risk response action has been taken? A. Risk transference B. Risk mitigation C. Risk acceptance D. Risk avoidance

B. Risk mitigation

(V7) Which of the following is considered to be more a more secure hashing algorithm? A. MD5 B. SHA C. AES D. RSA

B. SHA A - MD5 is a hashing algorithm, but SHA is more secure C - AED is a symmetric algorithms to encrypt data but never used for hashing D - RSA is asymmetric for key exchange

(V4) Which of the following is an example of administrative control? A. Encryption B. Separation of duties C. Physical camera D. Firewall configuration

B. Separation of duties

(v5) An ICMP packet is sent to the broadcast address of a network; however, the return address of the packet has been modified to correspond with one of the machines that are part of that network. Which type of attack are we addressing? A. Syn flood B. Smurf attack C, Ping of Death D. ICMP Flood

B. Smurf attack A Smurf attack is a distributed denial-of-service attack in which large numbers of Internet Control Message Protocol packets with the intended victim's spoofed source IP are broadcast to a computer network using an IP broadcast address.

(v7) What type of cryptosystem is Jim using whereby data being encrypted by the sender using the recipient's public key, and the data then being decrypted using the recipient's private key? A. With public-key encryption, or symmetric encryption B. With public-key encryption, or asymmetric encryption C. With shared-key encryption, or symmetric encryption D. With shared-key encryption, or asymmetric encryption

B. With public-key encryption, or asymmetric encryption (Sender encrypts data with public key, and is decrypted with recipients private key) A - incorrect; public encryption is asymmetric C & D - FALSE; shared-keys - only 1 key is used, so it would be symmetric, but here, a public AND private (asymmetric) is used If the public key encrypts, the corresponding private key must be used to decrypt. **IF the private key encrypts, then its the associated public key to decrypt. **Public keys are shared, but private keys are never gave out. (asymmetric - 2 key, symmetric 1 keys)

(V4) What is the most important feature of a biometric identification system? A. Authorization B. Storage requirements C. Accuracy D. Reliability

C. Accuracy

(v5) Web Application Firewalls work on which layer of the OSI model? A. Session layer B. Presentation layer C. Application layer D. Transport layer

C. Application layer

(V3) Alice is an information security manager working in the organization. Her team received an incident ticket from the Operation team regarding one system is infected with a major virus. What will be the first step of the team to handle this situation? A. Finding the root cause of the incident B. Report to Senior Management C. Confirm and validate all details with tickets D. Disconnect the impacted system from the production network.

C. Confirm and validate all details with tickets First - confirm Second - B- report to Sr mgmt. Third - D- Disconnect Fourth A- Find the root cause

Proper documentation of evidence is important to support any future investigations or legal proceedings. In which stage of the Incident Management Process we must acquire, preserve, secure, and document evidence? A. Detection and Analysis B. Preparation C. Containment, Eradication, and Recovery D. Post-Incident Activity

C. Containment, Eradication, and Recovery *See NIST Special Publication 800-61 Revision 2

Which principle addresses information security strategy integrating people, technology, and operations capabilities to establish variable barriers across multiple layers and missions of the organization? A. Separation of Duties B. Principle of Least Privilege C. Defense of Depth D. Privilege Function

C. Defense of Depth

(V7) Which of the following is MOST effective way to mitigate Phishing attack in an enterprise? A. Installing AV (antivirus) B. Installing MFA C. Improve User Awareness D. Encryption

C. Improve User Awareness

(V2) Which controls implemented through a tangible mechanism such as walls, fences, guards, locks? A. Technical control B. Administrative control C. Physical control D. Generic control

C. Physical control

(V3) A security professional has just finished the Business Impact Analysis for their company. What would be the next step for the professional? A. Prepare the policy and publish on the website B. Select and for the team C. Prepare and select the recovery strategy D. Test the plan

C. Prepare and select the recovery strategy

(V4) Which access control model simplifies access control administration by allowing permissions to be managed in terms of user job roles? A. MAC B. DAC C. RBAC D. RUBAC

C. RBAC

(V7) Which key is used to create a digital signature? A. The receiver's private key B. The sender's public key C. The sender's private key D. The receiver's public key

C. The sender's private key A - we never share our private key B - If sender uses a public key, he needs to share his private key D - incorrect

(V4) What is the ultimate objective of proper separation of duties? A. To prevent employees from disclosing sensitive information B. To ensure access controls are in place C. To ensure that no single individual can compromise a system D. To ensure that audit trails are not tampered with.

C. To ensure that no single individual can compromise a system

(V3) Neha, a member of the finance department at a large corporation, has submitted an incident ticket regarding data breach to the information security team. A company is acquiring incident response and forensic assistance from a managed security service provider to understand the data breach. What is the FIRST step that needs to be considered from managing this situation? A. Remove the system from the network B. Inform the customer about the data breach C. Validate and confirm the incident first D. Inform senior management about this issue.

C. Validate and confirm the incident first *It may not be true

(V2) Which of the following is a manner of risk avoidance? A. install antivirus B. purchase insurance C. exit the process that arises risk D. take no action against risk

C. exit the process that arises risk

(V1) Which will be a more appropriate risk response when the identified risk is within the organizational risk tolerance? A. risk avoidance B. risk transfer C. risk acceptance D. risk mitigation

C. risk acceptance

(V7) Which of the following is a major problem with symmetric key encryption? A. It is slower than asymmetric key encryption B. algorithms are kept he proprietary standard C.. Secure sharing of the secret key D. Work factor is not mapped with key size

C.. Secure sharing of the secret key *note - primary disadvantage of symmetric is a key exchange primary disadvantage of asymmetric is slow

In a scenario where multiple documents are being reviewed, which one of them that are not mandatory for inclusion? A. Policy B. Procedures C. Standard D. Guideline

D. Guideline

(V3) Which of the following is BEST carried out immediately after a security breach is discovered in a database? A. Risk management B. Configuration Management C. Change management D. Incident management

D. Incident management

Which phase of the Incident Response Process helps us to improve security measures and the incident handling process? A. Detection and Analysis B. Preparation C. Containment, Eradication, and Recovery D. Post-Incident Activity

D. Post-Incident Activity

Which of the following is not one of the ISC2 Canons? A. Protect society, the common good, necessary public trust and confidence, and the infrastructure B. Act honorably, honestly, justly, responsibly and legally C. Provide diligent and competent service to principals D. Requires that we adhere, and be seen to adhere, to the highest ethical standards of behavior

D. Requires that we adhere, and be seen to adhere, to the highest ethical standards of behavior

Which of the following is an appropriate risk response when the identified risk exceeds the organizational risk tolerance? A. Risk Mitigation B. Risk Acceptance C. Risk Transfer D. Risk Avoidance

D. Risk Avoidance Risk is going beyond the risk appetite, so i.e., if buying software exceeds the risk tolerance, avoid the risk and not purchase.

(V2) An assessment of an organization's IT initiatives reveals that projects typically run over budget or on schedule by approximately 50%. Management tells the risk practitioner that a variance of 55% is acceptable after a review. This is an illustration of: A. Risk acceptance B. Risk transfer C. Risk mitigation D. Risk tolerance

D. Risk tolerance If they have accepted a risk associated with 50 or 55%, then the answer would be A; the statement itself if having a statement of acceptance, but its not so we're going with D. Speaking of Risk Appetite

(V7) Jack is sending Jill an encrypted message using a symmetric encryption algorithm. What key should he use to encrypt the message? A. Jacks public key B. Jacks private key C. Jill's public key D. Shared secret key

D. Shared secret key

(v5) According to the OSI model, which layer handles data transfer between applications, flow control, and error detection and correction? A. Application layer B. Data link layer C. Network layer D. Transport layer

D. Transport layer

(V4) Which of the following is NOT an example of Physical Control? A. Security Camera B. Physical Cabling C. Badge Reader D. Appointment of Guard E. Firewall

E. Firewall

(v6) Which is a true statement of SaaS? A. Capability for Customers to use the Provider's applications running on a cloud infrastructure. The applications are accessible from various devices through either a think client interface, such as a web browser, or program interface. B. Capability for Provider to user the Customer applications running on a cloud infrastructure. The applications are accessible from various devices through either a think client interface, such as a web browser or a program interface. C. Capability for Provider to use the Regulated applications running on a cloud infrastructure. The applications are accessible from various devices through either a thin client interface, such as a web browser or program interface. D. Capability for Customers to deploy their applications (created or acquired) onto the cloud infrastructure, using programming languages, libraries, services and tools supported by th

A. Capability for Customers to use the Provider's applications running on a cloud infrastructure. The applications are accessible from various devices through either a think client interface, such as a web browser, or program interface.

(V7)Which of the following is MOST effective at preventing the introduction of code modifications that could compromise the security of a mission-critical business application? A. Change management B. Patch Management C. Incident Management D. Release Management

A. Change management Patch is about managing vulnerabilities with systems/apps Incidents is about managing and prioritizing incidents Release is about releasing resources

(V7) What is the MOST effective practice by which we maintain system integrity throughout the organization in a dynamic environment? A. Change management B. Incident management C. Patch management D. Release management

A. Change management key words - dynamic and integrity

(V3) What is the MOST importance factor that needs to be considered while finalizing an organization's recovery strategy? A. Conduct BIA and prioritize requirements B. Finalizing the resources C. Review business requirements D. Review regulatory requirements

A. Conduct BIA and prioritize requirements

What factors need to be considered MOST when deciding to implement a control? A. Control cost vs impact B. Confidentiality vs integrity C. Eliminate risk D. Cost benefit analysis

A. Control cost vs impact B - it's missing availability C - risk cannot be eliminated D - ie. firewall .that is does not reduce the impact so the control was introduced to reduce the impact but also we need to see the balance of control cost..

Which type of access control leaves a certain amount of access control to the discretion of the object's owner, or anyone else authorized to control the object's access? A. DAC B. NDAC C. MAC D. RBAC

A. DAC

(V1) When virtual machines are constructed and destroyed in elastic cloud computing environments, he same physical hardware is commonly used by different clients over time. Implications for which of the following data security issues does this have? A. Data Confidentiality B. Data Integrity C. Data Availability D. Data Authenticity

A. Data Confidentiality There's a possibility that data could be shared with others.

In what stage of the Incident Management Process to we determine whether an incident has occurred? A. Detection and Analysis B. Preparation C. Containment, Eradication, and Recovery D. Post-Incident Activity

A. Detection and Analysis

(V4) Prince is working as a finance consultant in the organization. He was on vacation for 15 days. After 15 days, he could not join he office, and there was no further communication with HR. What is the best practice you would like to recommend to the enterprise? A. Disable the account B. Delete the account C. Call and check why he is not joining D. Modify the policy

A. Disable the account

(V2) Which of the following is a way to implement a technical control to mitigate data loss in case of a mobile device theft? A. Disk encryption B. Encryption policy C. Solid state drive D. Mobile Security policy

A. Disk encryption Note examples of Administrative control, Physical control and the technical control.

(v6) Which of the following is a true statement of IaaS? A. Capability for Customers to use the Provider's processing, storage, networks and other fundamental computing resources to deploy and run operating systems, applications and other software on a cloud infrastructure B. Capability for Customers to deploy their applications (created or acquired) onto the cloud infrastructure, using programming languages, libraries, services and tools supported by the provider. C. Capability for Customers to use the Provider's applications running on a cloud infrastructure. The applications are accessible from various devices through either a think client interface, such as a web browser or program interface. D. Capability for Provider to utilize the Client processing, storage, network and other fundamental computing resources to deploy and run operating systems, applications, and other software on a cloud infrastructure.

Capability for Customers to deploy their applications (created or acquired) onto the cloud infrastructure, using programming languages, libraries, services and tools supported by the provider.

(v6) Which of the following types of attack is being used when an attacker responds by sending the MAC address of the attacking machine to resolve the MAC to IP address of a valid server? A. Session hijacking B. IP spoofing C. Evil twin D. ARP poisoning

D. ARP poisoning

(V3) A network administrator has purchased two devices that will act as failovers for each other. Which of the following concepts does this BEST illustrate? A. Authentication B. Integrity C. Confidentiality D. Availability

D. Availability

(V4) Which of the following is NOT an example of an Administrative control? A. Policy and procedures B. Personnel controls C. Acceptable Use Policy D. Security-awareness Training D. Badge Reader

D. Badge Reader

(V3) Which site requires the longest recovery time for business? A. Mobile Site B. host site C. Warm site D. Cold site

D. Cold site

(V2) When you consider MFA, which of the following will be the least priority for an Enterprise? A. Throughput B. Acceptability C. Accuracy D. Competitors

D. Competitors

(V8) Which statement accurately describes the proper sequence of ISC2 phases in the data cycle process? A. Store, create, use, share, archive and destroy B. Use, store, create, share, archive and destroy C. Destroy, store, use, share, archive and create D. Create, store, use, share, archive and destroy

D. Create, store, use, share, archive and destroy