ISC2 Certified in Cybersecurity Exam Questions
Q1: Is it possible to avoid risk? A. Yes B. No C. Sometimes D. Never
A
Q3: Which of the following is very likely to be used in a disaster recovery effort?A. Guard dogs B. Data backups C. Contract personnel D. Antimalware solutions
B
Q7: Common network device used to connect networks? A. Server B. Endpoint C. Router D. Switch
C
Q33: Which penetration testing technique requires the team to do the MOST work and effort? A. White box B. Blue box C. Gray box D. Black box
D
Q37: IDS can be described in terms of what fundamental functional components? A. Response B. Information Sources C. Analysis D. All of the choices.
D
Q42: When the ISC2 Mail server sends mail to other mail servers it becomes ----? A. SMTP Server B. SMTP Peer C. SMTP Master D. SMTP Client
D
Q69: What is the main purpose of using multi-factor authentication (MFA) in a security system? a) To prevent data breaches b) To protect against malware c) To ensure data integrity d) To add an extra layer of security to user authentication
D
Q6: Which of the following is a subject?A. file B. fence C. filename D. user
D
Q8: A common network device used to filter traffic? A. Server B. Endpoint C. Ethernet D. Firewal
D
Q13: Which one of the following types of agreements is the MOST formal document that contains expectations about availability and other performance parameters between a service provider and a customer? A. Service-Level Agreement (SLA) B. Operational-Level Agreement (OLA) C. Memorandum of Understanding (MOU)D. Statement of Work (SOW)
A
Q14: which of the following is a feature of the rule-based access control? A. The use of a profile. B. The use of information flow labels. C. The use of a data flow diagram. D. The use of tokens.
A
Q16: what are the primary approaches ids take to analyse events to detect attacks? A. Misuse detection and anomaly detection. B. Log detection and anomaly detection. C. Misuse detection and early drop detection. D. Scan detection and anomaly detection
A
Q22: Derrick logs on to a system in order to read a file. In this example, Derrick is the ___? A. Subject B. Object C. Process D. Predicate
A
Q23: Tanja is designing a backup strategy for her organization's file server. She would like to perform a backup every weekday that has the smallest possible storage footprint. What type of backup should she perform? Select the MOST appropriate options. A. Incremental Backup B. Full Backup C. Differential Backup D. Transaction Log Backup
A
Q25: John joined the ISC2 Organizations, his manager asked to check the authentications in the security module. What would John use to ensure a certain control is working as he wants and expects it to? A. Security Testing B. Security assessment C. Security audit D. Security walkthrough
A
Q27: Walmart has a large e-commerce presence in the world. Which of these solutions would ensure the LOWEST possible latency for the customers using their services? A. CDN B. SaaS C. Load Balancing D. Decentralized Data Centers
A
Q2: What is meant by non-repudiation?A. If a user does something, they can't later claim that they didn't do it. B. Controls to protect the organization's reputation from harm due to inappropriate social media postings by employees, even if on their private accounts and personal time. C. It is part of the rules set by administrative controls. D. It is a security feature that prevents session replay attacks.
A
Q34: Devid is worried about distributed denial of service attacks against his company's primary web application. which of the following options will provide the MOST resilience against large-scale DDoS attacks? A. Implement a CDN B. Increase the number of servers in the web application server cluster C. Contract for DDoS mitigation services via the company's IPS D. Increase the amount of bandwidth available from one or more ISPs
A
Q38: Which of the following best describes the type of technology the team should implement to increase the work effort of buffer overflow attacks?A. Address space layout randomization B. Memory induction application C. Input memory isolation D. Read-only memory integrity checks
A
Q39: Which of the following types of vulnerabilities cannot be discovered in the course of a routine vulnerability assessment? A. Zero-day vulnerability B. Kernel flaw C. Buffer overflow D. File and directory permissions
A
Q43: Which layer provides the services to a user? A. Application layers B. Session Layers C. Presentation Layer D. Physical Layer
A
Q51: You experienced a power outage that disrupted access to your data center. What type of security concern occurred? A. Availability B. Confidentiality C. Non-Repudiation D. Integrity
A
Q52: What federal law requires the use of vulnerability scanning on information systems operated by federal government agencies? A. FISMA B. HIPAA C. GLBA D. FERPA
A
Q55: Duke would like to restrict users from accessing a list of prohibited websites while connected to hisnetwork. Which one of the following controls would BEST achieve his objective? A. URL Filter B. IP Address Block C. DLP Solution D. IPS Solution
A
Q56: What is privacy in the context of Information Security? A. Protecting data from unauthorized access B. Ensuring data is accurate and unchanged C. Making sure data is always accessible when needed. D. Disclosed without their consent
A
Q61: What cybersecurity principle focuses on granting users only the privileges necessary to perform their job functions? A) Least privilege B) defense in dexterity C) separation of duties D) need-to-know basis
A
Q70: Which one of the following regulations provides strict, detailed procedures for the use of compensating controls? A. PCI DSS B. HIPAA C. GLBA D. FERPA
A
Q71: Mrs. Casendra is installing a new Data Loss Protection (DLP) solution for her organization. What category of control is she installing? A. Technical B. Operational C. Managerial D. Detective
A
Q72. Sasa is configuring her organization's firewall to support the secure remote retrieval of email using the IMAPS protocol. What port should she allow? A. TCP Port 993 B. TCP Port 143 C. UDP Port 993 D. UDP Port 143
A
Q74. Fred would like to implement a new security platform that can coordinate access policies across the many cloud providers used by his organization. What technology would best meet his needs? A. CASB B. SIEM C. NGEP D. NGFW
A
Q78. What type of address uniquely identifies a network interface card (NIC) on a TCP/IP network? A) MAC address B) IP address C) DNS address D) Port address
A
Q79. Which HTTP request method is considered safe and should only be used for retrieving data, not modifying it? A) GET B) POST C) PUT D) DELETE
A
Q80. What does the "Same-Origin Policy" help protect against in web security? A) Unauthorized access to a user's data B) SQL Injection attacks C) Clickjacking attacks D) Cross-site scripting (XSS) attacks
A
Q24: Which of these is the WEAKEST form of authentication we can implement? A. Something you know B. Something you are C. Something you have D. Biometric authentications
A. Something you know - Type 1 Authentication: Passwords, passphrase, PIN etc., also called Knowledge factors. It is the weakest form of authentication, and can easily be compromised
Q35: TCP and UDP reside at which layer of the OSI model? A. Session B. Transport C. Data link D. Presentation
B
Q36: Which type of network is set up similar to the internet but is private to an organization? Select the MOST appropriate. A. Extranet B. VLAN C. Intranet D. VPN
B
Q46: Which type of database combines related records and fields into a logical tree structure? A. Relational B. Hierarchical C. Object-oriented D. Network
B
Q49: What does Personally Identifiable Information (PII) pertain to? A. Information about an individual's health status B. Data about an individual that could be used to identify them C. Trade secrets, research, business plans, and intellectual property D. The importance assigned to information by its owner
B
Q4: Which of the following is very likely to be used in a disaster recovery effort?A. Guard dogs B. Data backups C. Contract personnel D. Antimalware solutions
B
Q58: Which of the following best describes a zero-day vulnerability? A. A vulnerability that has been identified and patched by software vendors. B. A vulnerability that has not yet been discovered or publicly disclosed. C. A vulnerability that can only be exploited by experienced hackers. D. A vulnerability that affects only legacy systems
B
Q60: Natalia is concerned about the security of his organization's domain name records and would like to adopt a technology that ensures their authenticity by adding digital signatures. Select the MOST appropriate technology to use. A. DNSSIGN B. DNSSEC C. CERTDNS D. DNS2
B
Q62: What is the primary purpose of a firewall in network security? A. Encrypt data transmissions B. Prevent unauthorized access C. Monitor network traffic D. Backup critical data
B
Q64: What is the main purpose of using digital signatures in communication security? A) To encrypt sensitive data during transmission B) To verify the identity of the sender and ensure the integrity of the message C) To prevent unauthorized access to a network D) To compress data to reduce bandwidth usage
B
Q75. In the context of the CIA triad, which aspect ensures that data is accurate and reliable? A) Confidentiality B) Integrity C) Availability D) Authentication
B
Q10: A set of security controls or system settings used to ensure uniformity of configuration through the IT environment? A. Patches B. Inventory C. Baseline D. Policy
C
Q12: Mike is concerned that users on her network may be storing sensitive information, such as Social Security numbers, on their hard drives without proper authorization or security controls. What third-party security service can she implement to BEST detect this activity? A. IDS B. IPS C. DLP D. TLS
C
Q15: which of the following attacks could be the MOST successful when the security technology is properly implemented and configured? A. Logical attacks. B. Physical attacks C. Social Engineering attacks D. Trojan Horse attacks
C
Q18: which of the following layers supervises the control rate of packet transfers in an open systems interconnections (osi) implementation?A. Physical B. Session C. Transport D. Network
C
Q19: which of the following is responsible for the MOST security issues? A. Outside espionage B. Hackers C. Personnel D. Equipment failure
C
Q29: Shaun is planning to protect their data in all states(Rest, Motion, use), defending against data leakage. What would be the BEST solution to implement? A. End-to-end encryption. B. Hashing C. DLP D. Threat Modeling
C
Q30: Which of the following is the least secure communications protocol? A. CHAP B. Ipsec C. PAP D. EAP
C
Q31: Which type of encryption uses only one shared key to encrypt and decrypt?A. Public key B. Asymmetric C. Symmetric D. TCB key
C
Q44: Which type of authentication is something which you are expected to have? A. Type 1 B. Type 2 C. Type 3 D. Type 4
C
Q45: information security is not built on which of the following? A. Confidentiality B. Availability C. Accessibility D. Integrity
C
Q47: How many bits represent the organization's unique identifier (oui) in Mac addresses? A. 16 Bits B. 48 Bits C. 24 Bits D. 32 Blts
C
Q48: What is the purpose of non-repudiation in information security? A. To ensure data is always accessible when needed B. To protect data from unauthorized access C. To prevent the sender or recipient of a message from denying having sent or received the message D. To ensure data is accurate and unchanged
C
Q50: Which one of the following cryptographic algorithms does not depend upon the prime factorization problem? A. RSA - Rivest-Shamir-Adleman B. GPG- GNU Privacy Guard C. ECC - Elliptic curve cryptosystem D. PGP Pretty Good Privacy
C
Q53: What is multi-factor authentication (MFA)? A. A type of authentication that uses only one method B. A type of authentication that uses only two methods C. A type of authentication that uses more than two methods D. A type of authentication that uses only one factor
C
Q54: Natalia is concerned that users on her network may be storing sensitive information, such as socialsecurity numbers, on their hard drives without proper authorization or security controls. What 3rd-party security service can she implement to best detect this activity? A. IDS - Intrusion Detection System B. IPS - Intrusion Prevention System C. DLP - Data Loss Protection D. TLS - Transport Layer Security
C
Q57: Some Employees of his organization launched a privilege escalation attack to gain root access to one of the organization's database servers. The employee does have an authorized user account on the server. What log file would be MOST likely to contain relevant information?? A. Database application log B. Firewall log C. Operating system log D. IDS log
C
Q59: Mark is configuring an automated data transfer between two hosts and is choosing an authentication technique for one host to connect to the other host. What approach would be best- suited for this scenario? A. Biometric B. Smart Card C. SSH Key D. Hard Coded Password
C
Q63: What is the primary goal of a risk management process in cybersecurity? A) to eliminate all cybersecurity risks B) to transfer all cybersecurity risks to a third-party C) to identify, assess, and mitigate cybersecurity risks to an acceptable level D) to ignore cybersecurity risks and focus on incident response
C
Q65: What is the primary goal of implementing input validation in application security? A) To ensure all inputs are stored in a secure database B) To prevent unauthorized access to the application C) To validate and sanitize user inputs to prevent code injection attacks D) To encrypt sensitive data transmitted between the client and server
C
Q66: Which of the following is a common security measure to prevent Cross- Site Scripting (XSS) attacks in web applications? A) implementing strong password policies B) using a firewall to block incoming traffic C) validating and sanitizing user input D) encrypting data during transmission
C
Q67: Which of the following attacks can TLS help mitigate? A) Cross-site Scripting (XSS) Attacks B) Social Engineering Attacks C) Man-in-the-middle (MITM) Attacks D) SQL Injection Attacks
C
Q73. Tom would like to amend his organization's exit interview process to protect against former employees leaking sensitive information. Which one of the following approaches would best meet his needs? A. Asking employees to sign an NDA before departure B. Threatening employees with legal action if they violate the NDAC. Reminding employees of the NDA that they signed upon employment D. No action is appropriate
C
Q76. Which encryption algorithm is commonly used to secure web communication (HTTPS)? A) RSA B) DES C) AES D) HMAC
C
Q77. What security mechanism verifies the identity of a user or system attempting to access a network? A) Firewall B) Intrusion Detection System (IDS) C) Authentication D) Encryption
C
Q9: Who is responsible for publishing and signing the organization's policies?A. The security office B. Human resources C. Senior management D. The legal department
C
Q20: which of the following is a DISADVANTAGE of a memory only card? A. High cost to develop B. High cost to operate. C. Physically infeasible. D. Easy to counterfeit
D
Q21: Devid's team recently implemented a new system that gathers information from a variety of different log sources, analyses that information, and then triggers automated playbooks in response to security events. what term BEST describes this technology? A. SIEM B. Log Repository C. IPS D. SOAR
D
Q26: DevOps team has updated the application source code, Tom has discovered that many unauthorized changes have been made. What is the BEST control Tom can implement to prevent a recurrence of this problem? A. Backup B. File labels C. Security audit D. Hashing
D
Q28: Communication between end systems is encrypted using a key, often known as ______? A. Temporary Key B. Section Key C. Public Key D. Session Key
D
Q32: Which of the following is NOT one of the three main components of a SQL database? A. Views B. Schemas C. Tables D. Object-oriented interfaces
D
Q40: The Finance Server and Transactions Server have restored their original facility after a disaster. what should be moved in FIRST? A. Management B. Most critical systems C. Most critical functions D. Least critical functions
D
Q41: Juli is listening to network traffic and capturing passwords as they are sent to the authentication server. She plans to use the passwords as part of a future attack. What type of attack is this?A. Brute-force attack B. Dictionary attack C. Social engineering attack D. Replay attack
D
Q5: Which of these components is very likely to be instrumental to any disaster recovery (DR) effort? A. Routers B. Laptops C. Firewalls D. Backups
D
Q68: Which version of TLS is considered to be the most secure and recommended for use? A) TLS 1.0 B) TLS 1.1 C) TLS 1.2 D) TLS 1.3
D
