ISC2 Cybersecurity Certification Exam (Latest 2024/ 2025 Update) 100% Correct Questions and Verified Answers| Grade A
ISC2 Cybersecurity Certification Exam
(Latest 2024/ 2025 Update) 100% Correct
Questions and Verified Answers| Grade A
Q: Jengi is setting up security for a home network. Jengi decides to configure MAC address
filtering on the router, so that only specific devices will be allowed to join the network. This is an
example of a(n)_______ control.
A. Physical
B. Administrative
C. Substantial
D. Technical
Answer:
D. Technical
Q: Siobhan is an (ISC)² member who works for Triffid Corporation as a security analyst.
Yesterday, Siobhan got a parking ticket while shopping after work. What should Siobhan do?
A. Inform (ISC)2
B. Pay the parking ticket
C. Inform supervisors at Triffid
D. Resign employment from Triffid
Answer:
B. Pay the parking ticket
Q: Hoshi is an (ISC)² member who works for the Triffid Corporation as a data manager. Triffid
needs a new firewall solution, and Hoshi is asked to recommend a product for Triffid to acquire
and implement. Hoshi's cousin works for a firewall vendor; that vendor happens to make the best
firewall available. What should Hoshi do?
A. Recommend a different vendor/product
B. Recommend the cousin's product
C. Hoshi should ask to be recused from the task
D. Disclose the relationship, but recommend the vendor/product
Answer:
D. Disclose the relationship, but recommend the vendor/product
Q: Of the following, which would probably not be considered a threat?
A. Natural disaster
B. Unintentional damage to the system cause by a user
C. A laptop with sensitive data on it
D. An external attacker trying to gain unauthorized access to the environment
Answer:
C. A laptop with sensitive data on it
Q: Sophia is visiting Las Vegas and decides to put a bet on a particular number on a roulette
wheel. This is an example of _________.
A. Acceptance
B. Avoidance
C. Mitigation
D. Transference
Answer:
A. Acceptance
Q: In risk management concepts, a(n) ___________ is something or someone that poses risk to
an organization or asset.
A. Fear
B. Threat
C. Control
D. Asset
Answer:
B. Threat
Q: Who approves the incident response policy?
A. (ISC)2
B. Senior management
C. The security manager
D. Investor
Answer:
B. Senior management
Q: When should a business continuity plan (BCP) be activated?
A. As soon as possible
B. At the very beginning of a disaster
C. When senior management decides
D. When instructed to do so by regulators
Answer:
C. When senior management decides
Q: True or False? Business continuity planning is a reactive procedure that restores business
operations after a disruption occurs.
A. True
B. False
Answer:
B. False
Q: What is the goal of an incident response effort?
A. No incident ever happen
B. Reduce the impact of incidents on operations
C. Punish wrongdoers
D. Save money
Answer:
B. Reduce the impact of incidents on operations
Q: What is the risk associated with delaying resumption of full normal operations after a
disaster?
A. People might be put in danger
B. The impact of running alternate operations for extended periods
C. A new disaster might emerge
D. Competition
Answer:
B. The impact of running alternate operations for extended periods
Q: You are reviewing log data from a router; there is an entry that shows a user sent traffic
through the router at 11:45 am, local time, yesterday. This is an example of a(n) _______.
A. Incident
B. Event
C. Attack
D. Threat
Answer:
B. Event
Q: Which of the following are not typically involved in incident detection?
A. Users
B. Security analysts
C. Automated tools
D. Regulators
Answer:
D. Regulators
Q: Prachi works as a database administrator for Triffid, Inc. Prachi is allowed to add or delete
users, but is not allowed to read or modify the data in the database itself. When Prachi logs onto
the system, an access control list (ACL) checks to determine which permissions Prachi has.
In this situation, what is the database?
A. The object
B. The rule
Category | exam bundles |
Comments | 0 |
Rating | |
Sales | 0 |