ISC2 Cybersecurity Certification Practice Exam Questions and Verified Answers| 100% Correct| Grade A (Latest 2024/ 2025)

ISC2 Cybersecurity Certification Practice Exam Questions and Verified Answers| 100% Correct| Grade A (Latest 2024/ 2025) Q: The senior leadership of Triffid Corporation decides that the best way to minimize liability for the company is to demonstrate the company's commitment to adopting best practices recognized throughout the industry. Triffid management issues a document that explains that Triffid will follow the best practices published by SANS, an industry body that addresses computer and information security. The Triffid document is a ______, and the SANS documents are ________. A) Law, policy B) Policy, standard C) Policy, law D) Procedure, procedure Answer: B) Policy, standard Q: Zarma is an (ISC)² member and a security analyst for Triffid Corporation. One of Zarma's colleagues is interested in getting an (ISC)2 certification and asks Zarma what the test questions are like. What should Zarma do? A) Inform (ISC)² B) Explain the style and format of the questions, but no detail C) Inform the colleague's supervisor D) Nothing Answer: B) Explain the style and format of the questions, but no detail Q: Of the following, which would probably not be considered a threat? A) Natural disaster B) Unintentional damage to the system caused by a user C) A laptop with sensitive data on it D) An external attacker trying to gain unauthorized access to the environment Answer: C) A laptop with sensitive data on it Q: Siobhan is an (ISC)² member who works for Triffid Corporation as a security analyst. Yesterday, Siobhan got a parking ticket while shopping after work. What should Siobhan do? (D1, L1.5. A) Inform (ISC)² B) Pay the parking ticket C) Inform supervisors at Triffid D) Resign employment from Triffid Answer: B) Pay the parking ticket Q: Which of the following is an example of a "something you are" authentication factor? A) A credit card presented to a cash machine B) Your password and PIN C) A user ID D) A photograph of your face Answer: D) A photograph of your face Q: For which of the following systems would the security concept of availability probably be most important? A) Medical systems that store patient data B) Retail records of past transactions C) Online streaming of camera feeds that display historical works of art in museums around the world D) Medical systems that monitor patient condition in an intensive care unit Answer: D) Medical systems that monitor patient condition in an intensive care unit Q: In risk management concepts, a(n) _________ is something a security practitioner might need to protect. A) Vulnerability B) Asset C) Threat D) Likelihood Answer: B) Asset Q: Triffid Corporation has a policy that all employees must receive security awareness instruction before using email; the company wants to make employees aware of potential phishing attempts that the employees might receive via email. What kind of control is this instruction? A) Administrative B) Finite C) Physical D) Technical Answer: A) Administrative Q: What is the overall objective of a disaster recovery (DR) effort? A) Save money B) Return to normal, full operations C) Preserve critical business functions during a disaster D) Enhance public perception of the organization Answer: B) Return to normal, full operations Q: True or False? Business continuity planning is a reactive procedure that restores business operations after a disruption occurs. A) True B) False Answer: B) False Q: An attacker outside the organization attempts to gain access to the organization's internal files. This is an example of a(n) ______. A) Intrusion B) Exploit C) Disclosure D) Publication Answer: A) Intrusion Q: What is the most important goal of a business continuity effort? A) Ensure all IT systems function during a potential interruption B) Ensure all business activities are preserved during a potential disaster C) Ensure the organization survives a disaster D) Preserve health and human safety Answer: D) Preserve health and human safety