CC.....

When a company hires an insurance company to mitigate risk, which risk management technique is being applied?. risk tolerance. risk transfer. risk avoidance. risk mitigation.

According to the canon "Provide diligent and competent service to principals", ISC2 professionals are to: Avoid apparent or actual conflicts of interest. Treat all members fairly and,when resolving conflicts, consider public safety and duties to principals, individuals and the profession, in that order. Take care not to tarnish the reputation of other professionals through malice or indifference. Promote the understanding and acceptance of prudent information security measures.

Which of the following is an example of 2FA?. Keys. Badges. Passwords. one-Time passwords (OTA).

Which of these is NOT a change management component?. RFC. Rollbak. Approval. Governance.

Which device is used to connect a LAN to the Internet?. SIEM. Router. HIDS. Firewall.

Which of these types of user is LESS likely to have a privileged account?. Help Desk. System Administrator. External Worker. Security Analyst.

Which of these is the most efficient and effective way to test a business continuity plan?. simulations. reviews. discussions. walkthroughs.

Which access control model specifies access to an object based on the subject's role in the organization?. DAC. ABAC. MAC. RBAC.

If an organization wants to protect itself against tailgating, which of the following types of access control would be most effective?. Locks. Fences. Turnstiles. Barriers.

Which of the following is NOT an element of System Security Configuration Management?. Inventory. Baselines. Audit logs. Updates.

The cloud deployment model where a company has resources on-premise and in the cloud is known as: Multi-tenant. Community cloud. Hybrid cloud. Private cloud.

Which of the following is NOT an example of a physical security control?. Remote contro electronic locks. Security camaras. Firewalls. Biometric access controls.

If there is no time constraint, which protocol should be employed to establish a reliable connection between two devices?. UDP. SNMP. TCP. DHCP.

The predetermined set of instructions or procedures to sustain business operations after a disaster is commonly known as: Business Continuity Plan. Business Impact Plan. Disaster Recovery Plan. Business Impact Analysis.

Governments can impose financial penalties as a consequence of breaking a: Policy. Procedure. Standard. Regulation.

Which of the following is an example of an administrative security control?. Access Control lists. Badge Readers. No entry sings. Acceptable Use Policies.

Which of the following is a public IP?. 10.221.123.1. 13.16.123.1. 172.16.123.1. 192.168.123.1.

Which of the following is not a protocol of the OSI Level 3?. IGMP. IP. SNMP. ICMP.

A Security safeguard is the same as a: Security control. Security principle. Safety control. Privacy control.

In which cloud model does the cloud customer have LESS responsibility over the infrastructure? (★). SaaS. IaaS. PaaS. FaaS.

Logging and monitoring systems are essential to: Identifying efficient performing systems, labeling compromises, and providing a record of how systems are used. Identifying efficient performing systems, detecting compromises, and providing a record of how systems are used. Identifying inefficient performing systems, preventing compromises, and providing a record of how systems are used. Identifying inefficient performing systems, detecting compromises, and providing a record of how systems are used.

Risk Management is: The identification, evaluation and prioritization of risks. The creation of an incident response team. The assessment of the potential impact of a threat. The impact and likelihood of a threat.

The SMTP protocol operates at OSI Level: 7. 25. 3. 23.

Which of the following principles aims primarily at fraud detection?. Separation of Duties. Defense in Depth. Privileged Accounts. Least Privilege.

Which type of attack attempts to gain information by observing the device's power consumption? (★). Denials of Service. Cross site scripting. Side Channels. Trojans.

Which of the following is NOT a best practice in access management?. Request a justification when upgrading permission. Trust but verify. Periodically assess if user permissions still apply. Give only the right amount of permission.

If a company collects PII, which policy is required?. Remote Access Policy. GDPR. Privacy Policy. Acceptable Use Policy.

In the event of a disaster, what should be the PRIMARY objective? (★). Apply disaster communication. Protect the production database. Guarantee the safety of people. Guarantee the continuity of critical systems.

Which of these is not an attack against an IP network?. side-channel Attack. Fragmented Packet Attack. Man-in-the-middle Attack. Oversized Packet Attack.

Which departament in a company is not regularly involved in DRP. Public Relations. IT. Financial. Executives.

Which type of document outlines the procedures ensuring that vital company systems keep running during business-disrupting events?. Business Impact Plan. Business Impact Analysis. Disaster Recovery Plan. Business Continuity Plan.

Which of the folloeing id included in an SLA document?. Plan to keep business operations going while recovering from a significant disruption. A plan to prepare the organization for the continuation of critical business functions. Instructions to detect, respond to, and limit the consequences of a cyber-attack. Instructions on data ownership and destruction.

What is the most important difference between MAC and DAC?. In MAC, security administrators assign access permissions; in DAC, access permissions are set at the object owner's discretion. In MAC, security administrators set the roles for the users; in DAC, roles are set at the object owner's discretion. In MAC, access permissions are set at the object owner's discretion; in DAC, it is up to security administrators to assign access permissions. In MAC, security administrators assign access permissions; in DAC, security administrators set user roles.

Requiring a specific user role to access resources is an example of: RBAC. ABAC. MAC. DAC.

A security professional should report violations of a company's security policy to: National Authorities. A court of law. Company Management. The ISC Ethics Commitee.

Which of the following is NOT an ethical canon of the ISC2?. Protect society, the common good, necessary public trust and confidence, and the infrastructure. Advance and protect the profession. Act honorably, honestly, justly, responsibly and legally. Provide active and qualified service to principal.

Which of the following is an example of a technical security control?. Access control list. Fences. Turnstiles. Bollards.

Which type of attack embeds malicious payload inside a reputable or trusted software?. Croos-Site Scripting. Phishing. Trojans. Rootkits.

How many data labels are considered good practice?. 1. 2 - 3. > 4. 1 - 2.

Which type of attack has the PRIMARY objective controlling the system from outside?. Cross-Site Scripting. Backdoors. Trojans. Rootkits.

Which regulations address data protection and privacy in Europe?. SOX. GDPR. HIPAA. FISMA.

Which security principle states that a user should only have the necessary permission to execute a task?. Privileged Accounts. Least Privilege. Separation of duties. Defense in Depth.

Which of the following types of devices inspect packet header information to either allow or deny network traffic?. Hubs. Routers. Switches. Firewalls.

Which of these would be the best option if a network administrator needs to control access to a network?. NAC. SIEM. HIDS. IDS.

Which of the following properties is NOT guaranteed by Digital Signatures?. Authentication. Non-Repudiation. Confidentiality. Integrity.

Which of these has the PRIMARY objective of identifying and prioritizing critical business processes?. Business Continuity Plan. Business Impact Plan. Business Impact Analysis. Disaster Recovery Plan.

In order to find out whether personal tablet devices are allowed in the office, which of the following policies would be helpful to read?. BYOD. AUP. Change Management Policy. Privacy Policy.

In which of the following phases of an Incident Recovery Plan are incident responses prioritized?. Preparation. Detection And Analysis. Post-incident Activity. Contentment, Eradication, Recovery.

The Bell and LaPadula access control model is a form of: (★). DAC. RBAC. ABAC. MAC.

In which cloud deployment model do companies share resources and infrastructure on the cloud?. Private cloud. Hybrid cloud. Community cloud. Multi-tenant.

The magnitude of the harm expected as a result of the consequences of an unauthorized disclosure, modification, destruction, or loss of information, is known as the: impact. Vulnerability. Threat. Likelihood.

In which of the following access control models can the creator of an object delegate permission?. DAC. MAC. ABAC. RBAC.

A web server that accepts requests from external clients should be placed in which network?. Intranet. VPN. DMZ. Internal Network.

Sensitivity is a measure of the …: ... urgency and protection assigned to information by its owner. ... protection and timeliness assigned to information by its owner, or the purpose of representing its need for urgency. ... importance assigned to information by its owner, or the purpose of representing its need for protection. ... pertinence assigned to information by its owner, or the purpose of representing its need for urgency.

The last phase in the data security cycle is: Destruction. Archival. Backup. Encryption.

Which of the following is NOT a feature of a cryptographic hash function?. Deterministic. Unique. Useful. Reversible.

In Change Management, which component addresses the procedures needed to undo changes?. Disaster and Recover. Rollback. Request for Approval. Request for Change.

A biometric reader that grants access to a computer system in a data center is a: Authorization Control. Physical Control. Administrative Control. Technical Control.

The process that ensures that system changes do not adversely impact business operations is known as: Vulnerability Management. Change Management. Configuration Management. Inventory Management.

Which of the following is NOT a social engineering technique?. Quid pro quo. Double-dealing. Pretexting. Baiting.

Security posters are an element PRIMARILY employed in: (★). Incident Response Plans. Business Continuity Plans. Security Awareness. Physical Security Controls.

Which type of attack will most effectively maintain remote access and control over the victim's computer?. Cross-Site Scripting. Phishing. Rootkits. Trojans.

Which are the components of an incident response plan?. Preparation -> Detection and Analysis -> Containment -> Eradication -> Post-Incident Activity -> Recovery. Preparation -> Detection and Analysis -> Recovery -> Containment -> Eradication -> Post-Incident Activity. Preparation -> Detection and Analysis -> Eradication -> Recovery-> Containment -> Post-Incident Activity. Preparation -> Detection and Analysis -> Containment -> Eradication and Recovery-> Post-Incident Activity.

Which type of attack has the PRIMARY objective of encrypting devices and their data, and then demanding a ransom payment for the decryption key?. Cross-Site Scripting. Trojan. Phishing. Ransomware.

The process of verifying or proving the user's identification is known as: Integrity. Authorization. Confidentiality. Authentication.

Which of the following is a detection control?. Bollards. Firewalls. Smoke sensors. Turnstiles.

Which type of attack PRIMARILY aims to make a resource inaccessible to its intended users?. Denials of Service. Cross-Site Scripting. Phishing. Trojans.

In incident terminology, the meaning of Zero Day is: Days whit a cybersecurity incident. A previously unknown system vulnerability. Days to solve a previously unknown system vulnerability. Days without a cyberssecurity incident.

Which of the following Cybersecurity concepts guarantees that information is accessible only to those authorized to access it?. Non-repudiation. Authentication. Confidentiality. Accessibility.

What is the consequence of a Denial Of Service attack?. Increase in the availability of resources. Malware Infection. Remote control of a device. Exhaustion of device resources.

How many layers does the OSI model have?. 4. 6. 5. 7.

Which access control model can grant access to a given object based on complex rules?. ABAC. MAC. RBAC. DAC.

In the event of a disaster, which of these should be the PRIMARY objective? (★). Guarantee the continuity of critical systems. Application of disaster communication. Guarantee the safety of people. Protection of the production database.

Which of the following is less likely to be part of an incident response team?. Legal representatives. Human Resources. Representatives of senior management. Information security professionals.

Which of the following areas is the most distinctive property of PHI?. Confidentiality. Integrity. Non-Repudiation. Authentication.

The detailed steps to complete tasks supporting departmental or organizational policies are typically documented in: Procedures. Regulations. Policies. Standards.

Which tool is commonly used to sniff network traffic? (★). Nslookup. Burp Suite. John the Ripper. Wireshark.

Which of the following cloud models allows access to fundamental computer resources? (★). FaaS. PaaS. SaaS. IaaS.

According to ISC2, which are the six phases of data handling?. Create -> Share -> Store -> Use -> Archive -> Destroy. Create -> Store -> Use -> Share -> Archive -> Destroy. Create -> Use -> Store -> Share -> Archive -> Destroy. Create -> Share -> Use -> Store -> Archive -> Destroy.

A best practice of patch management is to: Apply all patches as quickly as possible. Test patches before applying them. Apply patches according to the vendor's reputation. Apply patches every Wednesday.

Which of the following is NOT a type of learning activity used in Security Awareness?. Education. Training. Tutorial. Awareness.

Which of these tools is commonly used to crack passwords? (★). John the Ripper. Burp Suite. Nslookup. Wireshark.

Malicious emails that aim to attack company executives are an example of: Whaling. Rootkits. Phishing. Trojans.

Which of the following areas is connected to PII?. Integrity. Confidentiality. Non-Repudiation. Authentication.

The implementation of Security Controls is a form of: Risk reduction. Risk transference. Risk avoidance. Risk acceptance.

Which of these is not an attack against an IP network?. Man-in-the-middle Attack. Oversized Packet Attack. Fragmented Packet Attack. Side-channel Attack.

Which devices have the PRIMARY objective of collecting and analyzing security events?. Routers. SIEM. Hubs. Firewalls.

Which of the following are NOT types of security controls?. Hybrid controls. Storage controls. Common controls. System-specific controls.

In risk management, the highest priority is given to a risk where: The frequency of occurrence is high, and the expected impact value is low. The expected probability of occurrence is low, and the potential impact is low. The frequency of occurrence is low, and the expected impact value is high. The expected probability of occurrence is high, and the potential impact is low.

An entity that acts to exploit a target organization’s system vulnerabilities is a: Attacker. Threat Actor. Threat Vector. Threat.

Which protocol uses a three-way handshake to establish a reliable connection?. SMTP. UDP. TCP. SNMP.

Which are the three packets used on the TCP connection handshake? (★). Offer -> Request -> ACK. SYN -> ACK -> FIN. Discover -> Offer -> Request. SYN -> SYN/ACK -> ACK.

Which type of attack attempts to trick the user into revealing personal information by sending a fraudulent message?. Cross-Site Scripting. Trojans. Denials os Service. Phishing.

What does SIEM mean?. System Information and Event Manager. Security Information and Enterprise Manager. Security Information and Event Manager. System Information and Enterprise Manager.

Which of the following documents contains elements that are NOT mandatory?. Procedures. Regulations. Policies. Guidelines.

Which of the following is NOT a possible model for an Incident Response Team (IRT)?. Leveraged. Pre-existing. Hybrid. Dedicated.

Which of the following is a data handling policy procedure?. Destroy. Transform. Encode. Collect.

Which devices would be more effective in detecting an intrusion into a network?. Routers. Firewalls. HIDS. NIDS.

A device found not to comply with the security baseline should be: Disabled or isolated into a quarantine area until it can be checked and updated. Placed in a demilitarized zone (DMZ) until it can be reviewed and updated. Marked as potentially vulnerable and placed in a quarantine area. Disabled or separated into a quarantine area until a virus scan can be run.

After an earthquake disrupting business operations, which document contains the procedures required to return business to normal operation?. The Business Continuity Plan. The Business Impact Analysis. The Disaster Recovery Plan. The Business Impact Plan.

Which access control is more effective at protecting a door against unauthorized access?. Turnstiles. Fences. Locks. Barriers.

The address 8be2:4382:8d84:7ce2:ec0f:3908:d29a:903a is an: Web address. Mac address. IPv6 address. IPv4 address.

Which of the following attacks take advantage of poor input validation in websites?. Trojans. Rootkits. Phishing. Cross-Site Scripting.

What is an effective way of hardening a system?. Patch the system. Run a vulnerability scan. Create a DMZ for web application services. Have an IDS in place.

An exploitable weakness or flaw in a system or component is a: Bug. Vulnerability. Threat. Risk.

Which port is used to secure communication over the web (HTTPS)?. 69. 25. 80. 443.

Which type of key can be used to both encrypt and decrypt the same message?. An asymmetric key. A symmetric key. A private key. A public key.

Which of these is the PRIMARY objective of a Disaster Recovery Plan?. Communicate to the responsible entities the damage caused to operations in the event of a disaster. Outline a safe escape procedure for the organization's personnel. Restore company operation to the last-known reliable operation state. Maintain crucial company operations in the event of a disaster.

Which concept describes an information security strategy that integrates people, technology and operations in order to establish security controls across multiple layers of the organization?. Separation of Duties. Privileged Accounts. Least Privilege. Defense in Depth.

Which of the following canons is found in the ISC2 code of ethics?. Protect society, the common good, and the infrastructure. Provide diligent and competent service to principals. Advance and promote the profession. Act honorably, honestly, safely and legally.