100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
ISC2 CC Exam Questions With 100% Correct Answers 2024/CC ISC2 Flashcards. 139 Questions and Correct Answers, With Complete Solution. CA$19.59   Add to cart

Exam (elaborations)

ISC2 CC Exam Questions With 100% Correct Answers 2024/CC ISC2 Flashcards. 139 Questions and Correct Answers, With Complete Solution.

 14 views  0 purchase
  • Course
  • Institution

ISC2 CC Exam Questions With 100% Correct Answers 2024/CC ISC2 Flashcards. 139 Questions and Correct Answers, With Complete Solution. What is MAC (Mandatory Access Control)? The operating system determines who gets access to resources. Much more restricted, not used as much. Which of the follow...

[Show more]

Preview 2 out of 15  pages

  • March 11, 2024
  • 15
  • 2023/2024
  • Exam (elaborations)
  • Questions & answers
avatar-seller
ISC2 CC Exam Questions With 100% Correct
Answers 2024/CC ISC2 Flashcards. 139
Questions and Correct Answers, With Complete
Solution.
What is MAC (Mandatory Access Control)?

The operating system determines who gets access to resources. Much more restricted, not used as
much.

Which of the following is a detection control?:
Bollards
Turnstiles
Firewalls
Smoke sensors

Smoke sensors. By definition, smoke detectors are fire protection devices employed for the early
detection of fire. Firewalls are devices that filter incoming traffic, and are a type of logical preventive
control. Bollards and turnstiles are types of physical preventive controls.

Which of the following is NOT an ethical canon of the ISC2?
-Advance and protect the profession
-Act honorably, honestly, justly, responsibly and legally
-Protect society, the common good, necessary public trust and confidence, and the infrastructure
-Provide active and qualified service to principal

Provide active and qualified service to principal. In the code of ethics, we read "Provide diligent and
competent service to principals", and not "Provide active and qualified service to principals."; all the
other options are valid canons of the code of ethics (see ISC2 Study Guide Chapter 1, Module 5).

Which of the following is a data handling policy procedure?
-Transform
-Destroy
-Encode
-Collect

Destroy. The data handling procedures are 'Classify', 'Categorize', 'Label', 'Store', 'Encrypt', 'Backup', and
'Destroy' (see ISC2 Study Guide, chapter 5, module 3).

Which of the following properties is NOT guaranteed by Digital Signatures?
-Non-Repudiation
-Confidentiality
-Authentication
-Integrity

, Confidentiality. A digital signature is the result of a cryptographic transformation of data which is useful
for providing: data origin authentication, data integrity, and non-repudiation of the signer (see NIST SP
800-12 Rev. 1 under Digital Signature). However, digital signatures cannot guarantee confidentiality (i.e.
the property of data or information not being made available or disclosed).

Which type of attack has the PRIMARY objective controlling the system from outside?
-Cross-Site Scripting
-Rootkits
-Trojans
-Backdoors

Backdoors. Trojans and Rootkits are often used to install backdoors. A backdoor is a malicious feature
that listens for commands on a specific logical port (TCP or UDP) and executes them on the attacked
system or device, thereby giving direct control of the system or device to a malicious outside entity (or
program). Cross-Site Scripting can execute code with the same permissions as the scripts generated by
the target website, compromising the confidentiality and integrity of data transfers between the website
and the client.

Which of the following is an example of an administrative security control?
-Acceptable Use Policies
-No entry signs
-Badge Readers
-Access Control Lists

Acceptable Use Policies. Policies are a type of administrative security controls. An access control list is a
type of technical security control. A badge reader and a 'No entry' sign are types of physical security
controls (see ISC2 Study Guide, Chapter 1, Module 3).

The process of verifying or proving the user's identification is known as:
-Integrity
-Authentication
-Authorization
-Confidentiality

Authentication. Authentication is the verification of the identity of a user, process or device, as a
prerequisite to allowing access to the resources in a given system. In contrast, authorization refers to the
permission granted to users, processes or devices to access specific assets. Confidentiality and integrity
are properties of information and systems, not processes.

A web server that accepts requests from external clients should be placed in which network?
DMZ
Intranet
Internal Network
VPN

DMZ. In Cybersecurity, a DMZ (demilitarized zone) is a physical or logical subnetwork that contains and
exposes external-facing services (such as web services). An Internal Network is an organization-
controlled network that is isolated from external access. An Intranet is itself an internal network that

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller ACADEMICAIDSTORE. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for CA$19.59. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

79223 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling

Recently viewed by you


CA$19.59
  • (0)
  Add to cart