ISC2 CC
"Wiring _____" is a common term meaning "a place where wires/conduits are
often run, and equipment can be placed, in order to facilitate the use of local
networks." (D4.3 L4.3.1)
Question options:
A)
Shelf
B)
Closet
C)
Bracket
✅✅
D)
House - -"Wiring closet" is the common term used to described small
spaces, typically placed on each floor of a building, where IT infrastructure can
be placed. A, C and D are incorrect; these are not common terms used in this
manner.
(ISC)² publishes a Common Body of Knowledge (CBK) that IT security
practitioners should be familiar with; this is recognized throughout the industry as
a set of material that is useful for practitioners to refer to. Certifications can be
issued for demonstrating expertise in this Common Body of Knowledge. What
kind of document is the Common Body of Knowledge? (D1, L1.4.1)
Question options:
A)
Policy
B)
Procedure
C)
Standard
✅✅
D)
Law - -C is correct. The Common Body of Knowledge is used throughout
the industry, recognized among many people, countries and organizations. This
is a standard. A is incorrect; the CBK is not a set of internal rules used for a
particular organization; it is used throughout the industry. B is incorrect. The CBK
is not a process that is followed; it is a set of information. D is incorrect; the CBK
is not mandated by a governmental body.
,A _____ is a record of something that has occurred. (D3, L3.2.1)
Question options:
A)
Biometric
B)
Law
C)
Log
✅✅
D)
Firewall - -C is correct. This is a description of a log. A is incorrect;
"biometrics" is a term used to describe access control systems that use
physiological traits of individuals in order to grant/deny access. B is incorrect;
laws are legal mandates. D is incorrect; a firewall is a device for filtering traffic.
A bollard is a post set securely in the ground in order to prevent a vehicle from
entering an area or driving past a certain point. Bollards are an example of
______ controls. (D1, L1.3.1)
Question options:
A)
Physical
B)
Administrative
C)
Drastic
✅✅
D)
Technical - -A is correct. A bollard is a tangible object that prevents a
physical act from occurring; this is a physical control. B and D are incorrect
because the bollard is a physical control, not administrative or technical. C is
incorrect: "drastic" is not a term commonly used to describe a particular type of
security control, and is used here only as a distractor.
A chief information security officer (CISO) at a large organization documented a
policy that establishes the acceptable use of cloud environments for all staff. This
is an example of a: (D1, L1.3.1)
Question options:
A)
,Management/Administrative control
B)
Technical control
C)
Physical control
D)
✅✅
Cloud control
Hide question 1 feedback - -Correct. Policies, standards, processes,
procedures and guidelines set by corporate administrative entities (e.g.,
executive- and/or mid-level management) are management/administrative
controls.
A cloud arrangement whereby the provider owns and manages the hardware,
operating system, and applications in the cloud, and the customer owns the data.
(D4.3 L4.3.2)
Question options:
A)
Infrastructure as a service (IaaS)
B)
Morphing as a service (MaaS)
C)
Platform as a service (PaaS)
✅✅
D)
Software as a service (SaaS) - -Hide question 8 feedback
Incorrect. In PaaS, the customer typically owns the applications.
A common network device used to filter traffic. (D4.1 L4.1.1)
Question options:
A)
Server
B)
Endpoint
C)
Ethernet
✅✅
D)
Firewall - -Correct. This is the purpose of a firewall.
, A device typically accessed by multiple users, often intended for a single
purpose, such as managing email or web pages. (D4.1 L4.1.1)
Question options:
A)
Router
B)
Switch
C)
Server
✅✅
D)
Laptop - -A server typically offers a specific service, such as hosting web
pages or managing email, and is often accessed by multiple users. C is the
correct answer. A and B are incorrect; routers and switches are used to vector
network traffic, not to provide specific services. D is incorrect; a laptop is typically
only assigned to a single user.
A portion of the organization's network that interfaces directly with the outside
world; typically, this exposed area has more security controls and restrictions
than the rest of the internal IT environment. (D4.3 L4.3.3)
Question options:
A)
National Institute of Standards and Technology (NIST)
B)
Demilitarized zone (DMZ)
C)
Virtual private network (VPN)
✅✅
D)
Virtual local area network (VLAN) - -Hide question 9 feedback
Correct. DMZ is the term we typically use to describe an outward-facing portion
of the IT environment owned by an organization.
A security solution installed on an endpoint in order to detect potentially
anomalous activity. (D4.2 L4.2.2)
Question options:
A)
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller modockochieng06. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for £6.48. You're not tied to anything after your purchase.