Exam (elaborations)
ISC2 CERTIFIED IN CYBERSECURITY (CC) PRACTICE EXAM QUESTIONS
- Course
- Institution
ISC2 CERTIFIED IN CYBERSECURITY (CC) PRACTICE EXAM QUESTIONS
[Show more]
Content preview
ISC2 CERTIFIED IN CYBERSECURITY (CC) PRACTICE EXAM QUESTIONS A vendor sells a particular operating system (OS). In order to deploy the OS securely ondifferent platforms, the vendor publishes several sets of instructions on how to install it, depending on which platform the customer is using. This is an example of ______.
A. Law
B. Procedure
C. Standard
D. Policy - answer- B. Procedure
Which of the following are not typically involved in incident detection?
A. Users
B. Security analysts
C. Automated tools
D. Regulators - answer- D. Regulators
Prachi works as a database administrator for Triffid, Inc. Prachi is allowed to add or delete users, but is not allowed to read or modify the data in the database itself. When Prachi logs onto the system, an access control list (ACL) checks to determine which permissions Prachi has.
In this situation, what is the database?
A. The object
B. The rule
C. The subject
D. The site - answer- The object
Gelbi is a Technical Support analyst for Triffid, Inc. Gelbi sometimes is required to install
or remove software. Which of the following could be used to describe Gelbi's account?
A. Privileged
B. Internal
C. External
D. User - answer- A. Privileged
A human guard monitoring a hidden camera could be considered a ______ control.
A. Detective
B. Preventive
C. Deterrent
D. Logical - answer- A. Detective
In order for a biometric security to function properly, an authorized person's physiological data must be ______.
A. Broadcast
B. Stored
C. Deleted D. Modified - answer- B. Stored
A _____ is a record of something that has occurred.
A. Biometric
B. Law
C. Log
D. Firewall - answer- C. Log
Trina and Doug both work at Triffid, Inc. Doug is having trouble logging into the network.
Trina offers to log in for Doug, using Trina's credentials, so that Doug can get some work done.
What is the problem with this?
A. Doug is a bad person
B. If Trina logs in for Doug, then Doug will never be encouraged to remember credential
without assistance
C. Anything either of them do will be attributed to Trina
D. It is against the law - answer- C. Anything either of them do will be attributed to Trina
Which of the following is a biometric access control mechanism?
A. A badge reader
B. A copper key
C. A fence with razor on it
D. A door locked by a voiceprint identifier - answer- D. A door locked by a voiceprint identifier
Which of the following statements is true?
A. Logical access controls can protect the IT environment perfectly; there is no reason to deploy any other controls.
B. Physical access controls can protect the IT environment perfectly; there is no reason to deploy any other controls.
C. Administrative access controls can protect the IT environment perfectly; there is no reason to deploy any other controls.
D. It is best to use a blend of controls in order to provide optimum security. - answer- D. It is best to use a blend of controls in order to provide optimum security.
Which of the following would be considered a logical access control?
A. An iris reader that allows an employee to enter a controlled area.
B. A fingerprint reader that allows an employee to enter a controlled area.
C. A fingerprint reader that allows an employee to access a laptop computer.
D. A chain attached to a laptop computer that connects it to furniture so it cannot be taken. - answer- C. A fingerprint reader that allows an employee to access a laptop computer.
Which of the following is probably most useful at the perimeter of a property?
A. A safe
B. A fence C. A data center
D. A centralized log storage facility - answer- B. A fence
Handel is a senior manager at Triffid, Inc., and is in charge of implementing a new access control scheme for the company. Handel wants to ensure that employees who are assigned to new positions in the company do not retain whatever access they had in
their old positions. Which method should Handel select?
A. Role-based access controls (RBAC)
B. Mandatory access controls (MAC)
C. Discretionary access controls (DAC)
D. Logging - answer- A. Role-based access controls (RBAC)
Prina is a database manager. Prina is allowed to add new users to the database, remove current users and create new usage functions for the users. Prina is not allowed
to read the data in the fields of the database itself. This is an example of:
A. Role-based access controls (RBAC)
B. Mandatory access controls (MAC)
C. Discretionary access controls (DAC)
D. Alleviating threat access controls (ATAC) - answer- A. Role-based access controls (RBAC)
Gary is unable to log in to the production environment. Gary tries three times and is then locked out of trying again for one hour. Why?
A. Gary is being punished
B. The network is tired
C. Users remember their credentials if they are given time to think about it
D. Gary's actions look like an attack - answer- D. Gary's actions look like an attack
Larry and Fern both work in the data center. In order to enter the data center to begin their workday, they must both present their own keys (which are different) to the key reader, before the door to the data center opens.
Which security concept is being applied in this situation?
A. Defense in depth
B. Segregation of duties
C. Least privilege
D. Dual control - answer- D. Dual control
Prachi works as a database administrator for Triffid, Inc. Prachi is allowed to add or delete users, but is not allowed to read or modify the data in the database itself. When Prachi logs onto the system, an access control list (ACL) checks to determine which permissions Prachi has.
In this situation, what is Prachi?
A. The subject
B. The rule
C. The file
D. The object - answer- A. The subject
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Greaterheights. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.99. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
73243 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now