100% tevredenheidsgarantie Direct beschikbaar na betaling Zowel online als in PDF Je zit nergens aan vast
Eerder door jou gezocht
ISC2 CC Exam Questions With 100% Correct Answers 2024/CC ISC2 Flashcards. 139 Questions and Correct Answers, With Complete Solution.€13,24
In winkelwagen
ISC2 CC Exam Questions With 100% Correct Answers 2024/CC ISC2 Flashcards. 139 Questions and Correct Answers, With Complete Solution.
14 keer bekeken 0 keer verkocht
Vak
ISC2 CC
Instelling
ISC2 CC
ISC2 CC Exam Questions With 100% Correct Answers 2024/CC ISC2 Flashcards. 139 Questions and Correct Answers, With Complete Solution.
What is MAC (Mandatory Access Control)?
The operating system determines who gets access to resources. Much more restricted, not used as much.
Which of the follow...
ISC2 CC Exam Questions With 100% Correct
Answers 2024/CC ISC2 Flashcards. 139
Questions and Correct Answers, With Complete
Solution.
What is MAC (Mandatory Access Control)?
The operating system determines who gets access to resources. Much more restricted, not used as
much.
Which of the following is a detection control?:
Bollards
Turnstiles
Firewalls
Smoke sensors
Smoke sensors. By definition, smoke detectors are fire protection devices employed for the early
detection of fire. Firewalls are devices that filter incoming traffic, and are a type of logical preventive
control. Bollards and turnstiles are types of physical preventive controls.
Which of the following is NOT an ethical canon of the ISC2?
-Advance and protect the profession
-Act honorably, honestly, justly, responsibly and legally
-Protect society, the common good, necessary public trust and confidence, and the infrastructure
-Provide active and qualified service to principal
Provide active and qualified service to principal. In the code of ethics, we read "Provide diligent and
competent service to principals", and not "Provide active and qualified service to principals."; all the
other options are valid canons of the code of ethics (see ISC2 Study Guide Chapter 1, Module 5).
Which of the following is a data handling policy procedure?
-Transform
-Destroy
-Encode
-Collect
Destroy. The data handling procedures are 'Classify', 'Categorize', 'Label', 'Store', 'Encrypt', 'Backup', and
'Destroy' (see ISC2 Study Guide, chapter 5, module 3).
Which of the following properties is NOT guaranteed by Digital Signatures?
-Non-Repudiation
-Confidentiality
-Authentication
-Integrity
, Confidentiality. A digital signature is the result of a cryptographic transformation of data which is useful
for providing: data origin authentication, data integrity, and non-repudiation of the signer (see NIST SP
800-12 Rev. 1 under Digital Signature). However, digital signatures cannot guarantee confidentiality (i.e.
the property of data or information not being made available or disclosed).
Which type of attack has the PRIMARY objective controlling the system from outside?
-Cross-Site Scripting
-Rootkits
-Trojans
-Backdoors
Backdoors. Trojans and Rootkits are often used to install backdoors. A backdoor is a malicious feature
that listens for commands on a specific logical port (TCP or UDP) and executes them on the attacked
system or device, thereby giving direct control of the system or device to a malicious outside entity (or
program). Cross-Site Scripting can execute code with the same permissions as the scripts generated by
the target website, compromising the confidentiality and integrity of data transfers between the website
and the client.
Which of the following is an example of an administrative security control?
-Acceptable Use Policies
-No entry signs
-Badge Readers
-Access Control Lists
Acceptable Use Policies. Policies are a type of administrative security controls. An access control list is a
type of technical security control. A badge reader and a 'No entry' sign are types of physical security
controls (see ISC2 Study Guide, Chapter 1, Module 3).
The process of verifying or proving the user's identification is known as:
-Integrity
-Authentication
-Authorization
-Confidentiality
Authentication. Authentication is the verification of the identity of a user, process or device, as a
prerequisite to allowing access to the resources in a given system. In contrast, authorization refers to the
permission granted to users, processes or devices to access specific assets. Confidentiality and integrity
are properties of information and systems, not processes.
A web server that accepts requests from external clients should be placed in which network?
DMZ
Intranet
Internal Network
VPN
DMZ. In Cybersecurity, a DMZ (demilitarized zone) is a physical or logical subnetwork that contains and
exposes external-facing services (such as web services). An Internal Network is an organization-
controlled network that is isolated from external access. An Intranet is itself an internal network that
Voordelen van het kopen van samenvattingen bij Stuvia op een rij:
Verzekerd van kwaliteit door reviews
Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!
Snel en makkelijk kopen
Je betaalt supersnel en eenmalig met iDeal, creditcard of Stuvia-tegoed voor de samenvatting. Zonder lidmaatschap.
Focus op de essentie
Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!
Veelgestelde vragen
Wat krijg ik als ik dit document koop?
Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.
Tevredenheidsgarantie: hoe werkt dat?
Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.
Van wie koop ik deze samenvatting?
Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper ACADEMICAIDSTORE. Stuvia faciliteert de betaling aan de verkoper.
Zit ik meteen vast aan een abonnement?
Nee, je koopt alleen deze samenvatting voor €13,24. Je zit daarna nergens aan vast.
