Notesale: Turn your study into money

Document Preview

Extracts from the notes are below, to see the PDF you'll receive please use the links above

---

ISC2 CERTIFIED IN CYBERSECURITY (CC): 2025–2026 PRACTICE EXAM
QUESTIONS WITH MOST TESTED QUESTIONS (HARVARD STYLE)
INCLUDES 2025–2026 UPDATED PRACTICE QUESTIONS FOR THE ISC2 CERTIFIED IN CYBERSECURITY
(CC) EXAM
...
QUESTIONS ARE BASED ON THE MOST
COMMONLY TESTED CONCEPTS AND INCLUDE HARVARD STYLE REFERENCING

A vendor sells a particular operating system (OS)
...
This is an example of ______
...
Law
B
...
Standard
D
...
Procedure

The city of Grampon wants to know where all its public vehicles (garbage trucks, police cars, etc
...
What kind of control is this?
A
...
Entrenched
C
...
Technical - CORRECT ANSWER-D
...
The danger posed by the disaster might still be present
B
...
Regulators might disapprove
D
...
The danger posed by the disaster
might still be present

All of the following are important ways to practice an organization disaster recovery (DR) effort;
which one is the most important?
A
...
Facility evacuation drills

C
...
Running the alternate operating site to determine if it could handle critical function in time of
emergency - CORRECT ANSWER-B
...
Alternate work areas for personnel affected by a natural disaster
B
...
Last year's budget information
D
...
Alternate work areas for personnel affected
by a natural disaster

What is the overall objective of a disaster recovery (DR) effort?
A
...
Return to normal, full operations
C
...
Enhance public perception of the organization - CORRECT ANSWER-B
...
This
is an example of a(n) ______
...
Intrusion
B
...
Disclosure
D
...
Intrusion

What is the goal of Business Continuity efforts?
A
...
Impress customers
C
...
Keep critical business functions operational - CORRECT ANSWER-D
...
Personnel preference
B
...
Industry standards
D
...
Applicable laws

Handel is a senior manager at Triffid, Inc
...
Handel wants to ensure that operational managers have the utmost
personal choice in determining which employees get access to which systems/data
...
Role-based access control (RBAC)
B
...
Discretionary access control (DAC)
D
...
Discretionary access controls (DAC)

Which of the following is not an appropriate control to add to privileged accounts?
A
...
Multifactor authentication
C
...
Security deposit - CORRECT ANSWER-D
...
Prachi is allowed to add or delete users, but
is not allowed to read or modify the data in the database itself
...

In this situation, what is the ACL?
A
...
The object
C
...
The firmware - CORRECT ANSWER-C
...

A
...
Photographed
C
...
Required to wear protective equipment - CORRECT ANSWER-C
...
Software-based firewall at the perimeter of the network
B
...
Network switches that filter according to MAC addresses
D
...
A lock on a door
Network traffic originating from outside the organization might be admitted to the internal IT
environment or blocked at the perimeter by a ________
...
Turnstile
B
...
Vacuum
D
...
Firewall

Trina is a security practitioner at Triffid, Inc
...
After doing some research, Trina selects a particular
product
...
This is a description of:
A
...
Segregation of duties
C
...
Defense in depth - CORRECT ANSWER-B
...
Lack of accuracy
B
...
Retention of physiological data past the point of employment
D
...
Lack of accuracy

Handel is a senior manager at Triffid, Inc
...
Handel wants to ensure that employees transferring from one department
to another, getting promoted, or cross-training to new positions can get access to the different assets
they'll need for their new positions, in the most efficient manner
...
Role-based access control (RBAC)
B
...
Discretionary access control (DAC)
D
...
Role-based access controls (RBAC)

At Parvi's place of work, the perimeter of the property is surrounded by a fence; there is a gate with
a guard at the entrance
...
Sensitive data and media are kept in safes when not in use
...
Two-person integrity
B
...
Defense in depth
D
...
Defense in depth

Bruce is the branch manager of a bank
...
Which access control
methodology would allow Bruce to make this determination?
A
...
Discretionary access control (DAC)
C
...
Defense-in-depth - CORRECT ANSWER-B
...
Controls useful for managing visitors include all of
the following except:
A
...
Fence
C
...
Receptionist - CORRECT ANSWER-B
...
When Suvid attempts to log in to the production environment, a message
appears stating that Suvid has to reset the password
...
Suvid broke the law
B
...
Suvid made the manager angry
D
...
Suvid's password has expired

Prachi works as a database administrator for Triffid, Inc
...
When Prachis logs onto the system,
an access control list (ACL) checks to determine which permissions Prachi has
...
Defense in depth
B
...
Two-person integrity
D
...
Least privilege

Which of the following roles does not typically require privileged account access?
A
...
Data entry professional
C
...
Help desk technician - CORRECT ANSWER-B
...
Mandatory access control (MAC)
B
...
Role-based access control (RBAC)
D
...
Mandatory access control (MAC)

Which of the following is not a typical benefit of cloud computing services?

A
...
Metered usage
C
...
Freedom from legal constraints - CORRECT ANSWER-D
...
"
A
...
Closet
C
...
House - CORRECT ANSWER-B
...

A
...
DMZ
C
...
RBAC - CORRECT ANSWER-B
...
What kind of control is the process of putting the documents into the safe?
A
...
Tangential
C
...
Technical - CORRECT ANSWER-A
...
Triffid Corporation
creates a checklist of activities employees must follow while working with hazardous materials inside
Grampon city limits
...

A
...
Standard, law
C
...
Policy, standard
E
...
Law, procedure

Which of the following is an example of a "something you know" authentication factor?
A
...
Password
C
...
Iris scan - CORRECT ANSWER-B
...
After
attending a few online sessions, Tina learns that some participants in the group are sharing malware
with each other, in order to use it against other organizations online
...
Nothing
B
...
Report the group to law enforcement
D
...
Stop participating

A bollard is a post set securely in the ground in order to prevent a vehicle from entering an area or
driving past a certain point
...

A
...
Administrative
C
...
Technical - CORRECT ANSWER-A
...
What kind of control is this instruction?
A
...
Finite
C
...
Technical - CORRECT ANSWER-A
...
This document is signed by Triffid senior management
...
Policy
B
...
Standard
D
...
Policy

Chad is a security practitioner tasked with ensuring that the information on the organization's public
website is not changed by anyone outside the organization
...

A
...
Integrity
C
...
Confirmation - CORRECT ANSWER-B
...
What kind of rule is this?
A
...
Procedure
C
...
Law - CORRECT ANSWER-D
...
One of Zarma's colleagues is
interested in getting an (ISC)2 certification and asks Zarma what the test questions are like
...
Inform (ISC)2
B
...
Inform the colleague's supervisor
D
...
Explain the style and format of the questions, but no detail

Druna is a security practitioner tasked with ensuring that laptops are not stolen from the
organization's offices
...
Technical
B
...
Physical
D
...
Physical

For which of the following assets is integrity probably the most important security aspect?
A
...
The file that contains passwords used to authenticate users
C
...
Software that checks the spelling of product descriptions for a retail website - CORRECT

ANSWER-B
...
Jengi decides to configure MAC address filtering on
the router, so that only specific devices will be allowed to join the network
...

A
...
Administrative
C
...
Technical - CORRECT ANSWER-D
...
Yesterday,
Siobhan got a parking ticket while shopping after work
...
Inform (ISC)2
B
...
Inform supervisors at Triffid
D
...
Pay the parking ticket

Hoshi is an (ISC)² member who works for the Triffid Corporation as a data manager
...
Hoshi's cousin works for a firewall vendor; that vendor happens to make the best firewall
available
...
Recommend a different vendor/product
B
...
Hoshi should ask to be recused from the task
D
...

Disclose the relationship, but recommend the vendor/product

Of the following, which would probably not be considered a threat?
A
...
Unintentional damage to the system cause by a user
C
...
An external attacker trying to gain unauthorized access to the environment - CORRECT

ANSWER-C
...
This
is an example of _________
...
Acceptance
B
...
Mitigation
D
...
Acceptance

In risk management concepts, a(n) ___________ is something or someone that poses risk to an
organization or asset
...
Fear
B
...
Control
D
...
Threat

Who approves the incident response policy?
A
...
Senior management

C
...
Investor - CORRECT ANSWER-B
...
As soon as possible
B
...
When senior management decides
D
...
When senior management
decides

True or False? Business continuity planning is a reactive procedure that restores business operations
after a disruption occurs
...
True
B
...
False

What is the goal of an incident response effort?
A
...
Reduce the impact of incidents on operations
C
...
Save money - CORRECT ANSWER-B
...
People might be put in danger
B
...
A new disaster might emerge
D
...
The impact of running alternate operations for extended
periods

You are reviewing log data from a router; there is an entry that shows a user sent traffic through the
router at 11:45 am, local time, yesterday
...

A
...
Event
C
...
Threat - CORRECT ANSWER-B
...
Users
B
...
Automated tools
D
...
Regulators

Prachi works as a database administrator for Triffid, Inc
...
When Prachi logs onto the system, an
access control list (ACL) checks to determine which permissions Prachi has
...
The object
B
...
The subject
D
...
Gelbi sometimes is required to install or remove
software
...
Privileged
B
...
External
D
...
Privileged

A human guard monitoring a hidden camera could be considered a ______ control
...
Detective
B
...
Deterrent
D
...
Detective

In order for a biometric security to function properly, an authorized person's physiological data must
be ______
...
Broadcast
B
...
Deleted
D
...
Stored

A _____ is a record of something that has occurred
...
Biometric
B
...
Log
D
...
Log

Trina and Doug both work at Triffid, Inc
...
Trina offers
to log in for Doug, using Trina's credentials, so that Doug can get some work done
...
Doug is a bad person
B
...
Anything either of them do will be attributed to Trina
D
...
Anything either of them do will be attributed to
Trina

Which of the following is a biometric access control mechanism?
A
...
A copper key
C
...
A door locked by a voiceprint identifier - CORRECT ANSWER-D
...
Logical access controls can protect the IT environment perfectly; there is no reason to deploy any
other controls
...
Physical access controls can protect the IT environment perfectly; there is no reason to deploy any
other controls
...
Administrative access controls can protect the IT environment perfectly; there is no reason to
deploy any other controls
...
It is best to use a blend of controls in order to provide optimum security
...
It is best to use a blend of controls in order to provide optimum security
...
An iris reader that allows an employee to enter a controlled area
...
A fingerprint reader that allows an employee to enter a controlled area
...
A fingerprint reader that allows an employee to access a laptop computer
...
A chain attached to a laptop computer that connects it to furniture so it cannot be taken
...
A fingerprint reader that allows an employee to access a laptop
computer
...
A safe
B
...
A data center
D
...
A fence

Handel is a senior manager at Triffid, Inc
...
Handel wants to ensure that employees who are assigned to new positions
in the company do not retain whatever access they had in their old positions
...
Role-based access controls (RBAC)
B
...
Discretionary access controls (DAC)
D
...
Role-based access controls (RBAC)

Prina is a database manager
...
Prina is not allowed to read the data in the fields of the
database itself
...
Role-based access controls (RBAC)
B
...
Discretionary access controls (DAC)
D
...
Role-based access controls
(RBAC)

Gary is unable to log in to the production environment
...
Why?
A
...
The network is tired
C
...
Gary's actions look like an attack - CORRECT ANSWER-D
...
In order to enter the data center to begin their workday,
they must both present their own keys (which are different) to the key reader, before the door to the
data center opens
...
Defense in depth
B
...
Least privilege
D
...
Dual control

Prachi works as a database administrator for Triffid, Inc
...
When Prachi logs onto the system, an
access control list (ACL) checks to determine which permissions Prachi has
...
The subject
B
...
The file
D
...
The subject

Tekila works for a government agency
...
" Every person in the agency is assigned a "clearance" level, which determines
the classification of data each person can access
...
MAC (mandatory access control)
B
...
RBAC (role-based access control
D
...
MAC (mandatory access control)

Guillermo logs onto a system and opens a document file
...
The subject
B
...
The process
D
...
The subject

A tool that monitors local devices to reduce potential threats from hostile software
...
NIDS (network-based intrusion-detection systems
B
...
DLP (data loss prevention)
D
...
Anti-malware

Inbound traffic from an external source seems to indicate much higher rates of communication than
normal, to the point where the internal systems might be overwhelmed
...
Firewall
B
...
Anti-malware
D
...
Firewall

Ludwig is a security analyst at Triffid, Inc
...
Which of the following might be the attack
Ludwig sees?
A
...
Spoofing
C
...
An insider sabotaging the power supply - CORRECT ANSWER-A
...
Gary is able to get access to the communication wire between Dauphine's
machine and Linda's machine and can then surveil the traffic between the two when they're
communicating
...
Side channel
B
...
On-path
D
...
On-path

A VLAN is a _____ method of segmenting networks
...
Secret
B
...
Regulated
D
...
Logical

Triffid, Inc
...
What is an
additional task necessary to ensure this control will function properly?
A
...
Update the anti-malware solution regularly
C
...
Alert the public that this protective measure has been taken - CORRECT ANSWER-B
...
Which of the following protocols would aid in this effort?

A
...
NTP (Network Time Protocol)
C
...
HTTP (Hypertext Transfer Protocol) - CORRECT ANSWER-B
...
Which of the following would be Barry's preferred
communication protocol if he wanted this activity to be efficient and secure?
A
...
FTP (File Transfer Protocol)
C
...
SNMP (Simple Network Management Protocol) - CORRECT ANSWER-C
...

A
...
HVAC
C
...
HVAC

A device typically accessed by multiple users, often intended for a single purpose, such as managing
email or web pages
...
Router
B
...
Server
D
...
Server

A tool that filters inbound traffic to reduce potential threats
...
NIDS (network-based intrusions-detection systems)
B
...
DLP (data loss prevention)
D
...
Firewall

Which of the following is one of the common ways potential attacks are often identified?
A
...
Victims notice excessive heat coming from their systems
C
...
Users report unusual systems activity/response to Help Desk or the security office - CORRECT

ANSWER-D
...

A
...
IoT
C
...
Firewall - CORRECT ANSWER-D
...
Bert searches the internet for a free
flashlight app, and downloads it to the phone
...
What kind of app is this?
A
...
Trojan
C
...
On-path - CORRECT ANSWER-B
...

A
...
Destruction
C
...
Hue - CORRECT ANSWER-C
...
Lunch as a service (LaaS)

B
...
Platform as a service (PaaS)
D
...
Software as a service (SaaS)

A device that filters network traffic in order to enhance overall security/performance
...
Endpoint
B
...
MAC (media access control)
D
...
Firewall

A means to allow remote users to have secure access to the internal IT environment
...
Internet
B
...
MAC
D
...
VPN

Proper alignment of security policy and business goals within the organization is important because:
A
...
Security policy that conflicts with business goals can inhibit productivity
C
...
Security is more important than business - CORRECT ANSWER-B
...
1
B
...
8
D
...
4

Hashing is often used to provide _______
...
Confidentiality
B
...
Availability
D
...
Integrity

One of the benefits of computer-based training (CBT):
A
...
Scalable
C
...
Interacting with other participants - CORRECT ANSWER-B
...
as a security analyst
...
What type of
encryption should Bluga use?
A
...
Asymmetric encryption
C
...
Hashing - CORRECT ANSWER-B
...

A
...
The same characters
C
...
Different for the same inputs - CORRECT ANSWER-A
...
The security manager
B
...
Senior management
D
...
Senior management

Triffid, Inc
...
Which of the following methods are probably best for this
purpose?
A
...
Hashing
C
...
VLANs - CORRECT ANSWER-A
...

A
...
Provide due diligence
C
...
An informed user is a more secure user - CORRECT ANSWER-D
...

A
...
Baseline
C
...
Verification and audit - CORRECT ANSWER-D
...
1
B
...
8
D
...
1

Which of the following is probably the main purpose of configuration management?
A
...
Ensuring the organization adheres to privacy laws
C
...
Ensuring only authorized are made to the IT environment - CORRECT ANSWER-D
...

A
...
The regulators overseeing that industry
C
...
The Public Relations office - CORRECT ANSWER-A
...
Triffid management issues a document that explains that Triffid will follow
the best practices published by SANS, an industry body that addresses computer and information
security
...

A
...
Policy, standard
C
...
Procedure, procedure - CORRECT ANSWER-B
...
Phrenal has estimated the value of the laptop to
be $100, but has seen other laptops of similar type and quality sell for both more and less than that
amount
...
This is an example of ___________
...
Risk tolerance
B
...
Threat
D
...
Risk Tolerance

Kerpak works in the security office of a medium-sized entertainment company
...
This is an example of _______
...
Acceptance

B
...
Mitigation
D
...
Mitigation

Which of the following is an example of a "something you are" authentication factor?
A
...
Your password and PIN
C
...
A photograph of your face - CORRECT ANSWER-D
...
The PCI Council
issues rules that merchants must follow if the merchants choose to accept payment via credit card
...
This set of rules is a
_____
...
Law
B
...
Standard
D
...
Standard

A system that collects transactional information and stores it in a record in order to show which users
performed which actions is an example of providing ________
...
Non-repudiation
B
...
Biometrics
D
...
Non-repudiation

Within the organization, who can identify risk?
A
...
Any security team member
C
...
Anyone - CORRECT ANSWER-D
...
Glen receives an email from a company offering a set of answers for an
(ISC)² certification exam
...
Nothing
B
...
Inform law enforcement
D
...
Inform (ISC)²

Olaf is a member of (ISC)² and a security analyst for Triffid Corporation
...
Olaf knows that Triffid is not
adhering to that standard in that particular situation, but that saying this to the auditors will reflect
poorly on Triffid
...
Tell the auditors the truth
B
...
Ask (ISC)2 for guidance
D
...
Ask supervisors for guidance

The European Union (EU) law that grants legal protections to individual human privacy
...
The Privacy Human Rights Act
B
...
The Magna Carta
D
...
The General Data Protection Regulation

Aphrodite is a member of (ISC)² and a data analyst for Triffid Corporation
...
What should Aphrodite do?
A
...
Inform law enforcement
C
...
Nothing - CORRECT ANSWER-C
...
This is a type of ________ control
...
Physical
B
...
Passive
D
...
Technical

Steve is a security practitioner assigned to come up with a protective measure for ensuring cars don't
collide with pedestrians
...
Administrative
B
...
Physical
D
...
Physical

Which of the following probably poses the most risk?
A
...
A high-likelihood, low-impact event
C
...
A low-likelihood, low-impact event - CORRECT ANSWER-A
...
Certifications can be issued for demonstrating expertise in this Common Body of Knowledge
...
Policy
B
...
Standard
D
...
Standard

The Triffid Corporation publishes a policy that states all personnel will act in a manner that protects
health and human safety
...
This
detailed set of processes is a _________
...
Policy
B
...
Standard
D
...
Procedure

For which of the following systems would the security concept of availability probably be most
important?
A
...
Retail records of past transactions
C
...

D
...
Medical systems that monitor patient condition in an intensive care unit
Preenka works at an airport
...
This is an example of a(n)______ control
...
Physical
B
...
Critical
D
...
Administrative

In risk management concepts, a(n) _________ is something a security practitioner might need to
protect
...
Vulnerability
B
...
Threat
D
...
Asset

Triffid Corporation has a rule that all employees working with sensitive hardcopy documents must
put the documents into a safe at the end of the workday, where they are locked up until the
following workday
...
Administrative
B
...
Physical
D
...
Administrative

What is the most important goal of a business continuity effort?
A
...
Ensure all business activities are preserved during a potential disaster
C
...
Preserve health and human safety - CORRECT ANSWER-D
...
Lunch as a service (LaaS)
B
...
Platform as a service (PaaS)
D
...
Infrastructure as a service (IaaS)

Which common cloud deployment model typically features only a single customer's
data/functionality stored on specific systems/hardware?
A
...
Private
C
...
Hybrid - CORRECT ANSWER-B
...

A
...
Remote

C
...
Physical - CORRECT ANSWER-D
...

A
...
Internet Protocol (IP) address
C
...
Terminal address - CORRECT ANSWER-B
...

A
...
Anti-malware
C
...
Firewall - CORRECT ANSWER-C
...
Water
B
...
Oxygen-depletion
D
...
Water

Which of the following activities is usually part of the configuration management process, but is also
extremely helpful in countering potential attacks?
A
...
Conferences with senior leadership
C
...
The annual shareholders' systems - CORRECT ANSWER-C
...

A
...
Least privilege
C
...
Defense in depth - CORRECT ANSWER-D
...
Which of the following protocols is she probably using?
A
...
FTP (File Transfer Protocol)
C
...
HTTP (Hypertext Transfer Protocol) - CORRECT ANSWER-D
...

A
...
Anti-malware
C
...
SIEM - CORRECT ANSWER-D
...
, has many remote workers who use their own IT devices to process Triffid's information
...
Which of the following is probably most appropriate for this
specific purpose?
A
...
NIDS (network-based intrusion-detection systems)
C
...
Firewalls - CORRECT ANSWER-A
...
Water
B
...
Oxygen-depletion
D
...
Water

Carol is browsing the Web
...
12
B
...
247
D
...
80

Garfield is a security analyst at Triffid, Inc
...
What kind of attack could this be?
A
...
Side channel
C
...
Worm - CORRECT ANSWER-D
...
User's workplace laptop
B
...
Database engine
D
...
Mail server

When Pritha started working for Triffid, Inc
...
What policy was this?
A
...
The acceptable use policy (AUP)
C
...
The workplace attire policy - CORRECT ANSWER-B
...
, whether hardcopy or electronic, has a clear, 24-point word at
the top and bottom
...
"
This is an example of _____
...
Secrecy

B
...
Inverting
D
...
Labeling

An organization must always be prepared to ______ when applying a patch
...
Pay for the updated content
B
...
Settle lawsuits
D
...
Rollback

Security controls on log data should reflect ________
...
The organization's commitment to customer service
B
...
The price of the storage device
D
...
The sensitivity of the source
device

Archiving is typically done when _________
...
Data is ready to be destroyed
B
...
Data is not needed for regular work purposes
D
...
Data is not needed for regular work purposes

By far, the most crucial element of any security instruction program
...
Protect assets
B
...
Ensure availability of IT systems
D
...
Preserve health and human safety

Log data should be kept ______
...
On the device that the log data was captured from
B
...
In airtight containers
D
...
On a device other than
where it was captured

Data _____ is data left behind on systems/media after normal deletion procedures have been
attempted
...
Fragments
B
...
Remanence
D
...
Remanence

Data retention periods apply to ____ data
...
Medical
B
...
All
D
...
All

Dieter wants to send a message to Lupa and wants to be sure that Lupa knows the message has not
been modified in transit
...
Hashing
B
...
Symmetric encryption
D
...
Hashing

When data has reached the end of the retention period, it should be _____
...
Destroyed
B
...
Enhanced
D
...
Destroyed

Security needs to be provided to ____ data
...
Restricted
B
...
Private
D
...
All

Logs should be reviewed ______
...
Every Thursday
B
...
Once per calendar
D
...
Continually



---