(ISC)2 Certified in Cybersecurity - Exam Prep Newest
2026 Questions and Correct Detailed Answers Already
Graded A+
Backups == Recovery - CORRECT ANSWER-For exam (Local and Technical
Controls are the same)
_________ use technology to achieve control objectives. - CORRECT ANSWER-
Technical Controls
_________ use processes to achieve control objectives. - CORRECT ANSWER-
Administrative Controls
_________ impact the physical world. - CORRECT ANSWER-Physical Controls
_________ tracks specific device settings. - CORRECT ANSWER-Configuration
Management
_________ provide a configuration snapshot. - CORRECT ANSWER-Baselines
(track changes)
,_________ assigns numbers to each version. - CORRECT ANSWER-Versioning
_________ serve as important configuration artifacts. - CORRECT ANSWER-
Diagrams
Document specific requirements that a customer has about any aspect of a
vendor's service performance.
A) DLR
B) Contract
C) SLR
D) NDA - CORRECT ANSWER-C) SLR (Service-Level Requirements)
_________ identifies and triages risks. - CORRECT ANSWER-Risk Assessment
_________ are external forces that jeopardize security. - CORRECT ANSWER-
Threats
_________ are methods used by attackers. - CORRECT ANSWER-Threat
Vectors
,_________ are the combination of a threat and a vulnerability. - CORRECT
ANSWER-Risks
We rank risks by _________ and _________. - CORRECT ANSWER-Likelihood
and impact
_________ use subjective ratings to evaluate risk likelihood and impact. -
CORRECT ANSWER-Qualitative Risk Assessment
_________ use objective numeric ratings to evaluate risk likelihood and impact. -
CORRECT ANSWER-Quantitative Risk Assessment
_________ analyzes and implements possible responses to control risk. -
CORRECT ANSWER-Risk Treatment
_________ changes business practices to make a risk irrelevant. - CORRECT
ANSWER-Risk Avoidance
_________ reduces the likelihood or impact of a risk. - CORRECT ANSWER-Risk
Mitigation
, An organization's _________ is the set of risks that it faces. - CORRECT
ANSWER-Risk Profile
_________ Initial Risk of an organization. - CORRECT ANSWER-Inherent Risk
_________ Risk that remains in an organization after controls. - CORRECT
ANSWER-Residual Risk
_________ is the level of risk an organization is willing to accept. - CORRECT
ANSWER-Risk Tolerance
_________ reduce the likelihood or impact of a risk and help identify issues. -
CORRECT ANSWER-Security Controls
_________ stop a security issue from occurring. - CORRECT ANSWER-
Preventive Control
_________ identify security issues requiring investigation. - CORRECT
ANSWER-Detective Control
2026 Questions and Correct Detailed Answers Already
Graded A+
Backups == Recovery - CORRECT ANSWER-For exam (Local and Technical
Controls are the same)
_________ use technology to achieve control objectives. - CORRECT ANSWER-
Technical Controls
_________ use processes to achieve control objectives. - CORRECT ANSWER-
Administrative Controls
_________ impact the physical world. - CORRECT ANSWER-Physical Controls
_________ tracks specific device settings. - CORRECT ANSWER-Configuration
Management
_________ provide a configuration snapshot. - CORRECT ANSWER-Baselines
(track changes)
,_________ assigns numbers to each version. - CORRECT ANSWER-Versioning
_________ serve as important configuration artifacts. - CORRECT ANSWER-
Diagrams
Document specific requirements that a customer has about any aspect of a
vendor's service performance.
A) DLR
B) Contract
C) SLR
D) NDA - CORRECT ANSWER-C) SLR (Service-Level Requirements)
_________ identifies and triages risks. - CORRECT ANSWER-Risk Assessment
_________ are external forces that jeopardize security. - CORRECT ANSWER-
Threats
_________ are methods used by attackers. - CORRECT ANSWER-Threat
Vectors
,_________ are the combination of a threat and a vulnerability. - CORRECT
ANSWER-Risks
We rank risks by _________ and _________. - CORRECT ANSWER-Likelihood
and impact
_________ use subjective ratings to evaluate risk likelihood and impact. -
CORRECT ANSWER-Qualitative Risk Assessment
_________ use objective numeric ratings to evaluate risk likelihood and impact. -
CORRECT ANSWER-Quantitative Risk Assessment
_________ analyzes and implements possible responses to control risk. -
CORRECT ANSWER-Risk Treatment
_________ changes business practices to make a risk irrelevant. - CORRECT
ANSWER-Risk Avoidance
_________ reduces the likelihood or impact of a risk. - CORRECT ANSWER-Risk
Mitigation
, An organization's _________ is the set of risks that it faces. - CORRECT
ANSWER-Risk Profile
_________ Initial Risk of an organization. - CORRECT ANSWER-Inherent Risk
_________ Risk that remains in an organization after controls. - CORRECT
ANSWER-Residual Risk
_________ is the level of risk an organization is willing to accept. - CORRECT
ANSWER-Risk Tolerance
_________ reduce the likelihood or impact of a risk and help identify issues. -
CORRECT ANSWER-Security Controls
_________ stop a security issue from occurring. - CORRECT ANSWER-
Preventive Control
_________ identify security issues requiring investigation. - CORRECT
ANSWER-Detective Control
