(ISC)2 Certified In Cybersecurity - Exam
Prep Questions With 100% Correct Answers
2024, 598 Questions and Correct Answers,
With Complete Solution.
Document specific requirements that a customer has about any aspect of a
vendor's service performance.
A) DLR
B) Contract
C) SLR
D) NDA
C) SLR (Service-Level Requirements)
_________ identifies and triages risks.
Risk Assessment
_________ are external forces that jeopardize security.
Threats
_________ are methods used by attackers.
Threat Vectors
_________ are the combination of a threat and a vulnerability.
Risks
We rank risks by _________ and _________.
Likelihood and impact
_________ use subjective ratings to evaluate risk likelihood and impact.
Qualitative Risk Assessment
_________ use objective numeric ratings to evaluate risk likelihood and impact.
Quantitative Risk Assessment
_________ analyzes and implements possible responses to control risk.
Risk Treatment
_________ changes business practices to make a risk irrelevant.
Risk Avoidance
_________ reduces the likelihood or impact of a risk.
Risk Mitigation
An organization's _________ is the set of risks that it faces.
Risk Profile
_________ Initial Risk of an organization.
Inherent Risk
_________ Risk that remains in an organization after controls.
Residual Risk
_________ is the level of risk an organization is willing to accept.
Risk Tolerance
_________ reduce the likelihood or impact of a risk and help identify issues.
,Security Controls
_________ stop a security issue from occurring.
Preventive Control
_________ identify security issues requiring investigation.
Detective Control
_________ remediate security issues that have occurred.
Recovery Control
Hardening == Preventative
Virus == Detective
Backups == Recovery
For exam (Local and Technical Controls are the same)
_________ use technology to achieve control objectives.
Technical Controls
_________ use processes to achieve control objectives.
Administrative Controls
_________ impact the physical world.
Physical Controls
_________ tracks specific device settings.
Configuration Management
_________ provide a configuration snapshot.
Baselines (track changes)
_________ assigns numbers to each version.
Versioning
_________ serve as important configuration artifacts.
Diagrams
_________ and _________ help ensure a stable operating environment.
Change and Configuration Management
Purchasing an insurance policy is an example of which risk management
strategy?
Risk Transference
What two factors are used to evaluate a risk?
Likelihood and Impact
What term best describes making a snapshot of a system or application at a point
in time for later comparison?
Baselining
What type of security control is designed to stop a security issue from occurring
in the first place?
Preventive
What term describes risks that originate inside the organization?
Internal
What four items belong to the security policy framework?
Policies, Standards, Guidelines, Procedures
_________ describe an organization's security expectations.
Policies (mandatory and approved at the highest level of an organization)
_________ describe specific security controls and are often derived from policies.
Standards (mandatory)
,_________ describe best practices.
Guidelines (recommendations/advice and compliance is not mandatory)
_________ step-by-step instructions.
Procedures (not mandatory)
_________ describe authorized uses of technology.
Acceptable Use Policies (AUP)
_________ describe how to protect sensitive information.
Data Handling Policies
_________ cover password security practices.
Password Policies
_________ cover use of personal devices with company information.
Bring Your Own Device (BYOD) Policies
_________ cover the use of personally identifiable information.
Privacy Policies
_________ cover the documentation, approval, and rollback of technology
changes.
Change Management Policies
Which element of the security policy framework includes suggestions that are not
mandatory?
Guidelines
What law applies to the use of personal information belonging to European Union
residents?
GDPR
What type of security policy normally describes how users may access business
information with their own devices?
BYOD Policy
_________ the set of controls designed to keep a business running in the face of
adversity, whether natural or man-made.
Business Continuity Planning (BCP)
BCP is also known as _________.
Continuity of Operations Planning (COOP)
Defining the BCP Scope:
What business activities will the plan cover? What systems will it cover? What controls
will it consider?
_________ identifies and prioritizes risks.
Business Impact Assessment
BCP in the cloud requires _________ between providers and customers.
Collaboration
_________ protects against the failure of a single component.
Redundancy
_________ identifies and removes SPOFs.
Single Point of Failure Analysis
_________ continues until the cost of addressing risks outweighs the benefit.
SPOF Analysis
_________ uses multiple systems to protect against service failure.
High Availability
, _________ makes a single system resilient against technical failures.
Fault Tolerance
_________ spreads demand across systems.
Load Balancing
3 Common Points of Failure in a system.
Power Supply, Storage Media, Networking
Disk Mirroring is which RAID level?
1
Disk striping with parity is which RAID level?
5 (uses 3 or more disks to store data)
What goal of security is enhanced by a strong business continuity program?
Availability
What is the minimum number of disk required to perform RAID level 5?
3
What type of control are we using if we supplement a single firewall with a
second standby firewall ready to assume responsibility if the primary firewall
fails?
High Availability
_________ provide structure during cybersecurity incidents.
Incident Response Plan
_________ describe the policies and procedures governing cybersecurity
incidents.
Incident Response Plans
_________ leads to strong incident response.
Prior Planning
Incident Response Plans should include:
Statement of Purpose, Strategies and goals for incident response, Approach to incident
response, Communication with other groups, Senior leadership approval
_________ should be consulted when developing a plan.
NIST SP 800-61
Incident response teams must have personnel available _________.
24/7
_________ is crucial to effective incident identification.
Monitoring
_________ security solution that collects information from diverse sources,
analyzes it for signs for security incidents and retains it for later use.
Security Incident and Event Management (SIEM)
The highest priority of a first responder must be containing damage through
_________.
Isolation
During an incident response, what is the highest priority of first responders?
Containing the damage
You are normally required to report security incidents to law enforcement if you
believe a law may have been violated. True or False
False
_________ restores normal operations as quickly as possible.
Prep Questions With 100% Correct Answers
2024, 598 Questions and Correct Answers,
With Complete Solution.
Document specific requirements that a customer has about any aspect of a
vendor's service performance.
A) DLR
B) Contract
C) SLR
D) NDA
C) SLR (Service-Level Requirements)
_________ identifies and triages risks.
Risk Assessment
_________ are external forces that jeopardize security.
Threats
_________ are methods used by attackers.
Threat Vectors
_________ are the combination of a threat and a vulnerability.
Risks
We rank risks by _________ and _________.
Likelihood and impact
_________ use subjective ratings to evaluate risk likelihood and impact.
Qualitative Risk Assessment
_________ use objective numeric ratings to evaluate risk likelihood and impact.
Quantitative Risk Assessment
_________ analyzes and implements possible responses to control risk.
Risk Treatment
_________ changes business practices to make a risk irrelevant.
Risk Avoidance
_________ reduces the likelihood or impact of a risk.
Risk Mitigation
An organization's _________ is the set of risks that it faces.
Risk Profile
_________ Initial Risk of an organization.
Inherent Risk
_________ Risk that remains in an organization after controls.
Residual Risk
_________ is the level of risk an organization is willing to accept.
Risk Tolerance
_________ reduce the likelihood or impact of a risk and help identify issues.
,Security Controls
_________ stop a security issue from occurring.
Preventive Control
_________ identify security issues requiring investigation.
Detective Control
_________ remediate security issues that have occurred.
Recovery Control
Hardening == Preventative
Virus == Detective
Backups == Recovery
For exam (Local and Technical Controls are the same)
_________ use technology to achieve control objectives.
Technical Controls
_________ use processes to achieve control objectives.
Administrative Controls
_________ impact the physical world.
Physical Controls
_________ tracks specific device settings.
Configuration Management
_________ provide a configuration snapshot.
Baselines (track changes)
_________ assigns numbers to each version.
Versioning
_________ serve as important configuration artifacts.
Diagrams
_________ and _________ help ensure a stable operating environment.
Change and Configuration Management
Purchasing an insurance policy is an example of which risk management
strategy?
Risk Transference
What two factors are used to evaluate a risk?
Likelihood and Impact
What term best describes making a snapshot of a system or application at a point
in time for later comparison?
Baselining
What type of security control is designed to stop a security issue from occurring
in the first place?
Preventive
What term describes risks that originate inside the organization?
Internal
What four items belong to the security policy framework?
Policies, Standards, Guidelines, Procedures
_________ describe an organization's security expectations.
Policies (mandatory and approved at the highest level of an organization)
_________ describe specific security controls and are often derived from policies.
Standards (mandatory)
,_________ describe best practices.
Guidelines (recommendations/advice and compliance is not mandatory)
_________ step-by-step instructions.
Procedures (not mandatory)
_________ describe authorized uses of technology.
Acceptable Use Policies (AUP)
_________ describe how to protect sensitive information.
Data Handling Policies
_________ cover password security practices.
Password Policies
_________ cover use of personal devices with company information.
Bring Your Own Device (BYOD) Policies
_________ cover the use of personally identifiable information.
Privacy Policies
_________ cover the documentation, approval, and rollback of technology
changes.
Change Management Policies
Which element of the security policy framework includes suggestions that are not
mandatory?
Guidelines
What law applies to the use of personal information belonging to European Union
residents?
GDPR
What type of security policy normally describes how users may access business
information with their own devices?
BYOD Policy
_________ the set of controls designed to keep a business running in the face of
adversity, whether natural or man-made.
Business Continuity Planning (BCP)
BCP is also known as _________.
Continuity of Operations Planning (COOP)
Defining the BCP Scope:
What business activities will the plan cover? What systems will it cover? What controls
will it consider?
_________ identifies and prioritizes risks.
Business Impact Assessment
BCP in the cloud requires _________ between providers and customers.
Collaboration
_________ protects against the failure of a single component.
Redundancy
_________ identifies and removes SPOFs.
Single Point of Failure Analysis
_________ continues until the cost of addressing risks outweighs the benefit.
SPOF Analysis
_________ uses multiple systems to protect against service failure.
High Availability
, _________ makes a single system resilient against technical failures.
Fault Tolerance
_________ spreads demand across systems.
Load Balancing
3 Common Points of Failure in a system.
Power Supply, Storage Media, Networking
Disk Mirroring is which RAID level?
1
Disk striping with parity is which RAID level?
5 (uses 3 or more disks to store data)
What goal of security is enhanced by a strong business continuity program?
Availability
What is the minimum number of disk required to perform RAID level 5?
3
What type of control are we using if we supplement a single firewall with a
second standby firewall ready to assume responsibility if the primary firewall
fails?
High Availability
_________ provide structure during cybersecurity incidents.
Incident Response Plan
_________ describe the policies and procedures governing cybersecurity
incidents.
Incident Response Plans
_________ leads to strong incident response.
Prior Planning
Incident Response Plans should include:
Statement of Purpose, Strategies and goals for incident response, Approach to incident
response, Communication with other groups, Senior leadership approval
_________ should be consulted when developing a plan.
NIST SP 800-61
Incident response teams must have personnel available _________.
24/7
_________ is crucial to effective incident identification.
Monitoring
_________ security solution that collects information from diverse sources,
analyzes it for signs for security incidents and retains it for later use.
Security Incident and Event Management (SIEM)
The highest priority of a first responder must be containing damage through
_________.
Isolation
During an incident response, what is the highest priority of first responders?
Containing the damage
You are normally required to report security incidents to law enforcement if you
believe a law may have been violated. True or False
False
_________ restores normal operations as quickly as possible.
