Written by students who passed Immediately available after payment Read online or as PDF Wrong document? Swap it for free 4.6 TrustPilot
logo-home
Exam (elaborations)

(ISC)2 Certified in Cybersecurity - Exam Prep Questions with Verified Answers

Rating
-
Sold
-
Pages
63
Grade
A+
Uploaded on
13-09-2025
Written in
2025/2026

(ISC)2 Certified in Cybersecurity - Exam Prep Questions with Verified Answers

Institution
ICS
Course
ICS

Content preview

(ISC)2 Certified in Cybersecurity -
Exam Prep Questions with Verified
Answers
_________ and _________ help ensure a stable operating environment. -
ANSWER-Change and Configuration Management

Purchasing an insurance policy is an example of which risk management strategy? -
ANSWER-Risk Transference

What two factors are used to evaluate a risk? - ANSWER-Likelihood and Impact

What term best describes making a snapshot of a system or application at a point in
time for later comparison? - ANSWER-Baselining

What type of security control is designed to stop a security issue from occurring in
the first place? - ANSWER-Preventive

What term describes risks that originate inside the organization? - ANSWER-Internal

What four items belong to the security policy framework? - ANSWER-Policies,
Standards, Guidelines, Procedures

_________ describe an organization's security expectations. - ANSWER-Policies
(mandatory and approved at the highest level of an organization)

_________ describe specific security controls and are often derived from policies. -
ANSWER-Standards (mandatory)

_________ describe best practices. - ANSWER-Guidelines
(recommendations/advice and compliance is not mandatory)

_________ step-by-step instructions. - ANSWER-Procedures (not mandatory)

_________ describe authorized uses of technology. - ANSWER-Acceptable Use
Policies (AUP)

_________ describe how to protect sensitive information. - ANSWER-Data Handling
Policies

_________ cover password security practices. - ANSWER-Password Policies

,_________ cover use of personal devices with company information. - ANSWER-
Bring Your Own Device (BYOD) Policies

_________ cover the use of personally identifiable information. - ANSWER-Privacy
Policies

_________ cover the documentation, approval, and rollback of technology changes.
- ANSWER-Change Management Policies

Which element of the security policy framework includes suggestions that are not
mandatory? - ANSWER-Guidelines

What law applies to the use of personal information belonging to European Union
residents? - ANSWER-GDPR

What type of security policy normally describes how users may access business
information with their own devices? - ANSWER-BYOD Policy

_________ the set of controls designed to keep a business running in the face of
adversity, whether natural or man-made. - ANSWER-Business Continuity Planning
(BCP)

BCP is also known as _________. - ANSWER-Continuity of Operations Planning
(COOP)

Defining the BCP Scope: - ANSWER-What business activities will the plan cover?
What systems will it cover? What controls will it consider?

_________ identifies and prioritizes risks. - ANSWER-Business Impact Assessment

BCP in the cloud requires _________ between providers and customers. -
ANSWER-Collaboration

_________ protects against the failure of a single component. - ANSWER-
Redundancy

_________ identifies and removes SPOFs. - ANSWER-Single Point of Failure
Analysis

_________ continues until the cost of addressing risks outweighs the benefit. -
ANSWER-SPOF Analysis

_________ uses multiple systems to protect against service failure. - ANSWER-High
Availability

_________ makes a single system resilient against technical failures. - ANSWER-
Fault Tolerance

_________ spreads demand across systems. - ANSWER-Load Balancing

,3 Common Points of Failure in a system. - ANSWER-Power Supply, Storage Media,
Networking

Disk Mirroring is which RAID level? - ANSWER-1

Disk striping with parity is which RAID level? - ANSWER-5 (uses 3 or more disks to
store data)

What goal of security is enhanced by a strong business continuity program? -
ANSWER-Availability

What is the minimum number of disk required to perform RAID level 5? - ANSWER-3

What type of control are we using if we supplement a single firewall with a second
standby firewall ready to assume responsibility if the primary firewall fails? -
ANSWER-High Availability

_________ provide structure during cybersecurity incidents. - ANSWER-Incident
Response Plan

_________ describe the policies and procedures governing cybersecurity incidents. -
ANSWER-Incident Response Plans

_________ leads to strong incident response. - ANSWER-Prior Planning

Incident Response Plans should include: - ANSWER-Statement of Purpose,
Strategies and goals for incident response, Approach to incident response,
Communication with other groups, Senior leadership approval

_________ should be consulted when developing a plan. - ANSWER-NIST SP 800-
61

Incident response teams must have personnel available _________. - ANSWER-
24/7

_________ is crucial to effective incident identification. - ANSWER-Monitoring

_________ security solution that collects information from diverse sources, analyzes
it for signs for security incidents and retains it for later use. - ANSWER-Security
Incident and Event Management (SIEM)

The highest priority of a first responder must be containing damage through
_________. - ANSWER-Isolation

During an incident response, what is the highest priority of first responders? -
ANSWER-Containing the damage

You are normally required to report security incidents to law enforcement if you
believe a law may have been violated. True or False - ANSWER-False

, _________ restores normal operations as quickly as possible. - ANSWER-Disaster
Recovery

What are the initial response goals regarding Disaster Recovery? - ANSWER-
Contain the Damage, Recover normal operations

_________ is the amount of time to restore service. - ANSWER-Recovery Time
Objective (RTO)

_________ is the amount of data to recover. - ANSWER-Recovery Point Objective
(RPO)

_________ is the percentage of service to restore. - ANSWER-Recovery Service
Level (RSL)

_________ provide a data "safety net" - ANSWER-Backups

Types of Backup Media: - ANSWER-Tape backups, Disk-to-disk backups, Cloud
backups

_________ include a complete copy of all data. - ANSWER-Full Backups

_________ are types of full backups. - ANSWER-Snapshots and Images

_________ include all data modified since the last full backup. - ANSWER-
Differential Backups

_________ include all data modified since the last full or incremental backup. -
ANSWER-Incremental Backups

Joe performs full backups every Sunday evening and differential backups every
weekday evening. His system fails on Friday morning. What backups does he
restore? - ANSWER-Sunday's FULL backup (To establish a base), Thursday's
differential backup (To grab the latest data change)

Joe performs full backups every Sunday evening and incremental backups every
weekday evening. His system fails on Friday morning. What backups does he
restore? - ANSWER-Sunday's FULL backup (To establish a base), Monday,
Tuesday, Wednesday, and Thursday incremental backups

_________ provide alternate data processing. - ANSWER-Disaster Recovery Sites

Disaster Recovery Facility Sites: - ANSWER-Hot Site, Cold Site, Warm Site

_________ fully operational data centers stock with equipment an data and are
available at a moment's notice. Very expensive. - ANSWER-Hot Site

_________ empty data centers stock with core equipment, network, and
environmental controls but do not have servers. Relatively Inexpensive but can take
weeks or even months to become operational. - ANSWER-Colt Site

Written for

Institution
ICS
Course
ICS

Document information

Uploaded on
September 13, 2025
Number of pages
63
Written in
2025/2026
Type
Exam (elaborations)
Contains
Questions & answers

Subjects

$27.99
Get access to the full document:

Wrong document? Swap it for free Within 14 days of purchase and before downloading, you can choose a different document. You can simply spend the amount again.
Written by students who passed
Immediately available after payment
Read online or as PDF


Also available in package deal

Get to know the seller

Seller avatar
Reputation scores are based on the amount of documents a seller has sold for a fee and the reviews they have received for those documents. There are three levels: Bronze, Silver and Gold. The better the reputation, the more your can rely on the quality of the sellers work.
lectknancy Boston University
Follow You need to be logged in order to follow users or courses
Sold
326
Member since
2 year
Number of followers
27
Documents
26133
Last sold
6 days ago

3.7

79 reviews

5
38
4
13
3
11
2
4
1
13

Recently viewed by you

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their tests and reviewed by others who've used these notes.

Didn't get what you expected? Choose another document

No worries! You can instantly pick a different document that better fits what you're looking for.

Pay as you like, start learning right away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

Student with book image

“Bought, downloaded, and aced it. It really can be that simple.”

Alisha Student

Working on your references?

Create accurate citations in APA, MLA and Harvard with our free citation generator.

Working on your references?

Frequently asked questions