Written by students who passed Immediately available after payment Read online or as PDF Wrong document? Swap it for free 4.6 TrustPilot
logo-home
Exam (elaborations)

(ISC)2 Practice Exam 2 Questions and Answers

Rating
-
Sold
-
Pages
8
Grade
A+
Uploaded on
13-09-2025
Written in
2025/2026

(ISC)2 Practice Exam 2 Questions and Answers

Institution
ICS
Course
ICS

Content preview

(ISC)2 Practice Exam 2 Questions and
Answers
When an attacker has obtained our sensitive data, and chooses to disclose it on a
website, which leg of the CIA triad would be MOST affected? - ANSWER-
Confidentiality.

When we use single-use passwords and one-time pads, we are using which type of
authentication? - ANSWER-Something you have.

Who would determine the risk appetite of our organization? - ANSWER-Senior
management.

In IT Security we are talking about something as an event, what does that mean? -
ANSWER-Something changed, neither negative or positive.

We are discussing our risk responses and we are considering not issuing our
employees laptops. What type of risk response would that be? - ANSWER-Risk
avoidance.

We are looking at our risk responses. We are considering buying insurance to cover
the gaps we have. Which type of response would that be? - ANSWER-Risk
transference

Which of these describes Type 1 authentication? - ANSWER-Something you know.

When we have our users hold their employee ID cards close to a reader, we are
using which technology? - ANSWER-Contactless cards.

Which of these is an example of a detective access control type? - ANSWER-Alarms

When we give our employees their annual corporate security training, which type of
control is that? - ANSWER-Administrative control.

In our access management, we would NEVER want to use group user accounts.
Why is that? - ANSWER-No accountability

When we are talking about the governance part of our organization, who are we
referring to? - ANSWER-Senior management.

In our organization we have a lot of policies, procedures, standards, and guidelines
we use to make our decisions. Which of them is non-mandatory? - ANSWER-
Guidelines.

, Looking at our information security governance, who would approve and sign off on
our policies? - ANSWER-Senior management.

After a disaster at our primary site, we are restoring functionality at our Disaster
Recovery (DR) site. Which applications would we get up and running LAST? -
ANSWER-Least critical.

When would be a time we should update our Business Continuity Plan (BCP) and its
sub plans outside of our annual cycle? - ANSWER-We had a disaster and we had a
lot of gaps in our plans.

We have updated our old Business Continuity Plan (BCP) and the new one is
approved and ready. What should we do next? - ANSWER-Distribute the new ones
and destroy the old ones.

As part of our Business Continuity Plan (BCP) and its sub-plans we want to ensure
we are redundant. Which of these is something we want to be redundant on? -
ANSWER-People.
Internet connections.
Power.
All of these.

Which subplan would we look at in our Business Continuity Plan (BCP) for dealing
with the press and alerting employees about disasters? - ANSWER-Crisis
Communications Plan (CCP)

When should we update our Business Continuity Plan (BCP) and its sub plans
outside of our annual cycle? - ANSWER-We changed major components of our
systems (new backup solution, new IP scheme).

Our main facility has been hit with a complete power outage and we need to set up a
temporary command and control center. What would we be deploying? - ANSWER-
Emergency Operations Center (EOC)

Within our organization, it is important that we have a layered defense strategy.
Which of these would be an example of a recovery access control? - ANSWER-
Backups.

When we list the Minimum Operating Requirements (MOR) for a system in our
business impact analysis (BIA), what should it contain? - ANSWER-Minimum specs
for the system to function.

As part of our disaster recovery planning, we are looking at an alternate site. We
would want it to take us somewhere between 4 hours and 2-3 days to be back up
operating on critical applications. Which type of Disaster Recovery site are we
considering? - ANSWER-Warm site.

We need to physically store sensitive data in a secure way. Which of these could be
an option that can easily be hidden? - ANSWER-Wall safe.

Written for

Institution
ICS
Course
ICS

Document information

Uploaded on
September 13, 2025
Number of pages
8
Written in
2025/2026
Type
Exam (elaborations)
Contains
Questions & answers

Subjects

$18.99
Get access to the full document:

Wrong document? Swap it for free Within 14 days of purchase and before downloading, you can choose a different document. You can simply spend the amount again.
Written by students who passed
Immediately available after payment
Read online or as PDF


Also available in package deal

Get to know the seller

Seller avatar
Reputation scores are based on the amount of documents a seller has sold for a fee and the reviews they have received for those documents. There are three levels: Bronze, Silver and Gold. The better the reputation, the more your can rely on the quality of the sellers work.
lectknancy Boston University
Follow You need to be logged in order to follow users or courses
Sold
326
Member since
2 year
Number of followers
27
Documents
26133
Last sold
6 days ago

3.7

79 reviews

5
38
4
13
3
11
2
4
1
13

Recently viewed by you

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their tests and reviewed by others who've used these notes.

Didn't get what you expected? Choose another document

No worries! You can instantly pick a different document that better fits what you're looking for.

Pay as you like, start learning right away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

Student with book image

“Bought, downloaded, and aced it. It really can be that simple.”

Alisha Student

Working on your references?

Create accurate citations in APA, MLA and Harvard with our free citation generator.

Working on your references?

Frequently asked questions