Written by students who passed Immediately available after payment Read online or as PDF Wrong document? Swap it for free 4.6 TrustPilot
logo-home
Exam (elaborations)

ISC2 Certified in Cybersecurity (CC) Practice Exam Questions with Correct Answers

Rating
-
Sold
-
Pages
24
Grade
A+
Uploaded on
13-09-2025
Written in
2025/2026

ISC2 Certified in Cybersecurity (CC) Practice Exam Questions with Correct Answers

Institution
ICS
Course
ICS

Content preview

ISC2 Certified in Cybersecurity (CC)
Practice Exam Questions with Correct
Answers
Triffid Corporation has a policy that all employees must receive security awareness
instruction before using email; the company wants to make employees aware of
potential phishing attempts that the employees might receive via email. What kind of
control is this instruction?
A. Administrative
B. Finite
C. Physical
D. Technical - ANSWER-A. Administrative

The Triffid Corporation publishes a strategic overview of the company's intent to
secure all the data the company possesses. This document is signed by Triffid
senior management. What kind of document is this?
A. Policy
B. Procedure
C. Standard
D. Law - ANSWER-A. Policy

Chad is a security practitioner tasked with ensuring that the information on the
organization's public website is not changed by anyone outside the organization.
This task is an example of ensuring _________.
A. Confidentiality
B. Integrity
C. Availability
D. Confirmation - ANSWER-B. Integrity

The city of Grampon wants to ensure that all of its citizens are protected from
malware, so the city council creates a rule that anyone caught creating and
launching malware within the city limits will receive a fine and go to jail. What kind of
rule is this?
A. Policy
B. Procedure
C. Standard
D. Law - ANSWER-D. Law

Zarma is an (ISC)² member and a security analyst for Triffid Corporation. One of
Zarma's colleagues is interested in getting an (ISC)2 certification and asks Zarma
what the test questions are like. What should Zarma do?
A. Inform (ISC)2
B. Explain the style and format of the questions, but no detail

,C. Inform the colleague's supervisor
D. Nothing - ANSWER-B. Explain the style and format of the questions, but no detail

Druna is a security practitioner tasked with ensuring that laptops are not stolen from
the organization's offices. Which sort of security control would probably be best for
this purpose?
A. Technical
B. Observe
C. Physical
D. Administrative - ANSWER-C. Physical

For which of the following assets is integrity probably the most important security
aspect?
A. One frame of a streaming video
B. The file that contains passwords used to authenticate users
C. The color scheme of a marketing website
D. Software that checks the spelling of product descriptions for a retail website -
ANSWER-B. The file that contains passwords used to authenticate users

Jengi is setting up security for a home network. Jengi decides to configure MAC
address filtering on the router, so that only specific devices will be allowed to join the
network. This is an example of a(n)_______ control.
A. Physical
B. Administrative
C. Substantial
D. Technical - ANSWER-D. Technical

Siobhan is an (ISC)² member who works for Triffid Corporation as a security analyst.
Yesterday, Siobhan got a parking ticket while shopping after work. What should
Siobhan do?
A. Inform (ISC)2
B. Pay the parking ticket
C. Inform supervisors at Triffid
D. Resign employment from Triffid - ANSWER-B. Pay the parking ticket

Hoshi is an (ISC)² member who works for the Triffid Corporation as a data manager.
Triffid needs a new firewall solution, and Hoshi is asked to recommend a product for
Triffid to acquire and implement. Hoshi's cousin works for a firewall vendor; that
vendor happens to make the best firewall available. What should Hoshi do?
A. Recommend a different vendor/product
B. Recommend the cousin's product
C. Hoshi should ask to be recused from the task
D. Disclose the relationship, but recommend the vendor/product - ANSWER-D.
Disclose the relationship, but recommend the vendor/product

Of the following, which would probably not be considered a threat?
A. Natural disaster
B. Unintentional damage to the system cause by a user
C. A laptop with sensitive data on it

, D. An external attacker trying to gain unauthorized access to the environment -
ANSWER-C. A laptop with sensitive data on it

Sophia is visiting Las Vegas and decides to put a bet on a particular number on a
roulette wheel. This is an example of _________.
A. Acceptance
B. Avoidance
C. Mitigation
D. Transference - ANSWER-A. Acceptance

In risk management concepts, a(n) ___________ is something or someone that
poses risk to an organization or asset.
A. Fear
B. Threat
C. Control
D. Asset - ANSWER-B. Threat

Who approves the incident response policy?
A. (ISC)2
B. Senior management
C. The security manager
D. Investor - ANSWER-B. Senior management

When should a business continuity plan (BCP) be activated?
A. As soon as possible
B. At the very beginning of a disaster
C. When senior management decides
D. When instructed to do so by regulators - ANSWER-C. When senior management
decides

True or False? Business continuity planning is a reactive procedure that restores
business operations after a disruption occurs.
A. True
B. False - ANSWER-B. False

What is the goal of an incident response effort?
A. No incident ever happen
B. Reduce the impact of incidents on operations
C. Punish wrongdoers
D. Save money - ANSWER-B. Reduce the impact of incidents on operations

What is the risk associated with delaying resumption of full normal operations after a
disaster?
A. People might be put in danger
B. The impact of running alternate operations for extended periods
C. A new disaster might emerge
D. Competition - ANSWER-B. The impact of running alternate operations for
extended periods

Written for

Institution
ICS
Course
ICS

Document information

Uploaded on
September 13, 2025
Number of pages
24
Written in
2025/2026
Type
Exam (elaborations)
Contains
Questions & answers

Subjects

$22.99
Get access to the full document:

Wrong document? Swap it for free Within 14 days of purchase and before downloading, you can choose a different document. You can simply spend the amount again.
Written by students who passed
Immediately available after payment
Read online or as PDF


Also available in package deal

Get to know the seller

Seller avatar
Reputation scores are based on the amount of documents a seller has sold for a fee and the reviews they have received for those documents. There are three levels: Bronze, Silver and Gold. The better the reputation, the more your can rely on the quality of the sellers work.
lectknancy Boston University
Follow You need to be logged in order to follow users or courses
Sold
326
Member since
2 year
Number of followers
27
Documents
26133
Last sold
1 week ago

3.7

79 reviews

5
38
4
13
3
11
2
4
1
13

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their tests and reviewed by others who've used these notes.

Didn't get what you expected? Choose another document

No worries! You can instantly pick a different document that better fits what you're looking for.

Pay as you like, start learning right away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

Student with book image

“Bought, downloaded, and aced it. It really can be that simple.”

Alisha Student

Working on your references?

Create accurate citations in APA, MLA and Harvard with our free citation generator.

Working on your references?

Frequently asked questions