10/16/25, 2:04 PM (ISC)2 Certified in Cyber Security Practice Exam Questions With Correct Answers 2025 | 100% RATED CORRECT Flashcards |
Q…
(ISC)2 Certified in Cyber Security Practice Exam
Questions With Correct Answers 2025 | 100%
RATED CORRECT
C
Terms in this set (211)
1. Protect society and infrastructure (Hacking)
2. Act honourably, justly and within laws (Lying)
What are the 4 (ISC)2 Codes of
3. Serve principles diligently and competently (Fulfil your duties)
Ethics?
4. Advance the information security profession (Helping cheat exams)
1. Snooping (gathering information that is left out in the open)
2. Dumpster Diving (Looking through trash
What are the 5 confidentiality for information) 3· Eavesdropping
concerns? (CIA) 4· Wiretapping (Electronic Eavesdropping)
5· Social Engineering (psychological tricks to persuade
employee to give it or give access to information)
1· Unauthorized Modification (Attackers make changes
without permission) 2· Impersonation
What are the 4 Integrity 3· Man-in-the-Middle (MITM) (Attackers place the themselves
Concerns? (CIA)
in the middle of communication sessions)
4· Replay (Attackers eavesdrop on logins and reuse the captured credentials)
1· Denial of Service
(DoS) 2· Power
What are the 5 Availability Outages
Concerns? (CIA)
3· Hardware
Failures 4·
Destruction
5· Service Outages
1. Identification (Username)
What are the 3 mains steps of the
2. Authentication (Password)
Access Control Process?
3. Authorization (Access Control List)
1. Length
What are the 4 password 2. Complexity
requirements to ensure security? 3. Expiration
4. History
https://quizlet.com/989184209/isc2-certified-in-cyber-security-practice-exam-questions-with-correct-answers-2025-100-rated-correct-flash-cards/ 1/
15
, 10/16/25, 2:04 PM (ISC)2 Certified in Cyber Security Practice Exam Questions With Correct Answers 2025 | 100% RATED CORRECT Flashcards |
Q…
What is a useful tool Password Managers
for security passwords?
1. Protecting Organisation Data
What are the 3 mains privacy
2. Educating users to protect own data
concerns of an organisation?
3. Protecting users data
What are the 2 main types of 1. PII - Personally Identifiable Information
private information? 2. PHI - Protected Health Information
The reasonable expectation of privacy
What precedent determines many
laws that govern information
e.g., Emailing? = Yes, Posting on YouTube? = No
protection?
1. Identification
What are the 3 steps of the
2. Assessment
risk management process?
3.Treatment
1. Internal Risks
What are the three main areas of 2. External Risks
Risk? 3. Multiparty Risks (Lots of threat actors - Intellectual theft)
What is the equation for Likelihood + Impact = Risk Level
determining risk?
1. Qualitative Techniques (RAG)
What are the 2 types of risk
assessment? 2. Quantitative Techniques (numeric ratings)
1. Avoidance
2. Transference
What are the 4 types of risk
3. Mitigation
treatment?
4. Acceptance
What term do we use to define Risk Profile
the
combination of risks that an
organisation faces?
What are the three types of risk 1. Inherent risk (Initial level of risk - prior to controls)
that are associated with the state 2. Residual risk (Level of risk - post controls)
of their 3. Control risk (New risk that may be caused by controls)
remediation?
1. Prevent
What are the 3 control stages of
2. Detect
risk management?
3. Correct
1. Technical (Firewalls, encryption, antivirus)
What are the 3 control
2. Administrative (Access reviews, background checks)
mechanisms of risk management?
3. Physical (Walls, fences, locks, security guard)
What term do we use to define Configuration management
https://quizlet.com/989184209/isc2-certified-in-cyber-security-practice-exam-questions-with-correct-answers-2025-100-rated-correct-flash-cards/ 2/
15
Q…
(ISC)2 Certified in Cyber Security Practice Exam
Questions With Correct Answers 2025 | 100%
RATED CORRECT
C
Terms in this set (211)
1. Protect society and infrastructure (Hacking)
2. Act honourably, justly and within laws (Lying)
What are the 4 (ISC)2 Codes of
3. Serve principles diligently and competently (Fulfil your duties)
Ethics?
4. Advance the information security profession (Helping cheat exams)
1. Snooping (gathering information that is left out in the open)
2. Dumpster Diving (Looking through trash
What are the 5 confidentiality for information) 3· Eavesdropping
concerns? (CIA) 4· Wiretapping (Electronic Eavesdropping)
5· Social Engineering (psychological tricks to persuade
employee to give it or give access to information)
1· Unauthorized Modification (Attackers make changes
without permission) 2· Impersonation
What are the 4 Integrity 3· Man-in-the-Middle (MITM) (Attackers place the themselves
Concerns? (CIA)
in the middle of communication sessions)
4· Replay (Attackers eavesdrop on logins and reuse the captured credentials)
1· Denial of Service
(DoS) 2· Power
What are the 5 Availability Outages
Concerns? (CIA)
3· Hardware
Failures 4·
Destruction
5· Service Outages
1. Identification (Username)
What are the 3 mains steps of the
2. Authentication (Password)
Access Control Process?
3. Authorization (Access Control List)
1. Length
What are the 4 password 2. Complexity
requirements to ensure security? 3. Expiration
4. History
https://quizlet.com/989184209/isc2-certified-in-cyber-security-practice-exam-questions-with-correct-answers-2025-100-rated-correct-flash-cards/ 1/
15
, 10/16/25, 2:04 PM (ISC)2 Certified in Cyber Security Practice Exam Questions With Correct Answers 2025 | 100% RATED CORRECT Flashcards |
Q…
What is a useful tool Password Managers
for security passwords?
1. Protecting Organisation Data
What are the 3 mains privacy
2. Educating users to protect own data
concerns of an organisation?
3. Protecting users data
What are the 2 main types of 1. PII - Personally Identifiable Information
private information? 2. PHI - Protected Health Information
The reasonable expectation of privacy
What precedent determines many
laws that govern information
e.g., Emailing? = Yes, Posting on YouTube? = No
protection?
1. Identification
What are the 3 steps of the
2. Assessment
risk management process?
3.Treatment
1. Internal Risks
What are the three main areas of 2. External Risks
Risk? 3. Multiparty Risks (Lots of threat actors - Intellectual theft)
What is the equation for Likelihood + Impact = Risk Level
determining risk?
1. Qualitative Techniques (RAG)
What are the 2 types of risk
assessment? 2. Quantitative Techniques (numeric ratings)
1. Avoidance
2. Transference
What are the 4 types of risk
3. Mitigation
treatment?
4. Acceptance
What term do we use to define Risk Profile
the
combination of risks that an
organisation faces?
What are the three types of risk 1. Inherent risk (Initial level of risk - prior to controls)
that are associated with the state 2. Residual risk (Level of risk - post controls)
of their 3. Control risk (New risk that may be caused by controls)
remediation?
1. Prevent
What are the 3 control stages of
2. Detect
risk management?
3. Correct
1. Technical (Firewalls, encryption, antivirus)
What are the 3 control
2. Administrative (Access reviews, background checks)
mechanisms of risk management?
3. Physical (Walls, fences, locks, security guard)
What term do we use to define Configuration management
https://quizlet.com/989184209/isc2-certified-in-cyber-security-practice-exam-questions-with-correct-answers-2025-100-rated-correct-flash-cards/ 2/
15
