WGU C845 (ISC)2 Certified in
Cybersecurity - Exam Prep
QUESTIONS AND VERIFIED
CORRECT ANSWERS
GRADED A+ LATEST 100%
GUARANTEED PASS
The Triffid document is a ______, and the SANS documents are ________. (D1, L1.4.2)
A) Law, policy
B) Policy, standard
C) Policy, law
D) Procedure, procedure - CORRECT ANSWER-B) Policy, standard
Zarma is an (ISC)² member and a security analyst for Triffid Corporation. One of Zarma's
colleagues is interested in getting an (ISC)2 certification and asks Zarma what the test questions
are like. What should Zarma do? (D1, L1.5.1)
A) Inform (ISC)²
B) Explain the style and format of the questions, but no detail
C) Inform the colleague's supervisor
D) Nothing - CORRECT ANSWER-B) Explain the style and format of the questions, but no detail
Of the following, which would probably not be considered a threat? (D1, L1.2.1)
,A) Natural disaster
B) Unintentional damage to the system caused by a user
C) A laptop with sensitive data on it
D) An external attacker trying to gain unauthorized access to the environment - CORRECT
ANSWER-C) A laptop with sensitive data on it
Siobhan is an (ISC)² member who works for Triffid Corporation as a security analyst. Yesterday,
Siobhan got a parking ticket while shopping after work. What should Siobhan do? (D1, L1.5.1)
A) Inform (ISC)²
B) Pay the parking ticket
C) Inform supervisors at Triffid
D) Resign employment from Triffid - CORRECT ANSWER-B) Pay the parking ticket
Which of the following is an example of a "something you are" authentication factor? (D1,
L1.1.1)
A) A credit card presented to a cash machine
B) Your password and PIN
C) A user ID
D) A photograph of your face - CORRECT ANSWER-D) A photograph of your face
For which of the following systems would the security concept of availability probably be most
important? (D1, L1.1.1)
A) Medical systems that store patient data
B) Retail records of past transactions
,C) Online streaming of camera feeds that display historical works of art in museums around the
world
D) Medical systems that monitor patient condition in an intensive care unit - CORRECT
ANSWER-D) Medical systems that monitor patient condition in an intensive care unit
In risk management concepts, a(n) _________ is something a security practitioner might need
to protect. (D1, L1.2.1)
A) Vulnerability
B) Asset
C) Threat
D) Likelihood - CORRECT ANSWER-B) Asset
Triffid Corporation has a policy that all employees must receive security awareness instruction
before using email; the company wants to make employees aware of potential phishing
attempts that the employees might receive via email. What kind of control is this instruction?
(D1, L1.3.1)
A) Administrative
B) Finite
C) Physical
D) Technical - CORRECT ANSWER-A) Administrative
What is the overall objective of a disaster recovery (DR) effort? (D2, L2.3.1)
A) Save money
B) Return to normal, full operations
C) Preserve critical business functions during a disaster
, D) Enhance public perception of the organization - CORRECT ANSWER-B) Return to normal, full
operations
True or False? Business continuity planning is a reactive procedure that restores business
operations after a disruption occurs.
A) True
B) False - CORRECT ANSWER-B) False
An attacker outside the organization attempts to gain access to the organization's internal files.
This is an example of a(n) ______. (D2, L2.1.1)
A) Intrusion
B) Exploit
C) Disclosure
D) Publication - CORRECT ANSWER-A) Intrusion
What is the most important goal of a business continuity effort? (D2, L2.2.1)
A) Ensure all IT systems function during a potential interruption
B) Ensure all business activities are preserved during a potential disaster
C) Ensure the organization survives a disaster
D) Preserve health and human safety - CORRECT ANSWER-D) Preserve health and human safety
What is the risk associated with resuming full normal operations too soon after a DR effort? (D2,
L2.3.1)
Cybersecurity - Exam Prep
QUESTIONS AND VERIFIED
CORRECT ANSWERS
GRADED A+ LATEST 100%
GUARANTEED PASS
The Triffid document is a ______, and the SANS documents are ________. (D1, L1.4.2)
A) Law, policy
B) Policy, standard
C) Policy, law
D) Procedure, procedure - CORRECT ANSWER-B) Policy, standard
Zarma is an (ISC)² member and a security analyst for Triffid Corporation. One of Zarma's
colleagues is interested in getting an (ISC)2 certification and asks Zarma what the test questions
are like. What should Zarma do? (D1, L1.5.1)
A) Inform (ISC)²
B) Explain the style and format of the questions, but no detail
C) Inform the colleague's supervisor
D) Nothing - CORRECT ANSWER-B) Explain the style and format of the questions, but no detail
Of the following, which would probably not be considered a threat? (D1, L1.2.1)
,A) Natural disaster
B) Unintentional damage to the system caused by a user
C) A laptop with sensitive data on it
D) An external attacker trying to gain unauthorized access to the environment - CORRECT
ANSWER-C) A laptop with sensitive data on it
Siobhan is an (ISC)² member who works for Triffid Corporation as a security analyst. Yesterday,
Siobhan got a parking ticket while shopping after work. What should Siobhan do? (D1, L1.5.1)
A) Inform (ISC)²
B) Pay the parking ticket
C) Inform supervisors at Triffid
D) Resign employment from Triffid - CORRECT ANSWER-B) Pay the parking ticket
Which of the following is an example of a "something you are" authentication factor? (D1,
L1.1.1)
A) A credit card presented to a cash machine
B) Your password and PIN
C) A user ID
D) A photograph of your face - CORRECT ANSWER-D) A photograph of your face
For which of the following systems would the security concept of availability probably be most
important? (D1, L1.1.1)
A) Medical systems that store patient data
B) Retail records of past transactions
,C) Online streaming of camera feeds that display historical works of art in museums around the
world
D) Medical systems that monitor patient condition in an intensive care unit - CORRECT
ANSWER-D) Medical systems that monitor patient condition in an intensive care unit
In risk management concepts, a(n) _________ is something a security practitioner might need
to protect. (D1, L1.2.1)
A) Vulnerability
B) Asset
C) Threat
D) Likelihood - CORRECT ANSWER-B) Asset
Triffid Corporation has a policy that all employees must receive security awareness instruction
before using email; the company wants to make employees aware of potential phishing
attempts that the employees might receive via email. What kind of control is this instruction?
(D1, L1.3.1)
A) Administrative
B) Finite
C) Physical
D) Technical - CORRECT ANSWER-A) Administrative
What is the overall objective of a disaster recovery (DR) effort? (D2, L2.3.1)
A) Save money
B) Return to normal, full operations
C) Preserve critical business functions during a disaster
, D) Enhance public perception of the organization - CORRECT ANSWER-B) Return to normal, full
operations
True or False? Business continuity planning is a reactive procedure that restores business
operations after a disruption occurs.
A) True
B) False - CORRECT ANSWER-B) False
An attacker outside the organization attempts to gain access to the organization's internal files.
This is an example of a(n) ______. (D2, L2.1.1)
A) Intrusion
B) Exploit
C) Disclosure
D) Publication - CORRECT ANSWER-A) Intrusion
What is the most important goal of a business continuity effort? (D2, L2.2.1)
A) Ensure all IT systems function during a potential interruption
B) Ensure all business activities are preserved during a potential disaster
C) Ensure the organization survives a disaster
D) Preserve health and human safety - CORRECT ANSWER-D) Preserve health and human safety
What is the risk associated with resuming full normal operations too soon after a DR effort? (D2,
L2.3.1)
