Certified in Cybersecurity
Braindump CC ISC2
Braindump CC ISC2
Kartei Details
| Karten | 200 |
|---|---|
| Lernende | 19 |
| Sprache | English |
| Kategorie | Informatik |
| Stufe | Universität |
| Erstellt / Aktualisiert | 18.08.2023 / 11.06.2025 |
| Weblink |
https://card2brain.ch/box/20230818_certified_in_cybersecurity
|
| Einbinden |
<iframe src="https://card2brain.ch/box/20230818_certified_in_cybersecurity/embed" width="780" height="150" scrolling="no" frameborder="0"></iframe>
|
Lernkarteien erstellen oder kopieren
Mit einem Upgrade kannst du unlimitiert Lernkarteien erstellen oder kopieren und viele Zusatzfunktionen mehr nutzen.
Melde dich an, um alle Karten zu sehen.
Which method is COMMONLY used to map live hosts in the network?
A. Wireshark
B. Ping sweep
C. Geolocation
D. Traceroute
B
Which type of attack attempts to mislead the user into exposing personal information by sending
fraudulent emails?
A. Denial of Service
B. Trojans
C. Phishing
D. Cross-Site Scripting
C
Which part of the CIA Triad will be PRIMARILY jeopardized in a Distributed Denial Of Service (DDOS)
attack?
A. Integrity
B. Availability
C. Confidentiality
D. Accountability
B
When an incident occurs, which of these is not a PRIMARY responsibility of an organization's response
team?
A. Determining whether any confidential information has been compromised over the course of the
entire incident
B. Implementing the recovery procedures necessary to restore security and recover from any incident -
related damage
C. Communicating with top management regarding the circumstances of the cybersecurity event
D. Determining the scope of the damage caused by the incident
C
While communicating with top management about the circumstances of the cybersecurity event is always important, it is not a primary responsibility of the response team. Indeed, the primary responsibility of the response team is to address the immediate impact of the incident, and to restore security as quickly as possible.
Which type of recovery site has some or most systems in place, but does not have the data needed
to take over operations?
A. A cold site
B. A cloud site
C. A hot site
D. A warm site
D
Which of these is NOT an effective way to protect an organization from cybercriminals?
A. Using firewalls
B. Removing or disabling unneeded services and protocols
C. Using up-to-date anti-malware software
D. Using intrusion detection and prevention systems
C
Which of these is part of the canons (ISC)² code of ethics?
A. Advance and protect the profession
B. Provide diligent and competent services to stakeholders
C. Act always in the best interest of your client
D. Prevent and detect unauthorized use of digital assets in a society
A
Which of these is NOT a best practice in access management?
A. Periodically assessing whether user permissions still apply
B. Giving only the right amount of permission
C. Trust but verify
D. Requesting a justification when upgrading permission
C
Which kind of physical access control is LESS effective at preventing unauthorized individual access to a
data center?
A. Bollards
B. Turnstiles
C. Barriers
D. Fences
A
Which of these types of credentials is NOT used in multi-factor authentication?
A. Something you are
B. Something you have
C. Something you trust
D. Something you know
C
'Something you know', such as a password or personal identification number (PIN); 'Something you have', such as a smart card or certificate; 'Something you are', which would be based on your physical characteristics, in which biometric reading may be used.
On a BYOD model, which of these technologies is best suited to keep corporate data and applications
separate from personal?
A. Full-device encryption
B. Containerization
C. Context-aware authentication
D. Biometrics
B
What is the most important difference between MAC and DAC?
A. In MAC, security administrators set the roles for the users; in DAC, roles are set at the object
owner’s discretion
B. In MAC, security administrators assign access permissions; in DAC, security administrators set user
roles
C. In MAC, access permissions are set at the object owner’s discretion; in DAC, it is up to security
administrators to assign access permissions
D. In MAC, security administrators assign access permissions; in DAC, access permissions are set at
the object owner’s discretion
D
In MAC systems, access to resources is granted or denied based on the resource's sensitivity and the user's clearance level, as determined by a central authority. This means that users cannot grant resource access to other users. In contrast, discretionary access control (DAC) is a type of access control in which access to resources is based on the discretion of the owner of the resource.
Which of these techniques is PRIMARILY used to ensure data integrity?
A. Backups
B. Hashing
C. Content Encryption
D. Message Digest
D
Which of these cloud deployment models is a combination of public and private cloud storage?
A. Community
B. Public
C. Private
D. Hybrid
D
Suppose that an organization wants to implement measures to strengthen its detective access controls.
Which one of these tools should they implement?
A. Backups
B. Patches
C. IDS
D. Encryption
C
Which of the following Cybersecurity concepts guarantees that information is accessible only to those authorized to access it?
Which type of attack has the PRIMARY objective of encrypting devices and their data, and then demanding a ransom payment for the decryption key?
In the event of a disaster, which of these should be the PRIMARY objective? ( )
According to ISC2, which are the six phases of data handling?
Which devices have the PRIMARY objective of collecting and analyzing security events?
Which of these is the PRIMARY objective of a Disaster Recovery Plan?
Which of the following areas is the most distinctive property of PHI?
Which of the following properties is NOT guaranteed by Digital Signatures?
A biometric reader that grants access to a computer system in a data center is a:
Which of the following documents contains elements that are NOT mandatory?
Which of the following are NOT types of security controls?
After an earthquake disrupting business operations, which document contains the procedures required to return business to normal operation?
Which of the following is NOT an ethical canon of the ISC2?
How many data labels are considered good practice?
Risk Management is:
-
- 1 / 200
-
