Certified in Cybersecurity
Braindump CC ISC2
Braindump CC ISC2
Kartei Details
| Karten | 200 |
|---|---|
| Lernende | 19 |
| Sprache | English |
| Kategorie | Informatik |
| Stufe | Universität |
| Erstellt / Aktualisiert | 18.08.2023 / 11.06.2025 |
| Weblink |
https://card2brain.ch/box/20230818_certified_in_cybersecurity
|
| Einbinden |
<iframe src="https://card2brain.ch/box/20230818_certified_in_cybersecurity/embed" width="780" height="150" scrolling="no" frameborder="0"></iframe>
|
Which of these would be the best option if a network administrator needs to control access to a network?
A. IDS
B. SIEM
C. NAC
D. HIDS
C
Which concept describes an information security strategy that integrates people, technology and
operations in order to establish security controls across multiple layers of the organization?
A. Least Privilege
B. Defense in Depth
C. Separation of Duties
D. Privileged Accounts
B
Defense in depth describes a cybersecurity approach that uses multiple layers of security for holistic protection. According to the principle of Separation of Duties, no user should ever be given enough privileges to misuse the system on their own. The principle of Least Privilege dictates that users should be given only those privileges required to complete their specific tasks.
Which of the following is a public IP?
A. 192.168.123.1
B. 172.16.123.1
C. 13.16.123.1
D. 10.221.123.1
C
Which of these is not an attack against an IP network?
A. Man-in-the-middle Attack
B. Oversized Packet Attack
C. Side-channel Attack
D. Fragmented Packet Attack
C
Man-in-the-middle Attacks, Oversized Packet Attacks, and Fragmented Packet Attacks are typical IPnetwork attacks. Side Channel Attacks are non-invasive attacks that extract information from devices (typically devices running cryptographic algorithms), and therefore do not aim at IP networks.
Which of the following is NOT a possible model for an Incident Response Team (IRT)?
A. Pre-existing
B. Leveraged
C. Hybrid
D. Dedicated
A
The three possible models for incident response are Leveraged, Dedicated, and Hybrid
Which of the following types of devices inspect packet header information to either allow or deny network
traffic?
A. Firewalls
B. Hubs
C. Routers
D. Switches
A
Security posters are an element PRIMARILY employed in: ( )
A. Incident Response Plans
B. Business Continuity Plans
C. Security Awareness
D. Physical Security Controls
C
In Change Management, which component addresses the procedures needed to undo changes?
A. Disaster and Recover
B. Rollback
C. Request for Change
D. Request for Approval
B
Which of these tools is commonly used to crack passwords? ( )
A. Burp Suite
B. Nslookup
C. Wireshark
D. John the Ripper
D
The last phase in the data security cycle is:
A. Encryption
B. Destruction
C. Archival
D. Backup
B
According to the data security lifecycle model, the last phase is Data Destruction, which aims at guaranteeing that data contained in a given support is erased and destroyed in a way that renders it completely irrecoverable by any means
Which of the following is a data handling policy procedure?
A. Collect
B. Encode
C. Destroy
D. Transform
C
The data handling procedures are 'Classify', 'Categorize', 'Label', 'Store', 'Encrypt', 'Backup', and 'Destroy'
Sensitivity is a measure of the …:
A. … importance assigned to information by its owner, or the purpose of representing its need for
protection.
B. … pertinence assigned to information by its owner, or the purpose of representing its need for
urgency.
C. … urgency and protection assigned to information by its owner.
D. … protection and timeliness assigned to information by its owner, or the purpose of representing its
need for urgency.
A
Sensitivity is also defined as the measure of the importance assigned to information by its owner, or the purpose of representing its need for protection
A Security safeguard is the same as a:
A. Privacy control
B. Security principle
C. Safety control
D. Security control
D
Which of the following is an example of a technical security control?
A. Fences
B. Access control lists
C. Bollards
D. Turnstiles
B
An access control list is a type of technical security control. Bollards, fences and turnstiles control access to physical facilities, and thus are types of physical security controls
How many layers does the OSI model have?
A. 5
B. 6
C. 4
D. 7
7
Which type of attack has the PRIMARY objective controlling the system from outside?
A. Backdoors
B. Cross-Site Scripting
C. Rootkits
D. Trojans
A
In risk management, the highest priority is given to a risk where:
A. The frequency of occurrence is low, and the expected impact value is high
B. The expected probability of occurrence is low, and the potential impact is low
C. The expected probability of occurrence is high, and the potential impact is low
D. The frequency of occurrence is high, and the expected impact value is low
A
The highest priority is given to risks estimated to have high impact and low probability over high probability and low impact value. In qualitative risk analysis, the 'expected probability of occurrence' and the 'frequency of occurrence' refer to the same thing. The same goes for the concepts of expected impact value and potential impact
The process that ensures that system changes do not adversely impact business operations is known
as:
A. Configuration Management
B. Inventory Management
C. Change Management
D. Vulnerability Management
C
Change Management is the process of implementing necessary changes so that they do not adversely affect business operations.
Which of these has the PRIMARY objective of identifying and prioritizing critical business processes?
A. Business Impact Analysis
B. Business Continuity Plan
C. Disaster Recovery Plan
D. Business Impact Plan
A
The term 'Business Impact Plan' does not exist. A Business Impact Analysis (BIA) is a technique for analyzing how disruptions can affect an organization, and determines the criticality of all business activities and associated resources. A Business Continuity Plan (BCP) is a pre-determined set of instructions describing how the mission/business processes of an organization will be sustained during and after a significant disruption.
When a company hires an insurance company to mitigate risk, which risk management technique is
being applied?
A. Risk mitigation
B. Risk avoidance
C. Risk tolerance
D. Risk transfer
D
Risk mitigation consists of mechanisms to reduce the risk. Finally, risk tolerance is the degree of risk that an investor is willing to endure.
In the context of risk management, which information does ALE outline?
A. The business impact of a risk
B. The percentage of Asset Lost Efficiency
C. The expected cost per year of not performing a given risk-mitigating action
D. The probability of a risk coming to pass in a given year
C
On an Incident Response team, which role acts as the team's main link to Senior Management?
A. Information security
B. Management
C. Communications and public relations
D. Technical expert
B
( ) Which of these statements about the security implications of IPv6 is NOT true?
A. IPv6 reputation services may not be mature and useful
B. IPv6 traffic may bypass existing security controls
C. IPv6's NAT implementation is insecure
D. Rules based on static IPv6 addresses may not work
C
IPv6 does not include network address translation (NAT), since many IP addresses are available. As a result, there is no NAT implementation, and so IPv6 can't actually have an insecure version
( ) Which of these different sub-masks will allow 30 hosts?
A. /27
B. /26
C. /29
D. /30
A
To allow 30 hosts + 2 addresses for broadcast and network addresses. Thus, we are looking for the mask 255.255.255.224, or /27 using CIDR (Classless Inter-Domain Routing) notation. For 32 addresses, we need 5 bits and the mask /32 - log2(32) = /32 - 5 = /27. As for the remaining masks, /26 would result in 64 hosts, /29 in 8 hosts, and /30 in 4 hosts.
Which of these is NOT a typical component of a comprehensive business continuity plan (BCP)?
A. Notification systems and call trees for alerting personnel
B. Immediate response procedures and checklists
C. A list of the BCP team members
D. A cost prediction of the immediate response procedures
D
Which of these terms refers to threats with unusually high technical and operational sophistication,
spanning months or even years?
A. Rootkit
B. Side-channel
C. APT
D. Ping of death
C
An Advanced Persistent Threat is a threat with unusually high technical and operational sophistication.
Which of these pairs does NOT constitute Multi-Factor Authentication (MFA)?
A. PIN and credit card.
B. Username and retina scan.
C. Password and username.
D. Fingerprint and Password.
C
Multi-Factor Authentication uses authentication from more than one factor. Passwords and usernames are not multifactor, since they are both 'something you know
Which type of attack PRIMARILY aims to consume all the available resources, thereby making an
organization's service inaccessible to its intended users?
A. Cross-Site Scripting
B. Trojans
C. Denial of Service
D. Phishing
C
Which of these is NOT a feature of a SIEM (Security Information and Event Management)?
A. Log retention
B. Log auditing
C. Log encryption
D. Log consolidation
B
Log auditing is not a feature of a SIEM (Security Information and Event Management)
Which of these is not an attack against an IP network?
A. Man-in-the-middle Attack
B. Fragmented Packet Attack
C. Side-channel Attack
D. Oversized Packet Attack
C
As an (ISC)² member, you are expected to perform with due care. What does 'due care' specifically
mean?
A. Give continuity to the legacy of security practices of your company
B. Researching and acquiring the knowledge to do your job right
C. Do what is right in each situation you encounter on the job
D. Apply patches annually
C
Which of these is NOT one of the (ISC)² ethics canons?
A. Act honorably, honestly, justly, responsibly, and legally
B. Protect society, the common good, necessary public trust and confidence, and the infrastructure
C. Provide diligent and competent service to principals
D. Consider the social consequences of the systems you are designing
D
Considering the social consequences of the systems you are designing is a valid concern, since the professional must abide by the canon of their protecting society, the common good, necessary public trust and confidence, and the infrastructure. However, this is not in itself a canon
What technology is MOST LIKELY to conserve the storage space required for video recordings?
A. PTZ
B. Motion detection
C. Facial recognition
D. Infrared cameras
B
Motion-detecting cameras record only when motion is detected, and thus help in reducing video storage requirements.
Which of these exercises goes through a sample of an incident step-by-step, validating what each
person will do?
A. A walk-through exercise
B. A checklist exercise
C. A tabletop exercise
D. A simulation exercise
A
A walk-through exercise reviews each step of the incident, in order to ensure that every team member knows exactly what they should do, and how they should do it.
The name, age, location and job title of a person are all examples of:
A. Attributes
B. Biometric factors
C. Account permissions
D. Identity factors
A
Attributes such as a person's name, age, location, job title, and even characteristics such as height or hair color, may all be associated with their identity. None of these describe biometric factors used for authentication. Identity factors are something you know, are or have. Account permissions determine what an authenticated person (a user) can do, and not attributes related to the user's identity.
What is the PRIMARY objective of a rollback in the context of the change management process?
A. Restore the system to its last state before the change was made
B. Validate the system change process
C. Establish a minimum understood and acceptable level of security requirements
D. Identify the required changes needed
A
Which of these techniques will ensure the property of 'non-repudiation'?
A. Passwords
B. Encryption
C. Using a VPN
D. Digital signatures
D
Which of these social engineering attacks sends emails that target specific individuals?
A. Vishing
B. Pharming
C. Spear phishing
D. Whaling
C
Spear phishing is a highly targeted phishing attack (and not just random spam) which aims to get specific individuals to reveal confidential information. The particularity of spear phishing is that these attacks are sent with prior knowledge about the target (person or company), so as to increase its chance of success.
Which of these is a type of detective access control?
A. Firewalls
B. Bollards
C. Movement Sensors
D. Turnstiles
C
An Access Control List (ACL) that determines which permissions you have is:
A. The subject
B. The rule
C. The firmware
D. The object
B
An Access Control List (ACL) is a list of rules that specifies which users or systems are granted or denied access to a particular object or system resource
