(ISC)2 Practice Exam 1

The process of verifying or proving the user's identification is known as:

Authentication

Which of the following properties is NOT guaranteed by Digital Signatures?

Confidentiality

Which of the following Cybersecurity concepts guarantees that information is accessible only to those authorized to access it?

Confidentiality

Sensitivity is a measure of the ...:

... importance assigned to information by its owner, or the purpose of representing its need for protection.

Which of the following areas is the most distinctive property of PHI?

Confidentiality

Which of the following areas is connected to PII?

Confidentiality

An exploitable weakness or flaw in a system or component is a:

Vulnerability

The magnitude of the harm expected as a result of the consequences of an unauthorized disclosure, modification, destruction, or loss of information, is known as the:

Impact

Risk Management is:

The identification, evaluation and prioritization of risk

In risk management, the highest priority is given to a risk where:

The frequency of occurrence is low, and the expected impact value is high

An entity that acts to exploit a target organization's system vulnerabilities is a:

Threat Actor

Which of the following is an example of a technical security control?

Access Control Lists

When a company hires an insurance company to mitigate risk, which risk management technique is being applied?

Risk Transfer

Which of the following is NOT an example of a physical security control?

Firewalls

Which of the following is an example of an administrative security control?

Acceptable Use Policies

A Security safeguard is the same as a:

Security control

Which of the following are NOT types of security controls?

Storage Controls

A biometric reader that grants access to a computer system in a data center is a:

Technical Control

The implementation of Security Controls is a form of:

Risk reduction

According to the canon "Provide diligent and competent service to principals", ISC2 professionals are to:

Avoid apparent or actual conflicts of interest.

Which of the following canons is found in the ISC2 code of ethics?

Provide diligent and competent service to principals

Which of the following is NOT an ethical canon of the ISC2?

Provide active and qualified service to principal

The detailed steps to complete tasks supporting departmental or organizational policies are typically documented in:

Procedures

Governments can impose financial penalties as a consequence of breaking a:

Regulation

Which of the following documents contains elements that are NOT mandatory?

Guidelines

Which of these has the PRIMARY objective of identifying and prioritizing critical business processes?

Business Impact Analysis

The predetermined set of instructions or procedures to sustain business operations after a disaster is commonly known as:

Business Continuity Plan

Which of these is the most efficient and effective way to test a business continuity plan?

Simulations

After an earthquake disrupting business operations, which document contains the procedures required to return business to normal operation?

The Disaster Recovery Plan

Which of these is the PRIMARY objective of a Disaster Recovery Plan?

Restore company operation to the last-known reliable operation state

In the event of a disaster, which of these should be the PRIMARY objective? (★)

Guarantee the safety of people

Which of the following is less likely to be part of an incident response team?

Human Resources

Which are the components of an incident response plan?

Preparation -\> Detection and Analysis -\> Containment, Eradication and Recovery -\> Post-Incident Activity

In incident terminology, the meaning of Zero Day is:

A previously unknown system vulnerability

In which of the following phases of an Incident Recovery Plan are incident responses prioritized?

Detection and Analysis

Which of the following is NOT a possible model for an Incident Response Team (IRT)?

Pre-existing

Which security principle states that a user should only have the necessary permission to execute a task?

Least Privilege

Which concept describes an information security strategy that integrates people, technology and operations in order to establish security controls across multiple layers of the organization?

Defense in Depth

Which of these types of user is LESS likely to have a privileged account?

External Worker

Which of the following principles aims primarily at fraud detection?

Separation of Duties

Which of the following is a detection control?

Smoke sensors

Which of the following is an example of 2FA?

One-Time Passwords (OTA)

If an organization wants to protect itself against tailgating, which of the following types of access control would be most effective?

Turnstiles

Which access control is more effective at protecting a door against unauthorized access?

Locks

Which access control model can grant access to a given object based on complex rules?

ABAC

Which access control model specifies access to an object based on the subject's role in the organization?

RBAC

The Bell and LaPadula access control model is a form of: (★)

MAC

In which of the following access control models can the creator of an object delegate permission?

DAC

Which protocol uses a three-way handshake to establish a reliable connection?

TCP

Which of the following is a public IP?

13.16.123.1

How many layers does the OSI model have?

7

The address 8be2:4382:8d84:7ce2:ec0f:3908:d29a:903a is an:

IPv6 address

Which are the three packets used on the TCP connection handshake? (★)

SYN → SYN/ACK → ACK

Which port is used to secure communication over the web (HTTPS)?

443

If there is no time constraint, which protocol should be employed to establish a reliable connection between two devices?

TCP

Which devices would be more effective in detecting an intrusion into a network?

NIDS

Which type of attack will most effectively maintain remote access and control over the victim's computer?

Rootkits

Which type of attack has the PRIMARY objective of encrypting devices and their data, and then demanding a ransom payment for the decryption key?

Ransomware

Malicious emails that aim to attack company executives are an example of:

Whaling

Which type of attack has the PRIMARY objective controlling the system from outside?

Backdoors

What does SIEM mean?

Security Information and Event Manager

Which of these is not an attack against an IP network?

Side-Channel Attack

Which devices have the PRIMARY objective of collecting and analyzing security events?

SIEM

Which type of attack attempts to trick the user into revealing personal information by sending a fraudulent message?

Phishing

Which type of attack attempts to gain information by observing the device's power consumption? (★)

Side channels

Which type of attack PRIMARILY aims to make a resource inaccessible to its intended users?

Denials of Service

What is the consequence of a Denial Of Service attack?

Exhaustion of device resources

Which type of attack embeds malicious payload inside a reputable or trusted software?

Trojans

Which of the following attacks take advantage of poor input validation in websites?

Cross-Site Scripting

In which cloud model does the cloud customer have LESS responsibility over the infrastructure?

SaaS

The cloud deployment model where a company has resources on-premise and in the cloud is known as:

Hybrid cloud

The SMTP protocol operates at OSI Level:

7

A web server that accepts requests from external clients should be placed in which network?

DMZ

Which of these would be the best option if a network administrator needs to control access to a network?

NAC

Which of these tools is commonly used to crack passwords? (★)

John the Ripper

Which tool is commonly used to sniff network traffic? (★)

Wireshark

In order to find out whether personal tablet devices are allowed in the office, which of the following policies would be helpful to read?

BYOD

Which device is used to connect a LAN to the Internet?

Router

Which of the following types of devices inspect packet header information to either allow or deny network traffic?

Firewalls

Which of the following cloud models allows access to fundamental computer resources? (★)

IaaS

Which of the following is not a protocol of the OSI Level 3?

SNMP

In which cloud deployment model do companies share resources and infrastructure on the cloud?

Community cloud

Which type of key can be used to both encrypt and decrypt the same message?

A symmetric key

Logging and monitoring systems are essential to:

Identifying inefficient performing systems, detecting compromises, and providing a record of how systems are used

Which of the following is NOT a feature of a cryptographic hash function?

Reversible

The last phase in the data security cycle is:

Destruction

According to ISC2, which are the six phases of data handling?

Create -\> Store -\> Use -\> Share -\> Archive -\> Destroy

How many data labels are considered good practice?

2-3

A best practice of patch management is to:

Test patches before applying them

What is an effective way of hardening a system?

Patch the system

A device found not to comply with the security baseline should be:

Disabled or isolated into a quarantine area until it can be checked and updated.

Which of the following is a data handling policy procedure?

Destroy

Which of these is NOT a change management component?

Governance

The process that ensures that system changes do not adversely impact business operations is known as:

Change Management

In Change Management, which component addresses the procedures needed to undo changes?

Rollback

Which regulations address data protection and privacy in Europe?

GDPR

Which of the following is NOT a type of learning activity used in Security Awareness?

Tutorial

Security posters are an element PRIMARILY employed in: (★)

Security Awareness

Which of the following is NOT a social engineering technique?

Double-dealing

Which of the following is NOT an element of System Security Configuration Management?

Audit logs