ISC2 Cybersecurity Certification Practice Exam | Questions and Verified Answers| 100% Correct| A Grade (New 2024/ 2025)
QUESTION
Gary is unable to
... [Show More] log in to the production environment. Gary tries three times and is then locked out of trying again for one hour. Why? (3.
A) Gary is being punished
B) The network is tired
C) Users remember their credentials if they are given time to think about it
D) Gary's actions look like an attack
Answer:
D) Gary's actions look like an attack
QUESTION
Larry and Fern both work in the data center. In order to enter the data center to begin their workday, they must both present their own keys (which are different) to the key reader, before the door to the data center opens.
Which security concept is being applied in this situation?
A) Defense in depth
B) Segregation of duties
C) Least privilege
D) Dual control
Answer:
D) Dual control
QUESTION
A human guard monitoring a hidden camera could be considered a ______ control. (2.
A) Detective
B) Preventive
C) Deterrent
D) Logical
Answer:
A) Detective
QUESTION
Which of the following statements is true? (3.
A) Logical access controls can protect the IT environment perfectly; there is no reason to deploy any other controls
B) Physical access controls can protect the IT environment perfectly; there is no reason to deploy any other controls
C) Administrative access controls can protect the IT environment perfectly; there is no reason to deploy any other controls
D) It is best to use a blend of controls in order to provide optimum security
Answer:
D) It is best to use a blend of controls in order to provide optimum security
QUESTION
Visitors to a secure facility need to be controlled. Controls useful for managing visitors include all of the following except: (2.
A) Sign-in sheet/tracking log
B) Fence
C) Badges that differ from employee badges
D) Receptionist
Answer:
B) Fence
QUESTION
Trina and Doug both work at Triffid, Inc. Doug is having trouble logging into the network. Trina offers to log in for Doug, using Trina's credentials, so that Doug can get some work done.
What is the problem with this? (3.
A) Doug is a bad person
B) If Trina logs in for Doug, then Doug will never be encouraged to remember credentials without assistance
C) Anything either of them do will be attributed to Trina
D) It is against the law
Answer:
C) Anything either of them do will be attributed to Trina
QUESTION
Trina is a security practitioner at Triffid, Inc. Trina has been tasked with selecting a new product to serve as a security control in the environment. After doing some research, Trina selects a particular product. Before that product can be purchased, a manager must review Trina's selection and determine whether to approve the purchase. This is a description of:
A) Two-person integrity
B) Segregation of duties
C) Software
D) Defense in depth
Answer:
B) Segregation of duties
QUESTION
Handel is a senior manager at Triffid, Inc., and is in charge of implementing a new access control scheme for the company. Handel wants to ensure that employees who are assigned to new positions in the company do not retain whatever access they had in their old positions. Which method should Handel select? (3.
A) Role-based access controls (RBAC)
B) Mandatory access controls (MAC)
C) Discretionary access controls (DAC)
D) Logging
Answer:
A) Role-based access controls (RBAC)
QUESTION
Handel is a senior manager at Triffid, Inc., and is in charge of implementing a new access control scheme for the company. Handel wants to ensure that employees transferring from one department to another, getting promoted, or cross-training to new positions can get access to the different assets they'll need for their new positions, in the most efficient manner. Which method should Handel select? (3.
A) Role-based access controls (RBAC)
B) Mandatory access controls (MAC)
C) Discretionary access controls (DAC)
D) Barbed wire
Answer:
A) Role-based access controls (RBAC)
QUESTION
Which of the following activities is usually part of the configuration management process, but is also extremely helpful in countering potential attacks?
A) Annual budgeting
B) Conferences with senior leadership
C) Updating and patching systems
D) The annual shareholders' meeting
Answer:
C) Updating and patching systems
QUESTION
Ludwig is a security analyst at Triffid, Inc. Ludwig notices network traffic that might indicate an attack designed to affect the availability of the environment. Which of the following might be the attack Ludwig sees?
A) DDOS (distributed denial of service)
B) Spoofing
C) Exfiltrating stolen data
D) An insider sabotaging the power supply
Answer:
A) DDOS (distributed denial of service)
QUESTION
A VLAN is a _____ method of segmenting networks.
A) Secret
B) Physical
C) Regulated
D) Logical
Answer:
D) Logical
QUESTION
A device that filters network traffic in order to enhance overall security/performance. (D4.1 L4.1.
A) Endpoint
B) Laptop
C) MAC (media access control)
D) Firewall
Answer:
D) Firewall [Show Less]