CERTIFIED-IN-CYBERSECURITY Practice Questions
788 real CERTIFIED-IN-CYBERSECURITY exam questions with expert-verified answers and explanations. Page 16 of 16.
- Question #751Business Continuity (BC), Disaster Recovery (DR) & Incident Response Concepts
What is the primary goal of disaster recovery in the cybersecurity context?
Disaster RecoveryBusiness ContinuityIncident ManagementImpact Minimization - Question #752Access Controls Concepts
What is access control policy?
Access ControlSecurity PolicyCybersecurity Fundamentals - Question #753Security Principles
What is the purpose of data breach notification laws or regulations?
Data Breach NotificationRegulatory CompliancePrivacy LawsIncident Response - Question #754Network Security Concepts
Which of the following is a best practice for securing email communications?
Email SecurityEncryptionCommunication SecurityData Protection - Question #755Network Security
What is the primary objective of network security?
network securitysecurity objectivesunauthorized access preventionaccess control - Question #756Network Security
Our networking department is recommending we use a full duplex solution for an implementation. What is a KEY FEATURE of those?
Full duplexNetworking fundamentalsCommunication modesNetwork communication - Question #757Security Principles
After an attack we have suffered a loss of public confidence, which leg of the CIA was compromised?
CIA TriadConfidentialityData BreachSecurity Principles - Question #758Security Principles
You can MOST LIKELY be held liable when you display which of these?
LiabilityNegligenceDue CareLegal Concepts - Question #759Network Security Concepts
Which of these is not an attack against an IP network?
Network AttacksIP Network SecurityAttack CategoriesSide-channel Attacks - Question #760Business Continuity (BC), Disaster Recovery (DR) & Incident Response Concepts
Which of these is the most efficient and effective way to test a business continuity plan?
Business Continuity PlanningBCP TestingDisaster RecoveryCybersecurity Operations - Question #761Access Controls Concepts
The Bell and LaPadula access control model is a form of: ()
Access Control ModelsBell-LaPadulaMandatory Access ControlConfidentiality - Question #762Security Principles
Which access control model specifies access to an object based on the subject's role in the organization?
Access Control ModelsRBACAccess ControlIdentity and Access Management - Question #763Business Continuity (BC), Disaster Recovery (DR) & Incident Response (IR) Concepts
The predetermined set of instructions or procedures to sustain business operations after a disaster is commonly known as:
Business ContinuityDisaster RecoveryOperational ResilienceRisk Management - Question #764Business Continuity (BC), Disaster Recovery (DR) & Incident Response Concepts
After an earthquake disrupting business operations, which document contains the procedures required to return business to normal operation?
Disaster Recovery Plan (DRP)Business Continuity Plan (BCP)Crisis ManagementOperational Resilience - Question #765Security Principles
The last phase in the data security cycle is:
Data Lifecycle ManagementData DestructionInformation Security Principles - Question #766Security Principles
With respect to risk management, which of the following options should be prioritized?
Risk ManagementRisk PrioritizationRisk AssessmentImpact Analysis - Question #767Security Principles
Which of the following is an example of an administrative security control?
Security ControlsAdministrative ControlsPolicies and ProceduresSecurity Fundamentals - Question #768Security Principles
Which of the following canons is found in the (ISC)?code of ethics?
ISC2 Code of EthicsProfessional EthicsCanons - Question #769Security Principles
Which of the following is NOT a feature of a cryptographic hash function?
Cryptographic Hash FunctionsCryptographyHashing PropertiesData Integrity - Question #770Security Principles
As an IT Security professional, you are expected to perform due care. What does this mean?
Due CareProfessional EthicsSecurity GovernanceProfessional Responsibility - Question #771Access Controls Concepts
For our authentication, we are looking at knowledge factors. Which is the MOST common knowledge factor in use today?
Authentication factorsKnowledge factorsPasswordsAccess control - Question #772Access Controls Concepts
Using Mandatory Access Control (MAC), we would use clearance for assigning which of these?
Mandatory Access ControlAuthorizationAccess Control ModelsClearance - Question #773Network Security Concepts
Which type of Intrusion Detection Systems (IDS) and Intrusion Prevention System (IPS) are completely vulnerable to 0-day attacks?
IDS/IPS0-day attacksSignature-based detectionVulnerability - Question #774Business Continuity (BC), Disaster Recovery (DR) & Incident Response (IR) Concepts
Which of these exercises goes through a sample of an incident step-by-step, validating what each person will do?
Incident ResponseExercise TypesIncident Response PlanningBusiness Continuity - Question #775Business Continuity (BC), Disaster Recovery (DR) & Incident Response Concepts
Which type of recovery site has some or most systems in place, but does not have the data needed to take over operations? ()
Disaster RecoveryRecovery SitesBusiness ContinuityCybersecurity Fundamentals - Question #776Security Principles
An organization that uses a layered approach when designing its security architecture is using which of these security approaches?
Defense in DepthSecurity ArchitectureLayered SecuritySecurity Principles - Question #777Security Principles
What does the term 'data remanence' refer?
data remanencedata sanitizationdata disposalsecurity fundamentals - Question #778Network Security
Which of these different sub-masks will allow 30 hosts? ()
SubnettingIP AddressingCIDRNetwork Masks - Question #779Security Principles
Which type of attack PRIMARILY aims to consume all the available resources, thereby making an organization's service inaccessible to its intended users?
Denial of Service (DoS)Cybersecurity attacksAttack typesAvailability - Question #780Network Security
Which port number corresponds to the Simple Mail Transfer Protocol (SMTP)?
SMTPPort NumbersNetwork ProtocolsCommon Ports - Question #781Security Principles
By implementing a layered defense strategy across our organization, what do we improve?
Layered DefenseDefense in DepthCIA TriadSecurity Principles - Question #782Security Principles
You are talking to a new manager of our helpdesk. You are explaining how we do risk analysis. They ask you: "How do you define a vulnerability?"
Vulnerability DefinitionRisk AnalysisCybersecurity ConceptsSecurity Principles - Question #783Security Principles
When an attacker is using a brute force attack to break a password, what are they doing?
Brute Force AttackPassword AttackCyberattack Methods - Question #784Security Operations Concepts
In Change Management, which component addresses the procedures needed to undo changes?
Change ManagementRollbackIT Service Management - Question #785Secure Systems Principles
Which of the following is NOT an element of System Security Configuration Management?
Configuration ManagementSystem SecuritySecurity ControlsBaselines - Question #786Security Principles
Which concept describes an information security strategy that integrates people, technology and operations in order to establish security controls across multiple layers of the org...
Defense in DepthSecurity PrinciplesLayered SecuritySecurity Strategy - Question #787Security Principles
Which of the following Cybersecurity concepts guarantees that information is accessible only to those authorized to access it?
ConfidentialityCIA TriadSecurity PrinciplesInformation Security Concepts - Question #788Security Principles
The magnitude of the harm expected as a result of the consequences of an unauthorized disclosure, modification, destruction, or loss of information, is known as the:
Risk ManagementImpact AssessmentSecurity Concepts