CERTIFIED-IN-CYBERSECURITY Practice Questions
788 real CERTIFIED-IN-CYBERSECURITY exam questions with expert-verified answers and explanations. Page 2 of 16.
- Question #51Network Security Concepts
If there is no time constraint, which protocol should be employed to establish a reliable connection between two devices?
Networking ProtocolsTCP/UDPReliable Communication - Question #52Security Operations
Which tool is commonly used to sniff network traffic? ()
Network SniffingNetwork ToolsPacket AnalysisWireshark - Question #53Security Operations
Which devices have the PRIMARY objective of collecting and analyzing security events?
SIEMSecurity MonitoringSecurity OperationsSecurity Tools - Question #54Network Security
Which protocol uses a three-way handshake to establish a reliable connection?
Networking ProtocolsTCP/IPThree-way HandshakeReliable Connection - Question #55Access Controls Concepts
What type of security control is the biometric reader that grants access to the data center building?
Physical SecuritySecurity ControlsAccess ControlBiometrics - Question #56Security Principles
Which type of attack has the PRIMARY objective controlling the system from outside?
MalwareBackdoorsAttack TypesSystem Control - Question #57Security Principles
Which security principle states that a user should only have the necessary permission to execute a task?
Security PrinciplesLeast PrivilegeAccess ControlInformation Security Governance - Question #58Incident Response (IR) Concepts
Which of the following is LESS likely to be part of an Incident Response Team (IRT)?
Incident ResponseIncident Response Team (IRT)Team Roles and ResponsibilitiesCybersecurity Incident Management - Question #59Security Principles
Which of the following is a data handling policy procedure?
Data HandlingData LifecycleData DestructionSecurity Policies - Question #60Security Principles
Which of the following areas is connected to PII?
PIIConfidentialityData ProtectionSecurity Principles - Question #61Security Principles
Which of the following is a detection control?
Security ControlsDetection ControlsPhysical SecurityRisk Management - Question #62Security Principles
The implementation of Security Controls is a form of:
Risk ManagementSecurity ControlsRisk ReductionRisk Treatment - Question #63Access Controls Concepts
In which of the following access control models can the creator of an object delegate permission?
Discretionary Access ControlAccess Control ModelsPermission Delegation - Question #64Business Continuity (BC), Disaster Recovery (DR) & Incident Response Concepts
Which are the components of an incident response plan?
Incident ResponseIncident Response PlanIncident Handling PhasesCybersecurity Incident Management - Question #65Network Security Concepts
Which device is used to connect a LAN to the Internet?
NetworkingNetwork DevicesRouterLAN/WAN - Question #66Access Controls Concepts
Which access control model can grant access to a given object based on complex rules?
Access Control ModelsABACAuthorizationSecurity Principles - Question #67Security Operations
Which type of attack will most effectively provide privileged access (root access in Unix/Linux platforms) to a computer while hiding its presence?
RootkitsMalwarePrivileged AccessSystem Compromise - Question #68Domain 1: Security Principles - 1.6 Understand Security Controls (e.g., administrative, technical, physical)
Which of the following is NOT an example of a physical security control?
Physical SecuritySecurity ControlsZero TrustAccess Control - Question #69Security Principles
Risk Management is:
Risk ManagementCybersecurity FundamentalsRisk Assessment - Question #70Business Continuity (BC), Disaster Recovery (DR) & Incident Response (IR) Concepts
In the event of a disaster, what should be the primary objective? ()
Disaster RecoveryBusiness ContinuityEmergency ManagementLife Safety - Question #71Security Principles
Which of the following is NOT an ethical canon of the (ISC)?
(ISC)² Code of EthicsProfessional EthicsCybersecurity EthicsProfessional Conduct - Question #72Security Principles
The cloud deployment model where a company has resources on-premise and in the cloud is known as:
Cloud ComputingCloud Deployment ModelsHybrid Cloud - Question #73Network Security Concepts
Which devices would be more effective in detecting an intrusion into a network?
Intrusion DetectionNIDSNetwork Security DevicesSecurity Monitoring - Question #74Network Security Concepts
Which port is used to secure communication over the web (HTTPS)?
HTTPSNetwork PortsSecurity Protocols - Question #75Security Principles
Which of the following is NOT a type of learning activity used in Security Awareness?
Security AwarenessTrainingEducationLearning Activities - Question #76Network Security
Which are the three packets used on the TCP connection handshake? ()
TCPThree-way HandshakeNetworking ProtocolsPacket Flags - Question #77Security Operations Concepts
Logging and monitoring systems are essential to:
LoggingMonitoringCompromise DetectionSecurity Operations - Question #78Access Controls Concepts
Which physical access control would be MOST effective against tailgating?
Physical SecurityAccess ControlTailgating PreventionEntry Control - Question #79Network Security Concepts
The SMTP protocol operates at OSI Level:
OSI ModelSMTPNetwork ProtocolsApplication Layer - Question #80Security Principles - Basic Risk Management Concepts
When a company hires an insurance company to mitigate risk, which risk management technique is being applied?
Risk ManagementRisk TransferInsuranceRisk Treatment - Question #81Security Principles
According to (ISC)? which are the six phases of data handling?
Data LifecycleData HandlingInformation Management(ISC)2 Concepts - Question #824. Network Security
The address 8be2:4382:8d84:7ce2:ec0f:3908:d29a:903a is an:
IPv6Network AddressingNetwork FundamentalsIP Address Formats - Question #83Access Controls Concepts
Which access control is more effective at protecting a door against unauthorized access?
Physical SecurityAccess ControlPhysical Access Control - Question #84Security Principles
The detailed steps to complete tasks supporting departmental or organizational policies are typically documented in:
PoliciesProceduresOrganizational DocumentationGovernance - Question #85Network Security Concepts
Which of these types of layers is NOT part of the TCP/IP model?
TCP/IP modelNetwork layersNetworking fundamentalsOSI model - Question #86Access Controls Concepts
Which kind of physical access control is LESS effective at preventing unauthorized individual access to a data center?
Physical SecurityAccess ControlData Center SecuritySecurity Controls - Question #87Security Principles
Which of these is an example of a privacy breach?
Privacy breachData privacyInformation security incidentsCybersecurity definitions - Question #88Network Security Concepts
Which of these is an example of a MAC address? ()
MAC AddressNetwork AddressingNetworking FundamentalsData Link Layer - Question #89Security Operations
What is the PRIMARY objective of a degaussing?
DegaussingData sanitizationData destructionStorage security - Question #90Business Continuity (BC), Disaster Recovery (DR) & Incident Response Concepts
Which of these is included in an SLA document?
SLAIncident ResponseThird-Party Risk - Question #91Security Principles
Which of these is NOT a characteristic of the cloud?
Cloud ComputingCloud CharacteristicsNIST CloudShared Responsibility Model - Question #92Security Principles
Which cloud service model provides the most suitable environment for customers who want to install their custom operating system?
Cloud ComputingCloud Service ModelsIaaSCustomer Control - Question #93Security Principles
Which of these techniques will ensure the property of 'non-repudiation'?
Non-repudiationDigital signaturesCryptographySecurity principles - Question #94Security Principles
Which of these is part of the canons (ISC)?code of ethics?
ISC2 Code of EthicsProfessional EthicsCanons - Question #95Security Principles
Which of these techniques is PRIMARILY used to ensure data integrity?
Data IntegrityMessage DigestHashingCryptography - Question #96Access Controls Concepts
In an Access Control List (ACL), the element that determines what permissions you have is:
Access Control ListsAccess ControlPermissionsSecurity Rules - Question #97Security Principles and Concepts
Which of these is NOT a type of malware?
Malware typesCyber threatsSecurity fundamentalsAttack methods - Question #98Security Principles
Which of these is the PRIMARY objective of the PCI-DSS standard? ()
PCI-DSSData Security StandardsComplianceCredit Card Security - Question #99Security Operations
What is the PRIMARY objective of a rollback in the context of the change management process?
Change ManagementRollbackSystem RestorationOperational Procedures - Question #100Security Principles
Which part of the CIA Triad will be PRIMARILY jeopardized in a Distributed Denial Of Service (DDOS) attack?
DDOSAvailabilityCIA TriadCybersecurity Threats