smi@123

Q# 1. Which of these would be the best option if a network administrator needs to control access to a
network?

HIDS

NAC

IDS

SIEM

Q# 2. Which protocol uses a three-way handshake to establish a reliable connection?

UDP

SNMP

SMTP

TCP

Q# 3. An entity that acts to exploit a target organization’s system vulnerabilities is a:

Thread Actor

Attacker

Thread Vector

Thread

Q# 4. The cloud deployment model where a company has resources on-premise and in the cloud is
known as:

Private cloud

Community Cloud

Hybrid Cloud

Multi Tenent

Q# 5. Which of the following is a detection control?

Turnstiles

Smoke Sensor

Firewall

Bollards
Q# 6. Which access control is more effective at protecting a door against unauthorized access?

Fences

Turnstiles

Barriers

Locks

Q# 7. Which of the following areas is the most distinctive property of PHI?

Authentication

Integrity

Confidentiality

Non-Repudiation

Q# 8. In order to find out whether personal tablet devices are allowed in the office, which of the
following policies would be helpful to read?

Change Management Policy

BYOD

Privacy Policy

AUP

Q# 9. In which of the following phases of an Incident Recovery Plan are incident responses prioritized?

Contentment, Eradication, and Recovery

Preparation

Detection and Analysis

Post-Incident Activity

Q# 10. The process of verifying or proving the user's identification is known as:

Authentication

Integrity

Authorization

Confidentiality

Q#11. Which of the following cloud models allows access to fundamental computer resources?

Paas

Saas
Iaas

Faas

Q# 12. Which device is used to connect a LAN to the Internet?

Firewall

SIEM

Router

HIDS

Q13 Which of these is the PRIMARY objective of a Disaster Recovery Plan?

Maintain Crucial company operation in the event of a disaster

Outline a safe escape procedure for the organization’s personnel

Restore company operation to the last-known reliable operation state

Communicate to the responsible entities the damage caused to operation in the event of disaster

Q14 Which of the following are NOT types of security controls?

System-specific controls

Storage controls

Hybrid controls

Common controls

Q15 Which of the following areas is connected to PII?

Non-Repudiation

Authentication

Integrity

Confidentiality

Q16 A biometric reader that grants access to a computer system in a data center is a:

Physical Control

Administrative Control

Authorization Control

Technical Control
Q17. Which of these types of user is LESS likely to have a privileged account?

Help Desk

Security Analyst

System Administrator

External Worker

Q`18 How many layers does the OSI model have?

Q19 Which of the following documents contains elements that are NOT mandatory?

Procedures

Guidelines

Regulations

Policies

Q20. Which of the following is NOT a type of learning activity used in Security Awareness?

Training

Awareness

Education

Tutorial

Q21. In risk management, the highest priority is given to a risk where:

The frequency of occurrence is high, and expect value is low

The expected probability of occurrence is low, and the potential impact is low

The frequency of occurrence is low, and the expected impact value is high

The expected probability of occurrence is high, and the potential impact is low
Q22. Which of the following is NOT a feature of a cryptographic hash function?

Deterministic

Unique

Useful

Reversible

Q23. The last phase in the data security cycle is:

Backup

Archival

Destruction

Encryption

Q24. Which port is used to secure communication over the web (HTTPS)?

443

80

69

25

Q25. The detailed steps to complete tasks supporting departmental or organizational policies are
typically documented in:

Standard

Policy

Regulation

Procedure

Q26. In which cloud model does the cloud customer have LESS responsibility over the infrastructure?

FaaS

IaaS

SaaS

PaaS
Q27. According to the canon "Provide diligent and competent service to principals", ISC2 professionals
are to:

Q28. Which of these has the PRIMARY objective of identifying and prioritizing critical business
processes?

Q29. Which of the following principles aims primarily at fraud detection?

Q30. Which of these tools is commonly used to crack passwords?

Q 31. According to ISC2, which are the six phases of data handling?

Q32. Which of the following is a data handling policy procedure?

Q33. A device found not to comply with the security baseline should be:

Q34. In incident terminology, the meaning of Zero Day is:

Q35. A best practice of patch management is to:

Q36. Which of the following is an example of a technical security control?

Q37. Sensitivity is a measure of the …

Q38. Which are the components of an incident response plan?

Q39.

The implementation of Security Controls is a form of:

Q40. Which type of attack will most effectively maintain remote access and control over the
victim's computer?

Q41. Which type of attack has the PRIMARY objective of encrypting devices and their data, and then
demanding a ransom payment for the decryption key?
Q42. Which security principle states that a user should only have the necessary permission to execute a
task?

Q43. What is an effective way of hardening a system?

Q44. Which devices would be more effective in detecting an intrusion into a network?
Q45. Which of the following attacks take advantage of poor input validation in websites?

Q46. When a company hires an insurance company to mitigate risk, which risk management technique is
being applied?

Q47. Which of the following is less likely to be part of an incident response team?

Q48. What does SIEM mean?

Q49. Risk Management is:

Q50. In the event of a disaster, which of these should be the PRIMARY objective?

Q51. Which of the following is NOT a social engineering technique?

Q52. Which of the following is a public IP?

Q53. Which tool is commonly used to sniff network traffic?

Q54. Security posters are an element PRIMARILY employed in:

Q55. In which cloud deployment model do companies share resources and infrastructure on the
cloud?
Q56. The magnitude of the harm expected as a result of the consequences of an unauthorized
disclosure, modification, destruction, or loss of information, is known as the:

Q57. Which type of attack embeds malicious payload inside a reputable or trusted software?

Q58. Which devices have the PRIMARY objective of collecting and analyzing security events?
Q59. The SMTP protocol operates at OSI Level:

Q60. Which type of attack attempts to trick the user into revealing personal information by
sending a fraudulent message?

Q61. Which of these is NOT a change management component?

Q62. Which of these is the most efficient and effective way to test a business continuity plan?
Q63. Which are the three packets used on the TCP connection handshake?

Q64. A web server that accepts requests from external clients should be placed in which network?

Q65. Which type of attack has the PRIMARY objective controlling the system from outside?

Q66. The Bell and LaPadula access control model is a form of

Q67. If there is no time constraint, which protocol should be employed to establish a reliable connection
between two devices?

Q68. The process that ensures that system changes do not adversely impact business operations is
known as:

Q69. In Change Management, which component addresses the procedures needed to undo changes?
Q70. How many data labels are considered good practice?

Q71. Which access control model can grant access to a given object based on complex rules?

Q72. Which of the following is an example of 2FA?

Q73. Which of the following is an example of an administrative security control?

Q74. Which of the following is NOT a possible model for an Incident Response Team (IRT)?

Q75. The predetermined set of instructions or procedures to sustain business operations after a disaster
is commonly known as:

Q76. Which type of attack attempts to gain information by observing the device's power
consumption?
Q77. The address 8be2:4382:8d84:7ce2:ec0f:3908:d29a:903a is an:
Q78. Which of the following types of devices inspect packet header information to either allow or deny

network traffic?

Q79. After an earthquake disrupting business operations, which document contains the procedures
required to return business to normal operation?

Q80. If an organization wants to protect itself against tailgating, which of the following types of access
control would be most effective?

Q81. Which regulations address data protection and privacy in Europe?

Q82. Which of the following canons is found in the ISC2 code of ethics?

Q83. Which of the following is not a protocol of the OSI Level 3?

Q84. Which of the following is NOT an ethical canon of the ISC2?

Q85. Which type of key can be used to both encrypt and decrypt the same message?

Q86. Logging and monitoring systems are essential to:

Q87. An exploitable weakness or flaw in a system or component is a:

Q88. Malicious emails that aim to attack company executives are an example of:

Q89. What is the consequence of a Denial Of Service attack?

Q90. Which of the following is NOT an example of a physical security control?

Q91. Which access control model specifies access to an object based on the subject's role in the
organization?
Q92. Which of these is not an attack against an IP network?

Q93. Governments can impose financial penalties as a consequence of breaking a:

Q94. Which type of attack PRIMARILY aims to make a resource inaccessible to its intended users?

Q95. Which concept describes an information security strategy that integrates people, technology and
operations in order to establish security controls across multiple layers of the organization?
Q96. Which of the following is NOT an element of System Security Configuration Management?

Q97. Which of the following properties is NOT guaranteed by Digital Signatures?

Q98. In which of the following access control models can the creator of an object delegate
permission?
Q99. Which of the following Cybersecurity concepts guarantees that information is accessible only to
those authorized to access it?

Q100. A Security safeguard is the same as a:

Q101. What is the most important difference between MAC and DAC?
Q102. A security professional should report violations of a company's security policy to:

Q103. Which of the following is NOT a best practice in access management?

Q104. If a company collects PII, which policy is required?

Q105. Requiring a specific user role to access resources is an example of:

Q106. Which type of document outlines the procedures ensuring that vital company systems keep
running during business-disrupting events?

Q107.

In the event of a disaster, what should be the PRIMARY objective?

Q108. Which of the following is included in an SLA document?

Q109. Which department in a company is NOT regularly involved in a DRP?

Q110. Which of these is not an attack against an IP network?