This article contains CC exam questions and answers regarding core cybersecurity principles, the risk management process, several security measures, governance elements, the ISC2 code of ethics, business continuity (BC), disaster recovery (DR), incident response concepts, access control ideas, network security concepts, and security operations concepts referenced from the first to the fifth domain.
Please practice the following questions before clicking the “View Answer” button to find the correct answer. It includes CC exam questions and answers, including the explanation behind them. You might be able to prepare better to pass your exam.
1. Which of the following determines a device or user’s physical location, based on information obtained from the device’s IP or MAC address?
A. Localization
B. Ping sweep
C. Traceroute
D. Geolocation
Answer: D. Geolocation
Explanation: Geolocation is a process for determining a device or user’s physical location, based on information obtained from the device’s IP or MAC addres.
2. Which method is commonly used to determine the sequence of hops that the packets took to a given IP address?
A. Routing
B. Geolocation
C. Traceroute
D. Ping Sweep
Answer: C. Traceroute
Explanation: Traceroute is a method to determine the sequence of hops that the packets took to a given IP address.
3. Which tool can be used to view and analyze packets and contents, including the IP addresses and hostnames?
A. John the Ripper
B. Nessus
C. Wireshark
D. Telnet
Answer: C. Wireshark
Explanation: Wireshark is a network analyzer tool that can be used to view and analyze packets and contents, including the IP addresses and hostnames.
4. Which of the following methods should NOT be considered training?
A. Campaign
B. Lectures
C. Workshops
D. Online Courses
Answer: A. Campaign
Explanation: Campaign is the awareness program while the lectures, workshops and online courses focuses on building proficiency in a set of skills, so they are considered training.
5. Which of the following is a security strategy that assumes that all network traffic is potentially malicious and requires verification?
A. No trust
B. Zero Trust
C. Trusted Network
D. Secured Network
Answer: B. Zero Trust
Explanation: Zero trust is a security strategy that assumes that all network traffic is potentially malicious and requires verification.
Read Also: Top 100 Must-Know ISC2 CC Exam Questions and Answers Set-1
6. Which of these techniques creates a secure tunnel between endpoints?
A. Virtual Private Network (VPN)
B. Secure Network
C. Secure Tunnel Network (STN)
D. Encryption
Answer: A. Virtual Private Network (VPN)
Explanation: A Virtual Private Network (VPN) creates a secure tunnel between endpoints, and it ensures the confidentiality in transferring data.
7. Data sent over a network is an example of
A. Data in use
B. Data in transit
C. Data in rest
D. Data in motion
Answer: D. Data in motion
Explanation: Data sent over a network is an example of data in motion whereas data reside in storage media is called data in rest and data used by couputer system is called data in use.
8. Which of the following is an example of compensating control?
A. Backups
B. IDS
C. Encryption
D. Patches
Answer: A. Backups
Explanation: Backups are compensating controls since they provide redundancy for the information in a given system.
9. On an incident response team, which role focuses on internal and external communications?
A. Technical expert
B. Management
C. Communications and Public Relations
D. Information Security
Answer: C. Communications and Public Relations
Explanation: Communications and public relations staff focus on internal and external communications, that typically differ from the direct conduit to senior management.
10. Which of the following is NOT an effective way to protect an organization from cybercriminals?
A. Using Firewall
B. Using antivirus even expired
C. Using intrusion detection and prevention system
D. Removing and disabling unneeded services
Answer: B. Using antivirus even expired
Explanation: Using outdated antivirus software is not an effective way to protect an organization from cybercriminals.
Read Also: Get 100 Frequently Asked CC Exam Questions and Answers set-2
11. Which of these is an administrative security control that implements corrective measures in case of a disaster?
A. Business Continuity Plans
B. Disaster Recovery Plans
C. Patches
D. Backups
Answer: B. Disaster Recovery Plans
Explanation: Disaster Recovery Plans are administrative security controls which implements the corrective measures in case of disaster.
12. A plan to sustain business operations while recovering from a significant disruption is called…
A. Business Continuity Plan
B. Disaster Recovery Plan
C. Business Sustain Plan
D. Business Operation Plan
Answer: A. Business Continuity Plan
Explanation: A plan to sustain business operations while recovering from a significant disruption is called Business Continuity Plan.
13. Which port number corresponds to the SMTP that uses transport layer security (TLS)?
A. 25
B. 22
C. 587
D. 161
Answer: C. 587
Explanation: The port number 587 corresponds to the SMTP that uses transport layer security (TLS) to encrypt the data between the mail client and server.
14. Which type of attack compromises the availability of a system or service through a malicious overload of requests?
A. Phishing
B. Trojans
C. Denial of Service
D. Cross-site Scripting
Answer: C. Denial of Service
Explanation: A denial of service compromises the availability of a system or service through a malicious overload of requests.
15. Which term represents whether cloud resources can be scaled up or down quickly and automatically to meet changing demand?
A. Broad Network Access
B. Rapid Elasticity
C. Measured Service
D. Resource Pooling
Answer: B. Rapid Elasticity
Explanation: If cloud resources can be scaled up or down quickly and automatically to meet changing demand represented by the term rapid elasticity.
Read Also: Top 100 ISC2 CC Exam Questions and Answers You Must Know Set-3
16. Which of these cloud development models is a type of cloud infrastructure shared by organizations with similar needs?
A. Public
B. Hybrid
C. Private
D. Community
Answer: D. Community
Explanation: A community cloud is a type of cloud infrastructure shared by organizations with similar needs.
17. Which featured security information and event management (SIEM) involves identifying patterns, trends, and anomalies in security events?
A. Log Analysis
B. Log Encryption
C. Log Retention
D. Log Consolidation
Answer: A. Log Analysis
Explanation: Log analysis in security information and event management (SIEM) involves identifying patterns, trends, and anomalies in security events.
18. Which exercises attempt to thoroughly recreate an incident to test responses?
A. A checklist exercise
B. A tabletop exercise
C. A walk-through exercise
D. A simulation exercise
Answer: D. A simulation exercise
Explanation: A simulation exercise attempts to thoroughly recreate an incident to test responses.
19. Which of these documents are typically created by government agencies or regulatory bodies?
A. Regulations
B. Policies
C. Guidelines
D. Standards
Answer: A. Regulations
Explanation: Regulations are typically created by government agencies or regulatory bodies.
20. A targeted attack in which the attacker uses email or other digital communication to trick a specific individual or group into divulging sensitive information is called…
A. Phishing
B. Spear Phishing
C. Whaling
D. DDoS
Answer: B. Spear Phishing
Explanation: Spear phishing is a targeted attack in which the attacker uses email or other digital communication to trick a specific individual or group into divulging sensitive information.
Read Also: Top 100 Proven CC Exam Questions and Answers Set-4
