“CC ISC2 Dumps”

Q1. What must be done when data kept for more then 1 year.

Ans Data archival

Q2. IOT/OT comes in .

Ans ICS industrial control system

Q3. Which cloud model proposes system resource, os

Ans. PAAS

Q4. Whats need to be reviewed when a vendor doesn't fulfill the contract agreement, what
document MUDT be referred in order to penalized vendor

Ans. SLA

Q5. Which technology prevents data from leakage

Ans. MDM

Q6. Which protocol consider less secure for data transfer

Ans. FTP

Q7. What is the alternate term of security?

Ans. Integrity

Q8. What ctitical document should department consider for critical assets integration

Ans. BIA

Q9. Which do document is critical ehilr operating from DR site

Ans. BCP

Q10. Business objectives must align with

Ans. Information security strategy

Q11. The enforcement commitment, acceptance of onfosec policy comea from

Ans. Leadership

Q12. A DDos attack can cause

Ans. Interruption

Q13. A DDos attack can impact systems

Ans. Availability

Q14. Logical security controls in MFA includes

Ans. OTP

Q15. System hardening includes

Ans. Unnecessary open services

Q16. What physical control should be deployed in data center to restrict unauthorized access

Ans. Bio metric

Q17. Which security model best describes when a user needs to login required verification

Ans. Zero trust architecture

Q18. Which tool is used to sniff network traffic

Ans. TCPDUMP

Q19. Which technique is used to restrict host within same subnet

Ans. Network segregation

Q20. In a cloud security model which model transfer responsibility on vendor

Ans. SaaS

Q21. In which attack does sn attacker controls remotely victim machine and modifying system
resources.

Ans. Botnet

Q22. Which model only addresses data confidentiality and not integrity

Ans. Bell-Lapadula

Q23. Which Access Matrix model, in general, provides object access rights (read/write/execute, or
R/W/X) to subjects.

Ans. DAC discretionary access control

Q24. In which access control matrix owner can determine the access privileges.  
Ans. DAC

Q25. Which model provide access to the user based on their identities and data.

Ans. MAC

Q26. Which access model allows implementing “least privilege” policies, limits access to just the
resources users need to do their jobs.

Ans. RBAC

Q27. The security model uses an access matrix and defines a "No read up", "No write down" policy.

Ans. The Bell-LaPadula model

Q28. Which controls allow denial of, service is in network. It is simply a list of the services available,
each with a list of the hosts permitted to use the services.

Ans. ACL

Q29. ISC2 ethics violation

Ans. Board of directors

Q30. Physical Safety is the top priority for:

Ans. Human