ISC2 Pre-Course Assessment 2023 with
complete solution
Steve is a security practitioner assigned to come up with a protective measure for
ensuring cars don’t collide with pedestrians. What is probably the most effective type of
control for this task? Answer- Physical
A system that collects transactional information and stores it in a record in order to show
which users performed which actions is an example of providing . AnswerNon-repudiation
Of the following, which would probably not be considered a threat? Answer- A laptop
with sensitive data on it
The city of Grampon wants to know where all its public vehicles (garbage trucks, police
cars, etc.) are at all times, so the city has GPS transmitters installed in all the vehicles.
What kind of control is this? Answer- Technical
Guillermo logs onto a system and opens a document file. In this example, Guillermo is:
Answer- The subject
Gary is unable to log in to the production environment. Gary tries three times and is
then locked out of trying again for one hour. Why? Answer- Gary’s actions look like an
attack
Which type of fire-suppression system is typically the least expensive? Answer- Water
An IoT (Internet of Things) device is typified by its effect on or use of the _
environment. Answer- Physical
The concept that the deployment of multiple types of controls provides better security
than using a single type of control. Answer- Defense in depth
Zarma is an (ISC)² member and a security analyst for Triffid Corporation. One of
Zarma’s colleagues is interested in getting an (ISC)2 certification and asks Zarma what
the test questions are like. What should Zarma do? Answer- Explain the style and
format of the questions, but no detail
(ISC)² publishes a Common Body of Knowledge (CBK) that IT security practitioners
should be familiar with; this is recognized throughout the industry as a set of material
that is useful for practitioners to refer to. Certifications can be issued for demonstrating
expertise in this Common Body of Knowledge. What kind of document is the Common
Body of Knowledge? Answer- Standard
Hoshi is an (ISC)2 member who works for the Triffid Corporation as a data manager.
Triffid needs a new firewall solution, and Hoshi is asked to recommend a product for
Triffid to acquire and implement. Hoshi’s cousin works for a firewall vendor; that vendor
happens to make the best firewall available. What should Hoshi do? Answer- disclose
the relationship, but recommend the vendor/product
Sophia is visiting Las Vegas and decides to put a bet on a particular number on a
roulette wheel. This is an example of . Answer- Acceptance
In risk management concepts, a(n) is something a security practitioner
might need to protect. Answer- Asset
A _ is a record of something that has occurred. Answer- Log
Prachi works as a database administrator for Triffid, Inc. Prachi is allowed to add or
delete users, but is not allowed to read or modify the data in the database itself. When
Prachi logs onto the system, an access control list (ACL) checks to determine which
permissions Prachi has.
In this situation, what is the database? Answer- The object
Larry and Fern both work in the data center. In order to enter the data center to begin
their workday, they must both present their own keys (which are different) to the key
reader, before the door to the data center opens.
Which security concept is being applied in this situation? Answer- Dual control
All of the following are typically perceived as drawbacks to biometric systems, except:
Answer- Lack of accuracy
Which of the following is one of the common ways potential attacks are often identified?
Answer- Users report unusual systems activity/response to Help Desk or the security
office
The section of the IT environment that is closest to the external world; where we locate
IT systems that communicate with the Internet. Answer- DMZ (demilitarized zone)
The logical address of a device connected to the network or Internet. Answer- Internet
Protocol (IP) address
Which of the following activities is usually part of the configuration management
process, but is also extremely helpful in countering potential attacks? AnswerUpdating and patching systems
Siobhan is an (ISC)² member who works for Triffid Corporation as a security analyst. Yesterday, Siobhan got a parking ticket while shopping after work. What should Siobhan do? (D1, L1.5.1)
Pay the parking ticket
For which of the following systems would the security concept of availability probably be most important? (D1, L1.1.1)
Medical systems that monitor patient condition in an intensive care unit
A vendor sells a particular operating system (OS). In order to deploy the OS securely on different platforms, the vendor publishes several sets of instructions on how to install it, depending on which platform the customer is using. This is an example of a __. (D1, L1.4.2)
Procedure
Steve is a security practitioner assigned to come up with a protective measure for ensuring cars don’t collide with pedestrians. What is probably the most effective type of control for this task? (D1, L1.3.1)
Physical
(ISC)² publishes a Common Body of Knowledge (CBK) that IT security practitioners should be familiar with; this is recognized throughout the industry as a set of material that is useful for practitioners to refer to. Certifications can be issued for demonstrating expertise in this Common Body of Knowledge. What kind of document is the Common Body of Knowledge? (D1, L1.4.1)
Standard
A bollard is a post set securely in the ground in order to prevent a vehicle from entering an area or driving past a certain point. Bollards are an example of __ controls. (D1, L1.3.1)
Physical
Druna is a security practitioner tasked with ensuring that laptops are not stolen from the organization’s offices. Which sort of security control would probably be best for this purpose? (D1, L1.3.1)
Physical
A system that collects transactional information and stores it in a record in order to show which users performed which actions is an example of providing __. (D1, L1.1.1)
Non-repudiation
Glen is an (ISC)² member. Glen receives an email from a company offering a set of answers for an (ISC)² certification exam. What should Glen do? (D1, L1.5.1)
Inform (ISC)²
The Triffid Corporation publishes a policy that states all personnel will act in a manner that protects health and human safety. The security office is tasked with writing a detailed set of processes on how employees should wear protective gear such as hardhats and gloves when in hazardous areas. This detailed set of processes is a _. (D1, L1.4.1)
Procedure
Phrenal is selling a used laptop in an online auction. Phrenal has estimated the value of the laptop to be $100, but has seen other laptops of similar type and quality sell for both more and less than that amount. Phrenal hopes that the laptop will sell for $100 or more, but is prepared to take less for it if nobody bids that amount. This is an example of _. (D1, L1.2.2)
Risk tolerance
Aphrodite is a member of (ISC)² and a data analyst for Triffid Corporation. While Aphrodite is reviewing user log data, Aphrodite discovers that another Triffid employee is violating the acceptable use policy and watching streaming videos during work hours. What should Aphrodite do? (D1, L1.5.1)
Inform Triffid management
The European Union (EU) law that grants legal protections to individual human privacy. (D1, L1.1.1)
The General Data Protection Regulation
Kerpak works in the security office of a medium-sized entertainment company. Kerpak is asked to assess a particular threat, and he suggests that the best way to counter this threat would be to purchase and implement a particular security solution. This is an example of _. (D1, L1.2.2)
Mitigation
The city of Grampon wants to ensure that all of its citizens are protected from malware, so the city council creates a rule that anyone caught creating and launching malware within the city limits will receive a fine and go to jail. What kind of rule is this? (D1, L1.4.1)
Law
Of the following, which would probably not be considered a threat? (D1, L1.2.1)
A laptop with sensitive data on it
Triffid Corporation has a policy that all employees must receive security awareness instruction before using email; the company wants to make employees aware of potential phishing attempts that the employees might receive via email. What kind of control is this instruction? (D1, L1.3.1)
Administrative
The Payment Card Industry (PCI) Council is a committee made up of representatives from major credit card providers (Visa, Mastercard, American Express) in the United States. The PCI Council issues rules that merchants must follow if the merchants choose to accept payment via credit card. These rules describe best practices for securing credit card processing technology, activities for securing credit card information, and how to protect customers’ personal data. This set of rules is a _. (D1, L1.4.2)
Standard
The city of Grampon wants to know where all its public vehicles (garbage trucks, police cars, etc.) are at all times, so the city has GPS transmitters installed in all the vehicles. What kind of control is this? (D1, L1.3.1)
Technical
The Triffid Corporation publishes a strategic overview of the company’s intent to secure all the data the company possesses. This document is signed by Triffid senior management. What kind of document is this? (D1, L1.4.1)
Policy
True or False? Business continuity planning is a reactive procedure that restores business operations after a disruption occurs.
False
What is the risk associated with delaying resumption of full normal operations after a disaster? (D2, L2.3.1)
The impact of running alternate operations for extended periods
When should a business continuity plan (BCP) be activated? (D2, L2.2.1)
When senior management decides
All of the following are important ways to practice an organization disaster recovery (DR) effort; which one is the most important? (D2, L2.3.1)
Facility evacuation drills
What is the goal of Business Continuity efforts? (D2, L2.2.1)
Keep critical business functions operational
What is the overall objective of a disaster recovery (DR) effort? (D2, L2.3.1)
Return to normal, full operations
Who approves the incident response policy? (D2, L2.1.1)
Senior management
Prachi works as a database administrator for Triffid, Inc. Prachi is allowed to add or delete users, but is not allowed to read or modify the data in the database itself. When Prachi logs onto the system, an access control list (ACL) checks to determine which permissions Prachi has.
The subject
Prachi works as a database administrator for Triffid, Inc. Prachi is allowed to add or delete users, but is not allowed to read or modify the data in the database itself. When Prachi logs onto the system, an access control list (ACL) checks to determine which permissions Prachi has.
The rule
Which of the following will have the most impact on determining the duration of log retention? (D3, L3.2.1)
Applicable laws
Trina is a security practitioner at Triffid, Inc. Trina has been tasked with selecting a new product to serve as a security control in the environment. After doing some research, Trina selects a particular product. Before that product can be purchased, a manager must review Trina’s selection and determine whether to approve the purchase. This is a description of: (D3, L3.1.1)
Segregation of duties
Suvid works at Triffid, Inc. When Suvid attempts to log in to the production environment, a message appears stating that Suvid has to reset the password. What may have occurred to cause this?
Suvid’s password has expired
Handel is a senior manager at Triffid, Inc., and is in charge of implementing a new access control scheme for the company. Handel wants to ensure that employees transferring from one department to another, getting promoted, or cross-training to new positions can get access to the different assets they’ll need for their new positions, in the most efficient manner. Which method should Handel select? (D3, L3.3.1)
Role-based access controls (RBAC)
Visitors to a secure facility need to be controlled. Controls useful for managing visitors include all of the following except: (D3, L3.2.1)
Fence
Guillermo logs onto a system and opens a document file. In this example, Guillermo is: (D3, L3.1.1)
The subject
Prina is a database manager. Prina is allowed to add new users to the database, remove current users and create new usage functions for the users. Prina is not allowed to read the data in the fields of the database itself. This is an example of: (D3, L3.3.1)
Role-based access controls (RBAC)
Prachi works as a database administrator for Triffid, Inc. Prachi is allowed to add or delete users, but is not allowed to read or modify the data in the database itself. When Prachis logs onto the system, an access control list (ACL) checks to determine which permissions Prachi has.
Which security concept is being applied in this situation? (D3, L3.1.1)
Least privilege
Trina and Doug both work at Triffid, Inc. Doug is having trouble logging into the network. Trina offers to log in for Doug, using Trina’s credentials, so that Doug can get some work done.
Anything either of them do will be attributed to Trina
Handel is a senior manager at Triffid, Inc., and is in charge of implementing a new access control scheme for the company. Handel wants to ensure that operational managers have the utmost personal choice in determining which employees get access to which systems/data. Which method should Handel select? (D3, L3.3.1)
Discretionary access controls (DAC)
Gary is unable to log in to the production environment. Gary tries three times and is then locked out of trying again for one hour. Why? (D3, L3.3.1)
Gary’s actions look like an attack
Which of the following is probably most useful at the perimeter of a property? (D3, L3.2.1)
A fence
Which of the following is a biometric access control mechanism? (D3, L3.2.1)
A door locked by a voiceprint identifier
Handel is a senior manager at Triffid, Inc., and is in charge of implementing a new access control scheme for the company. Handel wants to ensure that employees who are assigned to new positions in the company do not retain whatever access they had in their old positions. Which method should Handel select? (D3, L3.3.1)
Role-based access controls (RBAC)
All visitors to a secure facility should be _. (D3, L3.2.1)
Escorted
Which of the following is one of the common ways potential attacks are often identified? (D4.2 L4.2.2)
Users report unusual systems activity/response to Help Desk or the security office
Which common cloud service model only offers the customer access to a given application? (D4.3 L4.3.2)
Software as a service (SaaS)
The logical address of a device connected to the network or Internet. (D4.1 L4.1.1)
Internet Protocol (IP) address
The section of the IT environment that is closest to the external world; where we locate IT systems that communicate with the Internet. (D4.3 L4.3.3)
DMZ
A tool that filters inbound traffic to reduce potential threats. (D4.2 L4.2.3)
Firewall
Which type of fire-suppression system is typically the least expensive?
Water
Which common cloud service model offers the customer the most control of the cloud environment? (D4.3 L4.3.2)
Infrastructure as a service (IaaS)
A VLAN is a _ method of segmenting networks. (D4.3 L4.3.3)
Logical
Cheryl is browsing the Web. Which of the following protocols is she probably using? (D4, L4.1.2)
HTTP (Hypertext Transfer Protocol)
Triffid, Inc., has deployed anti-malware solutions across its internal IT environment. What is an additional task necessary to ensure this control will function properly? (D4.2 L4.2.3)
Update the anti-malware solution regularly
An IoT (Internet of Things) device is typified by its effect on or use of the _ environment. (D4.3 L4.3.3)
Physical
Which of the following would be best placed in the DMZ of an IT environment? (D4.3 L4.3.3)
Mail server
Garfield is a security analyst at Triffid, Inc. Garfield notices that a particular application in the production environment is being copied very quickly, across systems and devices utilized by many users. What kind of attack could this be? (D4.2 L4.2.1)
Worm
Carol is browsing the Web. Which of the following ports is she probably using? (D4, L4.1.2)
80
Cyril wants to ensure all the devices on his company’s internal IT environment are properly synchronized. Which of the following protocols would aid in this effort? (D4, L4.1.2)
NTP (Network Time Protocol)
A device that filters network traffic in order to enhance overall security/performance. (D4.1 L4.1.1)
Firewall
Inbound traffic from an external source seems to indicate much higher rates of communication than normal, to the point where the internal systems might be overwhelmed. Which security solution can often identify and potentially counter this risk? (D4.2 L4.2.2)
Firewall
The concept that the deployment of multiple types of controls provides better security than using a single type of control. (D4.3 L4.3.3)
Defense in depth
When Pritha started working for Triffid, Inc., Pritha had to sign a policy that described how Pritha would be allowed to use Triffid’s IT equipment. What policy was this? (D5.3, L5.3.1)
The acceptable use policy (AUP)
__ is used to ensure that configuration management activities are effective and enforced. (D5.2, L5.2.1)
Verification and audit
Bluga works for Triffid, Inc. as a security analyst. Bluga wants to send a message to several people and wants the recipients to know that the message definitely came from Bluga. What type of encryption should Bluga use? (D5.1, L5.1.3)
Asymmetric encryption
If two people want to use symmetric encryption to conduct a confidential conversation, how many keys do they need? (D5.1, L5.1.3)
1
The organization should keep a copy of every signed Acceptable Use Policy (AUP) on file, and issue a copy to _. (D5.3, L5.3.1)
The user who signed it
Data _ is data left behind on systems/media after normal deletion procedures have been attempted. (D5.1, L5.1.1)
Remanence
Logs should be reviewed __. (D5.1, L5.1.2)
Continually
One of the benefits of computer-based training (CBT): (D5.4, L5.4.1)
Scalable
Which of the following is probably the main purpose of configuration management? (D5.2, L5.2.1)
Ensuring only authorized modifications are made to the IT environment
Dieter wants to send a message to Lupa and wants to be sure that Lupa knows the message has not been modified in transit. What technique/tool could Dieter use to assist in this effort? (D5.1, L5.1.3)
Hashing
Triffid, Inc., wants to host streaming video files for the company’s remote users, but wants to ensure the data is protected while it’s streaming. Which of the following methods are probably best for this purpose? (D5.1, L5.1.3)
Symmetric encryption
Every document owned by Triffid, Inc., whether hardcopy or electronic, has a clear, 24-point word at the top and bottom. Only three words can be used: “Sensitive,” “Proprietary” and “Public.”
Labeling
Data retention periods apply to __ data. (D5.1, L5.1.1)
All