ISC2 CC Exam Questions Latest Update -

ISC2 CC Exam Questions Latest Update - Questions and 100% Verified Correct Answers Guaranteed A+

______ is used to ensure that configuration management activities are effective and enforced. (D5.2, L5.2.1)

A)Inventory B)Baseline C)Identification D)Verification and audit - CORRECT ANSWER: Verification and audit are methods we use to review the IT environment to ensure that configuration management activities have taken place and are achieving their intended purpose. D is the correct answer. A, B and C are incorrect; while these are terms related to configuration management, the answer is verification and audit.

"Wiring _____" is a common term meaning "a place where wires/conduits are often run, and equipment can be placed, in order to facilitate the use of local networks." (D4.3

L4.3.1)

A)Shelf B)Closet C)Bracket D)House - CORRECT ANSWER: "Wiring closet" is the common term used to described small spaces, typically placed on each floor of a building, where IT infrastructure can be placed. A, C and D are incorrect; these are not common terms used in this manner.

A _____ is a record of something that has occurred. (D3, L3.2.1)

A)Biometric B)Law C)Log

D)Firewall - CORRECT ANSWER: C is correct. This is a description of a log. A is

incorrect; "biometrics" is a term used to describe access control systems that use physiological traits of individuals in order to grant/deny access. B is incorrect; laws are legal mandates. D is incorrect; a firewall is a device for filtering traffic.

A bollard is a post set securely in the ground in order to prevent a vehicle from entering an area or driving past a certain point. Bollards are an example of ______ controls. (D1,

L1.3.1)

A)Physical B)Administrative C)Drastic 1 / 3

D)Technical - CORRECT ANSWER: A is correct. A bollard is a tangible object that

prevents a physical act from occurring; this is a physical control. B and D are incorrect because the bollard is a physical control, not administrative or technical. C is incorrect: "drastic" is not a term commonly used to describe a particular type of security control, and is used here only as a distractor.

A device that filters network traffic in order to enhance overall security/performance.

(D4.1 L4.1.1)

A)Endpoint B)Laptop C)MAC (media access control) D)Firewall - CORRECT ANSWER: Firewalls filter traffic in order to enhance the overall security or performance of the network, or both. D is the correct answer. A is incorrect; "endpoint" is the term used to describe a device involved in a networked communication, at either "end" of a conversation. B is incorrect; laptops are not typically employed to filter network traffic. C is incorrect; MAC is the physical address of a device on a network.

A device that is commonly useful to have on the perimeter between two networks. (D4.3

L4.3.3)

A)User laptop B)IoT C)Camera D)Firewall - CORRECT ANSWER: Firewalls are often useful to monitor/filter traffic between two networks. D is correct. A and B are incorrect; these are typically located inside the perimeter of the internal environment. C is incorrect; cameras do not offer much benefit in monitoring communications traffic.

A device typically accessed by multiple users, often intended for a single purpose, such as managing email or web pages. (D4.1 L4.1.1)

A)Router B)Switch C)Server D)Laptop - CORRECT ANSWER: A server typically offers a specific service, such as hosting web pages or managing email, and is often accessed by multiple users. C is the correct answer. A and B are incorrect; routers and switches are used to vector network traffic, not to provide specific services. D is incorrect; a laptop is typically only assigned to a single user.

A means to allow remote users to have secure access to the internal IT environment.

(D4.3 L4.3.3)

A)Internet 2 / 3

B)VLAN

C)MAC

D)VPN - CORRECT ANSWER: D is correct; a virtual private network protects

communication traffic over untrusted media. A is incorrect; the internet is an untrusted medium. B is incorrect; VLANs are used to segment portions of the internal environment. C is incorrect; MAC is the physical address of a given networked device.

A software firewall is an application that runs on a device and prevents specific types of traffic from entering that device. This is a type of ________ control. (D1, L1.3.1)

A)Physical B)Administrative C)Passive

D)Technical - CORRECT ANSWER: D is correct. A software firewall is a technical

control, because it is a part of the IT environment. A is incorrect; a software firewall is not a tangible object that protects something. B is incorrect; a software firewall is not a rule or process. Without trying to confuse the issue, a software firewall might incorporate an administrative control: the set of rules which the firewall uses to allow or block particular traffic. However, answer D is a much better way to describe a software firewall. C is incorrect; "passive" is not a term commonly used to describe a particular type of security control, and is used here only as a distractor.

A system that collects transactional information and stores it in a record in order to show which users performed which actions is an example of providing ________. (D1, L1.1.1)

A)Non-repudiation B)Multifactor authentication C)Biometrics

D)Privacy - CORRECT ANSWER: A is correct. Non-repudiation is the concept that

users cannot deny they have performed transactions that they did, in fact, conduct. A system that keeps a record of user transactions provides non-repudiation. B and C are incorrect because nothing in the question referred to authentication at all. D is incorrect because non-repudiation does not support privacy (if anything, non-repudiation and privacy are oppositional).

A tool that filters inbound traffic to reduce potential threats. (D4.2 L4.2.3)

A)NIDS (network-based intrusion-detection systems) B)Anti-malware C)DLP (data loss prevention) D)Firewall - CORRECT ANSWER: Firewalls typically filter traffic originating from outside the organization's IT environment. D is the correct answer. A is incorrect; NIDS typically monitor traffic within the production environment. B is incorrect; anti-malware solutions typically identify hostile software. C is incorrect; DLP solutions typically monitor outbound traffic.

• / 3