Spring Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70track

Free ISC CC Practice Exam with Questions & Answers | Set: 11

Questions 101

A DDoS attack affects which OSI layers?

Options:
A.

Network layer

B.

Transport layer

C.

Physical layer

D.

Both A and B

ISC CC Premium Access
Questions 102

An unusual occurrence in a system or network is best described as:

Options:
A.

Breach

B.

Exploit

C.

Event

D.

Intrusion

Questions 103

Example of a technical control:

Options:
A.

Security guard

B.

GPS installed in a vehicle to track location

C.

Door lock

D.

None

Questions 104

Exhibit.

CC Question 104

CC Question 104

What kind of vulnerability is typically not identifiable through a standard vulnerability assessment?

Options:
A.

File permissions

B.

Buffer overflow

C.

Zero-day vulnerability

D.

Cross-site scripting

Questions 105

An IP network protocol standardized by the IETF through RFC 792 to determine if a host is available is:

Options:
A.

IP

B.

ICMP

C.

IGMP

D.

HTTP

Questions 106

Which is NOT a component of a Business Continuity (BC) plan?

Options:
A.

Immediate response procedures

B.

Notification systems

C.

Management authority guidance

D.

Management

Questions 107

David's team recently implemented a new system that gathers information from a variety of different log sources, analyzes that information, and then triggers automated playbooks in response to security events. What term BEST describes this technology?

Options:
A.

SIEM

B.

Log Repository

C.

IPS

D.

SOAR

Questions 108

Which of the following is NOT one of the three main components of an SQL database?

Options:
A.

Views

B.

Schemas

C.

Tables

D.

Object-oriented interfaces

Questions 109

What is meant by non-repudiation?

Options:
A.

If a user does something, they can't later claim that they didn't do it.

B.

Controls to protect the organization's reputation from harm due to inappropriate social media postings by employees, even if on their private accounts and personal time.

C.

It is part of the rules set by administrative controls.

D.

It is a security feature that prevents session replay attacks.

Questions 110

Which protocol would be most suitable to fulfill the secure communication requirements between clients and the server for a company deploying a new application?

Options:
A.

FTP

B.

HTTP

C.

HTTPS

D.

SMTP