Free ISC CC Practice Exam with Questions & Answers | Set: 6

Backups are recovery controls because they restore data and systems after failures, attacks, or disasters.

Buffer overflow attacks target applications, exploiting improper memory handling. Applications operate atLayer 7 (Application Layer), making it the primary target.

NIST publishes standards and frameworks. GDPR and HIPAA are regulations and laws, not standards bodies.

IPSec (Internet Protocol Security) operates atLayer 3 – the Network Layerof the OSI model. IPSec is designed to secure IP communications by authenticating and encrypting each IP packet in a data stream. Because it works directly with IP packets, it naturally fits at the network layer.

Operating at Layer 3 gives IPSec a major advantage: it can protectall network traffic, regardless of the application or transport protocol being used. This means IPSec can secure TCP, UDP, and ICMP traffic transparently without requiring changes to applications. IPSec is commonly used to implementVirtual Private Networks (VPNs), including site-to-site and remote-access VPNs.

IPSec uses protocols such asAuthentication Header (AH)andEncapsulating Security Payload (ESP)to provide confidentiality, integrity, authentication, and anti-replay protection. Key management is typically handled by IKE (Internet Key Exchange).

Although IPSec may appear in some diagrams as interacting with other layers, standards bodies such as NIST and IETF clearly define IPSec as aLayer 3 (Network Layer)security protocol.

Authentication is the phase of the AAA (Authentication, Authorization, Accounting) model in which a user proves their identity. During authentication, the system verifies that the user is who they claim to be by validating credentials such as passwords, biometrics, smart cards, or cryptographic keys.

Identification occurs first, when a user claims an identity (for example, entering a username). Authentication then confirms that claim. Authorization follows authentication and determines what actions the authenticated user is permitted to perform. Accounting tracks and logs user activities for auditing and monitoring purposes.

Strong authentication is critical to system security because all subsequent access control decisions depend on its accuracy. Weak authentication mechanisms increase the risk of unauthorized access, credential theft, and impersonation attacks.

Modern security frameworks emphasize multi-factor authentication (MFA) to strengthen this phase. NIST SP 800-63 highlights authentication as a core security function essential to protecting systems, data, and services from unauthorized access.

Modern firewalls operate at Layers 3, 4, and 7, supporting packet filtering, stateful inspection, and application-layer filtering.

Mandatory Access Control (MAC) enforces centrally managed security labels and clearances, making it suitable for classified and government systems.

A threat actor is the individual or group responsible for carrying out attacks. Threat vectors describe methods, not entities.

Microsoft SQL Server commonly uses TCP port 1433, which falls in the registered port range.

A MAC (Media Access Control) address is 48 bits long and is divided into two main parts. The first24 bitsrepresent theOrganizationally Unique Identifier (OUI), which is assigned by IEEE to hardware manufacturers.

The remaining 24 bits are assigned by the manufacturer to uniquely identify individual network interfaces. The OUI allows network administrators and tools to identify the vendor of a network device.

Understanding MAC addressing is important for network security, device identification, and troubleshooting. MAC addresses are commonly used in access control mechanisms such as MAC filtering, although they should not be relied upon as a strong security control due to spoofing risks.