Free ISC CC Practice Exam with Questions & Answers | Set: 9

A firewall is a network security device designed to monitor, filter, and control incoming and outgoing traffic based on predefined security rules. Firewalls act as a barrier between trusted internal networks and untrusted external networks, such as the internet.

Firewalls can operate at multiple layers of the OSI model and may inspect packet headers, session states, and even application-level data. Modern firewalls often include advanced features such as intrusion prevention, deep packet inspection, and threat intelligence integration.

Servers and endpoints generate or consume traffic but do not filter it by default. Ethernet is a networking standard, not a device. Firewalls are a foundational security control recommended by virtually all cybersecurity frameworks, including NIST and CIS Critical Security Controls.

By enforcing traffic filtering rules, firewalls help prevent unauthorized access, reduce attack surfaces, and protect systems from threats such as malware, scanning, and exploitation.

BCP requires input from all business units to identify dependencies and ensure continuity of critical functions.

The loopback address allows a system to test its own network stack.127.0.0.1is the IPv4 loopback address, while::1is its IPv6 equivalent. Both route traffic internally without leaving the host.

A zero-day vulnerability is unknown to the vendor and security community and has no available patch. Because defenders have “zero days” to fix it, zero-day vulnerabilities are highly dangerous.

Aprocedureis a detailed, step-by-step set of instructions that explainshowto perform a task in compliance with policies and standards. Procedures translate high-level requirements into actionable guidance for staff.

Policies define what must be done, standards specify mandatory requirements, and procedures explain exactly how to carry them out. Laws are external legal mandates, not internal operational documents.

For example, a security policy may require access reviews, a standard may define review frequency, and a procedure will outline the exact steps to conduct the review. Procedures ensure consistency, reduce errors, and support compliance and auditing efforts.

Disaster Recovery includes restoring systems and returning operations to normal, which may involve staff moving back to the primary site after temporary relocation.

ASecurity Operations Center (SOC)is a centralized function responsible for continuous monitoring, detection, analysis, and response to cybersecurity events. SOC teams use tools such as SIEM, SOAR, IDS/IPS, and threat intelligence feeds to identify threats before they escalate into incidents.

TCP (Transmission Control Protocol) and UDP (User Datagram Protocol) operate at theTransport layer (Layer 4)of the OSI model. This layer is responsible for end-to-end communication, segmentation, flow control, and error handling.

TCP provides reliable, connection-oriented communication with acknowledgments and retransmissions. UDP provides connectionless communication optimized for speed and low latency.

The Session layer manages session establishment, and the Presentation layer handles formatting and encryption. Neither is responsible for transport-level data delivery.

Understanding protocol placement is essential for firewall rules, intrusion detection, and network troubleshooting. Most security controls rely heavily on Transport-layer awareness.

ATrojanis a direct form of malware that disguises itself as legitimate software to perform malicious actions.

ThePrinciple of Least Privilegeensures users, applications, and systems have only the minimum permissions necessary to perform their duties. This reduces the attack surface and limits potential damage if credentials are compromised.