
[Mar 25, 2026] Latest ISC Certification CC Actual Free Exam Questions
ISC Certification CC Dumps Updated Practice Test and 406 unique questions
NEW QUESTION # 173
Configuration settings or parameters stored as data and managed through a software graphical user interface (GUI) are examples of:
- A. Physical access control
- B. Administrative access control
- C. Logical access control
Answer: C
Explanation:
Logical access controls are implemented through software and system configurations. They include settings such as user permissions, authentication mechanisms, firewall rules, and system policies managed through GUIs or command-line interfaces. Logical controls protect digital assets by restricting access based on identity and authorization.
NEW QUESTION # 174
Which device is used to control traffic flow between networks?
- A. Router
- B. Switch
- C. Hub
- D. SDN
Answer: A
Explanation:
Routers control traffic flow between different networks by making routing decisions based on IP addresses.
They operate at OSI Layer 3 and determine the optimal path for data packets.
NEW QUESTION # 175
Carol is browsing the Web. Which of the following ports is she probably using?
- A. 0
- B. 1
- C. 2
- D. 3
Answer: C
NEW QUESTION # 176
What is the main purpose of using digital signatures in communication security?
- A. To encrypt sensitive data during transmission
- B. To prevent unauthorized access to a network
- C. To compress data to reduce bandwidth usage
- D. To verify the identity of the sender and ensure the integrity of the message (Correct)
Answer: D
NEW QUESTION # 177
Which of the following is a characteristic of cloud
- A. Rapid Elasticity
- B. Measured Service
- C. AII
- D. Broad Network Access
Answer: A
NEW QUESTION # 178
Duke would like to restrict users from accessing a list of prohibited websites while connected to his network.
Which one of the following controls would BEST achieve his objective?
- A. DLP Solution
- B. IP Address Block
- C. IPS Solution
- D. URL Filter
Answer: D
NEW QUESTION # 179
What is privacy in the context of Information Security?
- A. Ensuring data is accurate and unchanged
- B. Protecting data from unauthorized access
- C. Disclosed without their consent
- D. Making sure data is always accessible when needed
Answer: B
Explanation:
In information security, privacy refers to protecting personal and sensitive information from unauthorized access, use, or disclosure. Privacy focuses specifically on data related to individuals, such as PII, and ensuring it is handled according to legal, ethical, and regulatory requirements.
While privacy is closely related to confidentiality, it places greater emphasis on individual rights and consent.
Ensuring privacy means limiting access to personal data and preventing misuse.
Integrity and availability address different aspects of the CIA triad, while option D is incomplete and incorrect. Security frameworks treat privacy as a critical objective, especially in environments handling personal data.
NEW QUESTION # 180
What is the first phase in System Development Life Cycle
- A. Feasibilty Study
- B. Design Phase
- C. Requirements Analysis Phase
- D. Development Phase
Answer: A
NEW QUESTION # 181
Which of the following properties is not guaranteed by Digital signatures
- A. Authentication
- B. Confidentiality
- C. Integrity
- D. Non-Repudiation
Answer: B
NEW QUESTION # 182
When is the Business Continuity Plan Enacted?
- A. When there is a loss of business operations
- B. When there is a natural disaster
- C. When there is a event
- D. When there is a incident
Answer: A
NEW QUESTION # 183
DevOps team has updated the application source code, Tom has discovered that many unauthorized changes have been made. What is the BEST control Tom can implement to prevent a recurrence of this problem?
- A. Security audit
- B. Hashing
- C. File labels
- D. Backup
Answer: B
NEW QUESTION # 184
Which type of fire-suppression system is typically the safest for humans?
- A. Gaseous
- B. Dirt
- C. Oxygen-depletion
- D. Water
Answer: D
NEW QUESTION # 185
Which is related to privacy?
- A. GDPR
- B. All
- C. FIPS
- D. MOU
Answer: B
Explanation:
GDPR directly addresses privacy, while FIPS and MOUs can also relate to privacy controls and data handling requirements.
NEW QUESTION # 186
What kind of control is, when we add a backup firewall that takes over if the main one stops working?
- A. Clustering
- B. Component redundancy
- C. Load balancing
- D. High availability(HA)
Answer: D
NEW QUESTION # 187
David is worried about distributed denial-of-service (DDoS) attacks against his company's primary web application. Which option will provide the MOST resilience against large-scale DDoS attacks?
- A. Implement a CDN
- B. Contract for DDoS mitigation services via the company's IPS
- C. Increase bandwidth from one or more ISPs
- D. Increase the number of servers in the web application cluster
Answer: A
Explanation:
A Content Delivery Network (CDN) provides the greatest resilience against large-scale DDoS attacks by distributing traffic across a globally dispersed network of edge servers. CDNs absorb and filter malicious traffic before it reaches the origin infrastructure.
Increasing servers or bandwidth helps only to a limited extent and can still be overwhelmed by volumetric attacks. IPS-based mitigation is effective for smaller attacks but is not designed to handle massive distributed floods. CDNs combine traffic absorption, rate limiting, caching, and threat filtering at scale.
Major CDNs operate with terabits of capacity and specialized DDoS defenses, making them highly effective against attacks that would cripple individual organizations.
For public-facing applications, CDNs are considered a best-practice defensive control against availability attacks.
NEW QUESTION # 188
Type 1 authentication poses which risks?
- A. Users may forget their passwords
- B. All
- C. Passwords may be intercepted and stolen
- D. Users may share their credentials with others
Answer: B
Explanation:
Type 1 authentication refers tosomething you know, such as passwords or PINs. While widely used, this authentication method has several inherent weaknesses. Users may share credentials intentionally or unintentionally, reuse weak passwords across systems, or forget them altogether. Passwords can also be intercepted through phishing, keylogging, shoulder surfing, or man-in-the-middle attacks.
Because of these weaknesses, Type 1 authentication alone provides limited security assurance. Modern security frameworks strongly recommend supplementing knowledge-based authentication with additional factors, such as something you have (tokens) or something you are (biometrics), to form Multi-Factor Authentication (MFA).
NEW QUESTION # 189
Example of dynamic authorization:
- A. RBAC
- B. ABAC
- C. MAC
- D. DAC
Answer: B
Explanation:
Attribute-Based Access Control (ABAC) is considered a dynamic authorization model because access decisions are made in real time based on attributes of the user, resource, action, and environment. These attributes can include time of day, device type, location, data sensitivity, and user role.
Unlike RBAC or MAC, which rely on static roles or labels, ABAC evaluates policies dynamically using a policy decision point (PDP). This makes ABAC ideal for modern cloud, zero trust, and highly distributed environments.
DAC allows owners to grant permissions, RBAC uses predefined roles, and MAC relies on fixed security labels. ABAC provides the most flexible and context-aware authorization.
NEW QUESTION # 190
What is the difference between BCP and DRP
- A. BCP is about maintaining critical business functions before a disaster occurs
- B. BCP is about restoring IT and communications back to full operations after a disruption, while DRP is about maintaining critical business functions
- C. DRP and BCP are the same
- D. DRP is about restoring IT and communications back to full operations after a disruption, while BCP i about maintaining critical business functions
Answer: D
NEW QUESTION # 191
A company data center has been breached by hackers and all its systems have been taken down what is the main objective of the DRP in such a scenario?
- A. To investigate and prosecute the hackers responsible of the attack
- B. To relocate the data center to another location
- C. To restore the IT systems to their last known state
- D. To ensure the physical safety of employees in the data center
Answer: C
NEW QUESTION # 192
Which IR phase involves identifying critical data and systems?
- A. Eradication
- B. Preparation
- C. Detection and analysis
- D. Containment
Answer: B
Explanation:
Preparation includes asset identification, system classification, and readiness planning.
NEW QUESTION # 193
Which port is used by SSH?
- A. 0
- B. 1
- C. 2
- D. 3
Answer: C
Explanation:
SSH uses TCP port 22 by default and provides encrypted remote administration. Telnet (23) and FTP (21) are insecure alternatives.
NEW QUESTION # 194
......
ISC CC Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
Verified CC dumps Q&As - 100% Pass from ExamDiscuss: https://www.examdiscuss.com/ISC/exam/CC/
Latest 100% Exam Passing Ratio - CC Dumps PDF: https://drive.google.com/open?id=1FIEkyavwb8Ba_CsFqG7EEbKF-RtVmGrj