[Mar 25, 2026] Latest ISC Certification CC Actual Free Exam Questions [Q173-Q194]

Share

[Mar 25, 2026] Latest ISC Certification CC Actual Free Exam Questions

ISC Certification CC Dumps Updated Practice Test and 406 unique questions

NEW QUESTION # 173
Configuration settings or parameters stored as data and managed through a software graphical user interface (GUI) are examples of:

  • A. Physical access control
  • B. Administrative access control
  • C. Logical access control

Answer: C

Explanation:
Logical access controls are implemented through software and system configurations. They include settings such as user permissions, authentication mechanisms, firewall rules, and system policies managed through GUIs or command-line interfaces. Logical controls protect digital assets by restricting access based on identity and authorization.


NEW QUESTION # 174
Which device is used to control traffic flow between networks?

  • A. Router
  • B. Switch
  • C. Hub
  • D. SDN

Answer: A

Explanation:
Routers control traffic flow between different networks by making routing decisions based on IP addresses.
They operate at OSI Layer 3 and determine the optimal path for data packets.


NEW QUESTION # 175
Carol is browsing the Web. Which of the following ports is she probably using?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: C


NEW QUESTION # 176
What is the main purpose of using digital signatures in communication security?

  • A. To encrypt sensitive data during transmission
  • B. To prevent unauthorized access to a network
  • C. To compress data to reduce bandwidth usage
  • D. To verify the identity of the sender and ensure the integrity of the message (Correct)

Answer: D


NEW QUESTION # 177
Which of the following is a characteristic of cloud

  • A. Rapid Elasticity
  • B. Measured Service
  • C. AII
  • D. Broad Network Access

Answer: A


NEW QUESTION # 178
Duke would like to restrict users from accessing a list of prohibited websites while connected to his network.
Which one of the following controls would BEST achieve his objective?

  • A. DLP Solution
  • B. IP Address Block
  • C. IPS Solution
  • D. URL Filter

Answer: D


NEW QUESTION # 179
What is privacy in the context of Information Security?

  • A. Ensuring data is accurate and unchanged
  • B. Protecting data from unauthorized access
  • C. Disclosed without their consent
  • D. Making sure data is always accessible when needed

Answer: B

Explanation:
In information security, privacy refers to protecting personal and sensitive information from unauthorized access, use, or disclosure. Privacy focuses specifically on data related to individuals, such as PII, and ensuring it is handled according to legal, ethical, and regulatory requirements.
While privacy is closely related to confidentiality, it places greater emphasis on individual rights and consent.
Ensuring privacy means limiting access to personal data and preventing misuse.
Integrity and availability address different aspects of the CIA triad, while option D is incomplete and incorrect. Security frameworks treat privacy as a critical objective, especially in environments handling personal data.


NEW QUESTION # 180
What is the first phase in System Development Life Cycle

  • A. Feasibilty Study
  • B. Design Phase
  • C. Requirements Analysis Phase
  • D. Development Phase

Answer: A


NEW QUESTION # 181
Which of the following properties is not guaranteed by Digital signatures

  • A. Authentication
  • B. Confidentiality
  • C. Integrity
  • D. Non-Repudiation

Answer: B


NEW QUESTION # 182
When is the Business Continuity Plan Enacted?

  • A. When there is a loss of business operations
  • B. When there is a natural disaster
  • C. When there is a event
  • D. When there is a incident

Answer: A


NEW QUESTION # 183
DevOps team has updated the application source code, Tom has discovered that many unauthorized changes have been made. What is the BEST control Tom can implement to prevent a recurrence of this problem?

  • A. Security audit
  • B. Hashing
  • C. File labels
  • D. Backup

Answer: B


NEW QUESTION # 184
Which type of fire-suppression system is typically the safest for humans?

  • A. Gaseous
  • B. Dirt
  • C. Oxygen-depletion
  • D. Water

Answer: D


NEW QUESTION # 185
Which is related to privacy?

  • A. GDPR
  • B. All
  • C. FIPS
  • D. MOU

Answer: B

Explanation:
GDPR directly addresses privacy, while FIPS and MOUs can also relate to privacy controls and data handling requirements.


NEW QUESTION # 186
What kind of control is, when we add a backup firewall that takes over if the main one stops working?

  • A. Clustering
  • B. Component redundancy
  • C. Load balancing
  • D. High availability(HA)

Answer: D


NEW QUESTION # 187
David is worried about distributed denial-of-service (DDoS) attacks against his company's primary web application. Which option will provide the MOST resilience against large-scale DDoS attacks?

  • A. Implement a CDN
  • B. Contract for DDoS mitigation services via the company's IPS
  • C. Increase bandwidth from one or more ISPs
  • D. Increase the number of servers in the web application cluster

Answer: A

Explanation:
A Content Delivery Network (CDN) provides the greatest resilience against large-scale DDoS attacks by distributing traffic across a globally dispersed network of edge servers. CDNs absorb and filter malicious traffic before it reaches the origin infrastructure.
Increasing servers or bandwidth helps only to a limited extent and can still be overwhelmed by volumetric attacks. IPS-based mitigation is effective for smaller attacks but is not designed to handle massive distributed floods. CDNs combine traffic absorption, rate limiting, caching, and threat filtering at scale.
Major CDNs operate with terabits of capacity and specialized DDoS defenses, making them highly effective against attacks that would cripple individual organizations.
For public-facing applications, CDNs are considered a best-practice defensive control against availability attacks.


NEW QUESTION # 188
Type 1 authentication poses which risks?

  • A. Users may forget their passwords
  • B. All
  • C. Passwords may be intercepted and stolen
  • D. Users may share their credentials with others

Answer: B

Explanation:
Type 1 authentication refers tosomething you know, such as passwords or PINs. While widely used, this authentication method has several inherent weaknesses. Users may share credentials intentionally or unintentionally, reuse weak passwords across systems, or forget them altogether. Passwords can also be intercepted through phishing, keylogging, shoulder surfing, or man-in-the-middle attacks.
Because of these weaknesses, Type 1 authentication alone provides limited security assurance. Modern security frameworks strongly recommend supplementing knowledge-based authentication with additional factors, such as something you have (tokens) or something you are (biometrics), to form Multi-Factor Authentication (MFA).


NEW QUESTION # 189
Example of dynamic authorization:

  • A. RBAC
  • B. ABAC
  • C. MAC
  • D. DAC

Answer: B

Explanation:
Attribute-Based Access Control (ABAC) is considered a dynamic authorization model because access decisions are made in real time based on attributes of the user, resource, action, and environment. These attributes can include time of day, device type, location, data sensitivity, and user role.
Unlike RBAC or MAC, which rely on static roles or labels, ABAC evaluates policies dynamically using a policy decision point (PDP). This makes ABAC ideal for modern cloud, zero trust, and highly distributed environments.
DAC allows owners to grant permissions, RBAC uses predefined roles, and MAC relies on fixed security labels. ABAC provides the most flexible and context-aware authorization.


NEW QUESTION # 190
What is the difference between BCP and DRP

  • A. BCP is about maintaining critical business functions before a disaster occurs
  • B. BCP is about restoring IT and communications back to full operations after a disruption, while DRP is about maintaining critical business functions
  • C. DRP and BCP are the same
  • D. DRP is about restoring IT and communications back to full operations after a disruption, while BCP i about maintaining critical business functions

Answer: D


NEW QUESTION # 191
A company data center has been breached by hackers and all its systems have been taken down what is the main objective of the DRP in such a scenario?

  • A. To investigate and prosecute the hackers responsible of the attack
  • B. To relocate the data center to another location
  • C. To restore the IT systems to their last known state
  • D. To ensure the physical safety of employees in the data center

Answer: C


NEW QUESTION # 192
Which IR phase involves identifying critical data and systems?

  • A. Eradication
  • B. Preparation
  • C. Detection and analysis
  • D. Containment

Answer: B

Explanation:
Preparation includes asset identification, system classification, and readiness planning.


NEW QUESTION # 193
Which port is used by SSH?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: C

Explanation:
SSH uses TCP port 22 by default and provides encrypted remote administration. Telnet (23) and FTP (21) are insecure alternatives.


NEW QUESTION # 194
......


ISC CC Exam Syllabus Topics:

TopicDetails
Topic 1
  • Network Security: This domain assesses the knowledge of Network Security Engineers and Cybersecurity Specialists. It covers foundational computer networking concepts including OSI and TCP
  • IP models, IP addressing, and network ports. Candidates study network threats such as DDoS attacks, malware variants, and man-in-the-middle attacks, along with detection tools like IDS, HIDS, and NIDS. Prevention strategies including firewalls and antivirus software are included. The domain also addresses network security infrastructure encompassing on-premises data centers, design techniques like segmentation and defense in depth, and cloud security models such as SaaS, IaaS, and hybrid deployments.
Topic 2
  • Access Controls Concepts: This section measures skills of Access Control Specialists and Physical Security Managers in understanding physical and logical access controls. Topics include physical security measures like badge systems, CCTV, monitoring, and managing authorized versus unauthorized personnel. Logical access control concepts such as the principle of least privilege, segregation of duties, discretionary access control, mandatory access control, and role-based access control are essential for controlling information system access.
Topic 3
  • Security Operations: This area targets Security Operations Center (SOC) Analysts and System Administrators. It covers data security with encryption methods, secure handling of data including classification and retention, and the importance of logging and monitoring security events. System hardening through configuration management, baselines, updates, and patching is included. Best practice security policies such as data handling, password, acceptable use, BYOD, change management, and privacy policies are emphasized. Finally, the domain highlights security awareness training addressing social engineering awareness and password protection to foster a security-conscious organizational culture.
Topic 4
  • Security Principles: This section of the exam measures skills of Security Analysts and Information Assurance Specialists and covers fundamental security concepts such as confidentiality, integrity, availability, authentication methods including multi-factor authentication, non-repudiation, and privacy. It also includes understanding the risk management process with emphasis on identifying, assessing, and treating risks based on priorities and tolerance. Candidates are expected to know various security controls, including technical, administrative, and physical, as well as the ISC2 professional code of ethics. Governance processes such as policies, procedures, standards, regulations, and laws are also covered to ensure adherence to organizational and legal requirements.
Topic 5
  • Business Continuity (BC), Disaster Recovery (DR) & Incident Response Concepts: This domain targets Business Continuity Planners and Incident Response Coordinators. It focuses on the purpose, importance, and core components of business continuity, disaster recovery, and incident response. Candidates learn how to prepare for and manage disruptions while maintaining or quickly restoring critical business operations and IT services.

 

Verified CC dumps Q&As - 100% Pass from ExamDiscuss: https://www.examdiscuss.com/ISC/exam/CC/

Latest 100% Exam Passing Ratio - CC Dumps PDF: https://drive.google.com/open?id=1FIEkyavwb8Ba_CsFqG7EEbKF-RtVmGrj

0
0
0
10