• ホーム
  • ブログ
  • 2025年最新のに更新された検証済みのCC問題集と解答で合格保証もしくは全額返金 [Q20-Q45]

2025年最新のに更新された検証済みのCC問題集と解答で合格保証もしくは全額返金 [Q20-Q45]

Share

2025年最新のに更新された検証済みのCC問題集と解答で合格保証もしくは全額返金

CCのPDF問題とテストエンジンには160問があります

質問 # 20
By far, the most crucial element of any security instruction program.

  • A. Preserve shareholder value
  • B. Protect assets
  • C. Preserve health and human safety
  • D. Ensure availability of IT systems

正解:C


質問 # 21
What is the overall objective of a disaster recovery (DR) effort?

  • A. Save money
  • B. Enhance public perception of the organization
  • C. Return to normal, full operations
  • D. Preserve critical business functions during a disaster

正解:C


質問 # 22
Which of the following probably poses the most risk?

  • A. A low-likelihood, low-impact event
  • B. A low-likelihood, high-impact event
  • C. A high-likelihood, low-impact event
  • D. A high-likelihood, high-impact event

正解:D


質問 # 23
Who approves the incident response policy?

  • A. The security manager
  • B. (ISC)2
  • C. Investor
  • D. Senior management

正解:D


質問 # 24
Glen is an (ISC)² member. Glen receives an email from a company offering a set of answers for an (ISC)² certification exam. What should Glen do?

  • A. Inform law enforcement
  • B. Inform Glen's employer
  • C. Nothing
  • D. Inform (ISC)²

正解:D


質問 # 25
Which of these is the most important reason to conduct security instruction for all employees.

  • A. An informed user is a more secure user
  • B. Reduce liability
  • C. It is a moral imperative
  • D. Provide due diligence

正解:A


質問 # 26
Which of the following are not typically involved in incident detection?

  • A. Security analysts
  • B. Users
  • C. Automated tools
  • D. Regulators

正解:D


質問 # 27
Using Mandatory Access Control (MAC), we would use clearance for assigning which of these?
Response:

  • A. Availability.
  • B. Authentication.
  • C. Auditing.
  • D. Authorization.

正解:D


質問 # 28
Prachi works as a database administrator for Triffid, Inc. Prachi is allowed to add or delete users, but is not allowed to read or modify the data in the database itself. When Prachi logs onto the system, an access control list (ACL) checks to determine which permissions Prachi has.
In this situation, what is the database?

  • A. The rule
  • B. The site
  • C. The object
  • D. The subject

正解:C


質問 # 29
Tina is an (ISC)² member and is invited to join an online group of IT security enthusiasts. After attending a few online sessions, Tina learns that some participants in the group are sharing malware with each other, in order to use it against other organizations online. What should Tina do?

  • A. Report the group to (ISC)2
  • B. Nothing
  • C. Report the group to law enforcement
  • D. Stop participating in the group

正解:D


質問 # 30
A means to allow remote users to have secure access to the internal IT environment.

  • A. VLAN
  • B. VPN
  • C. MAC
  • D. Internet

正解:B


質問 # 31
What is the goal of an incident response effort?

  • A. Reduce the impact of incidents on operations
  • B. No incident ever happen
  • C. Save money
  • D. Punish wrongdoers

正解:A


質問 # 32
When Pritha started working for Triffid, Inc., Pritha had to sign a policy that described how Pritha would be allowed to use Triffid's IT equipment. What policy was this?

  • A. The bring-your-own-device (BYOD) policy
  • B. The organizational security policy
  • C. The acceptable use policy (AUP)
  • D. The workplace attire policy

正解:C


質問 # 33
Tekila works for a government agency. All data in the agency is assigned a particular sensitivity level, called a "classification." Every person in the agency is assigned a "clearance" level, which determines the classification of data each person can access.
What is the access control model being implemented in Tekila's agency?

  • A. RBAC (role-based access control
  • B. MAC (mandatory access control)
  • C. DAC (discretionary access control)
  • D. FAC (formal access control)

正解:B


質問 # 34
Which of the following is one of the common ways potential attacks are often identified?

  • A. Users report unusual systems activity/response to Help Desk or the security office
  • B. The attackers contact the target prior to the attack, in order to threaten and frighten the target
  • C. The power utility company warns customers that the grid will be down and the internet won't be accessible
  • D. Victims notice excessive heat coming from their systems

正解:A


質問 # 35
Aphrodite is a member of (ISC)² and a data analyst for Triffid Corporation. While Aphrodite is reviewing user log data, Aphrodite discovers that another Triffid employee is violating the acceptable use policy and watching streaming videos during work hours. What should Aphrodite do?

  • A. Inform law enforcement
  • B. Inform Triffid management
  • C. Nothing
  • D. Inform (ISC)2

正解:B


質問 # 36
What is the risk associated with delaying resumption of full normal operations after a disaster?

  • A. People might be put in danger
  • B. A new disaster might emerge
  • C. The impact of running alternate operations for extended periods
  • D. Competition

正解:C


質問 # 37
Every document owned by Triffid, Inc., whether hardcopy or electronic, has a clear, 24-point word at the top and bottom. Only three words can be used: "Sensitive," "Proprietary" and "Public." This is an example of _____.

  • A. Inverting
  • B. Labeling
  • C. Secrecy
  • D. Privacy

正解:B


質問 # 38
After an attack we have suffered a loss of public confidence, which leg of the CIA was compromised?
Response:

  • A. Availability
  • B. Integrity
  • C. Confidentiality
  • D. Encryption

正解:C


質問 # 39
If two people want to use symmetric encryption to conduct a confidential conversation, how many keys do they need?

  • A. 0
  • B. 1
  • C. 2
  • D. None

正解:C


質問 # 40
Gelbi is a Technical Support analyst for Triffid, Inc. Gelbi sometimes is required to install or remove software. Which of the following could be used to describe Gelbi's account?

  • A. Privileged
  • B. External
  • C. Internal
  • D. User

正解:A


質問 # 41
Guillermo logs onto a system and opens a document file. In this example, Guillermo is:

  • A. The object
  • B. The process
  • C. The subject
  • D. The software

正解:C


質問 # 42
Triffid, Inc., has deployed anti-malware solutions across its internal IT environment. What is an additional task necessary to ensure this control will function properly?

  • A. Alert the public that this protective measure has been taken
  • B. Pay all employees a bonus for allowing anti-malware solutions to be run on their systems
  • C. Install a monitoring solution to check the anti-malware solution
  • D. Update the anti-malware solution regularly

正解:D


質問 # 43
As an IT Security professional, you are expected to perform due care. What does this mean?
Response:

  • A. Do what is right in the situation and your job. Act on the knowledge.
  • B. Researching and acquiring the knowledge to do your job right.
  • C. Apply patches annually.
  • D. Continue the security practices of your company.

正解:A


質問 # 44
Carol is browsing the Web. Which of the following ports is she probably using?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

正解:D


質問 # 45
......

試験エンジンはCC試験無料お試しサンプル365日更新されます:https://www.goshiken.com/ISC/CC-mondaishu.html

テストエンジンの練習テストならこれCC有効で更新された問題集:https://drive.google.com/open?id=1Oh_ApoFKdn3rmrgwTojHbEKFfjOMAyOz

関するブログ

もっと
CC無料問題集