CC ISC2 Exam Questions and Free Practice Test

Measure of the extent to which an entity is threatened by a potential circumstance or event and likelihood of occurrence

A. Impact

B. Risk

C. Threat

D. Threat Vector

Correct Answer:B

Example of Dynamic authorization

A. DAC

B. RBAC

C. MAC

D. ABAC

Correct Answer:D

In DAC, the policy specifies that a subject who has been granted access to information can do the following:

A. Change security attributes on subjects, objects, information systems or system components

B. Choose the security attributes to be associated with newly created or revised objects

C. Change the rules governing access control

D. ALL

Correct Answer:D

Configuration settings or parameters stored as data, managed through a software graphical user interface (GUI) is

A. Logical access control

B. Physical access control

C. Administrative Access control

Correct Answer:A

A company experiences a power outage that causes a major disruption in its operations. What type of plan will help the company sustain operations?

A. DRP

B. IRP

C. BCP

D. ALL

Correct Answer:C

Which access control model grants permission based on the sensitivity of the data and the user job functions

A. DAC

B. RBAC

C. MAC

D. RUBAC

Correct Answer:B

START CC EXAM