CC ISC2 Exam Questions and Free Practice Test

Question 31

Set of rules that everyone must comply with and usually carry monetary penalties for noncompliance

A. Standard

B. Policy

C. Procedure

D. Laws or Regulations

Correct Answer:A

Question 32

Is the right of an individual to control the distribution of information about themselves

A. Confidentiality

B. Integrity

C. Privacy

D. Availability

Correct Answer:C

Question 33

A measure of the degree to which an organization depends on the information or information system for the success of a mission or of a business function.

A. Availability

B. Criticality

C. Authorization

D. Confidentiality

Correct Answer:B

Question 34

Which of the following is the least secure communications protocol?

A. CHAP

B. Ipsec

C. PAP

D. EAP

Correct Answer:C

Question 35

The purpose of risk identification:

A. Employees at all levels of the organization are responsible for identifying risk.

B. Identify risk to communicate it clearly.

C. Identify risk to protect against it.

D. ALL

Correct Answer:D

Question 36

6 Which access control method uses attributes and rules to define access policies that are evaluate by a central Policy Decision Point (PDP)

A. DAC

B. RBAC

C. MAC

D. ABAC

Correct Answer:D

START CC EXAM