
ISC CC認証された練習解答、必ずあなたを試験合格させる![2025]
有効な合格方法ISC CertificationのCC試験問題集
質問 # 58
A system that collects transactional information and stores it in a record in order to show which users performed which actions is an example of providing ________.
- A. Biometrics
- B. Multifactor authentication
- C. Non-repudiation
- D. Privacy
正解:C
質問 # 59
Four main components of Incident Response are
- A. Preparation, Detection, Analysis and Containment
- B. Preparation, Detection and Analysis, Containment, Eradication a
- C. AII
- D. Detection, Analysis, Containment, Eradication and Recovery
正解:B
質問 # 60
Which type of database combines related records and fields into a logical tree structure?
- A. Relational
- B. Network
- C. Object-oriented
- D. Hierarchical
正解:D
質問 # 61
Garfield is a security analyst at Triffid, Inc. Garfield notices that a particular application in the production environment is being copied very quickly, across systems and devices utilized by many users. What kind of attack could this be?
- A. Trojan
- B. Worm
- C. Side channel
- D. Spoofing
正解:B
質問 # 62
Often offered by third-party organizations and cover specific
advisory or compliance objectives.
- A. Standard
- B. Policy
C Procedure - C. Laws or Regulations
正解:A
質問 # 63
Which type of network is set up similar to the internet but is private to an organization. Select the MOST appropriate?
- A. Extranet
- B. VPN
- C. Intranet
- D. VLAN
正解:D
質問 # 64
A company's governing board may agree that legal services will examine any third-party contracts, so they create a________stating that aside from legal services, no other department in the companvhahppn pivpn nprmkcinn to review third-party contracts
- A. Law
- B. Policy
- C. Procedure
- D. Standard
正解:B
質問 # 65
Which layer of OSI the Firewall works
- A. Layer 7
- B. Layer 4
- C. Layer 3
- D. AII
正解:D
質問 # 66
If a device is found that is not compliant with the security baseline, what will be the security team action
- A. Report
- B. Ignore
- C. Evaluate
- D. Disabled or isolated into a quarantine area until it can be checked and updated.
正解:D
質問 # 67
Restoring IT and communications back to full operation after a disruption.
- A. IRP
- B. DRP
- C. None
- D. BCP
正解:B
質問 # 68
The primary goal of a risk assessment
- A. Avoid Risk
- B. Evaluate the Impact
- C. Ignore risk
- D. Estimate and Prioritize Risk
正解:D
質問 # 69
What is the purpose of defense in depth in information security
- A. To guarantee that a cyber attack will not occur
- B. To provide unrestricted access to organization assets
- C. To establish variable barriers across multiple layers and mission of the organization
- D. To Implement only technical controls to prevent a cyber attack
正解:C
質問 # 70
What is a threat in the context of cybersecurity
- A. A person or thing that takes action to exploit a target organizations system vulnerabilities
- B. An inherent weakness or flaw in a system
- C. The means by which a threat actor carries out their objectives
- D. Something in need of protection
正解:A
質問 # 71
Security commensurate with the risk and the magnitude of harm resulting from the loss, misuse or unauthorized access to or modification of information
- A. Risk Management
- B. Adequate Security
- C. Risk Assessment
- D. Risk Mitigation
正解:B
質問 # 72
In what way do a victim's files get affected by ransomware?
- A. By selling them
- B. By encrypting them
- C. By stealing them
- D. By destroying them
正解:B
質問 # 73
Prachi works as a database administrator for Triffid, Inc. Prachi is allowed to add or delete users, but is not allowed to read or modify the data in the database itself. When Prachi logs onto the system, an access control list (ACL) checks to determine which permissions Prachi has.
In this situation, what is the ACL?
- A. The object
- B. The rule
- C. The firmware
- D. The subject
正解:B
質問 # 74
Which of the following is a subject?
- A. fence
- B. user
- C. filename
- D. file
正解:B
質問 # 75
A company network has been infected with malware and all its servers are down. What is the first step that the Disaster Recovery team should take to restore the systems?
- A. Contact the enforcement to investigate the cyberattack
- B. Restore data from backup systems
- C. Disconnect the affected systems from the network
- D. Conduct a risk assessment of determine the extent of the damage
正解:C
質問 # 76
A company primary data center goes down due to a hardware failure causing a major disruption to the IT and communications systems. What is the focus of disaster recovery planning in this scenario
- A. Fixing the hardware failure
- B. Restoring IT and communications back to full operations after the disruptions
- C. Guiding the actions of emergency response personnel during the disruption
- D. Maintaining critical business functions during the disruption
正解:B
質問 # 77
......
ISC CC 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
| トピック 4 |
|
| トピック 5 |
|
ISC CC事前試験練習テストはFast2test:https://jp.fast2test.com/CC-premium-file.html
CC練習テスト問題、解答、解釈:https://drive.google.com/open?id=1Xkm-uw5mRAQvQv0csQhSWAN-lgbH9ld1