[
  {
    "path": "Dump Questions/170+ ISC2 CC Dump Questions.md",
    "content": "**Q1:** What is the primary purpose of a cloud security group (CSG) in a public cloud environment?\n\nOption 1: To provide physical security for cloud data centers\nOption 2: To manage access control for cloud resources\nOption 3: To optimize cloud resource allocation\nOption 4: To enforce regulatory compliance in the cloud\n\nCorrect Answer: To manage access control for cloud resources\n\n---\n\n**Q2:** What is the main advantage of using a symmetric encryption algorithm over an asymmetric encryption algorithm?\n\nOption 1: Symmetric encryption algorithms are faster and more efficient\nOption 2: Asymmetric encryption algorithms provide better security\nOption 3: Symmetric encryption algorithms require fewer resources\nOption 4: Asymmetric encryption algorithms are easier to implement\n\nCorrect Answer: Symmetric encryption algorithms are faster and more efficient\n\n---\n\n**Q3:** What is the primary purpose of using digital signatures in cryptographic protocols?\n\nOption 1: To encrypt data for secure transmission\nOption 2: To verify the integrity and authenticity of data\nOption 3: To generate random cryptographic keys\nOption 4: To prevent unauthorized access to sensitive information\n\nCorrect Answer: To verify the integrity and authenticity of data\n\n---\n\n**Q4:** What security feature is commonly used with HTTPS?\n\nOption 1: IPsec\nOption 2: SSH\nOption 3: SSL/TLS\nOption 4: VPN\n\nCorrect Answer: SSL/TLS\n\n---\n\n**Q5:** Which of the following is a characteristic of Infrastructure as a Service (IaaS)?\n\nOption 1: Fully managed applications\nOption 2: Pay-as-you-go pricing model\nOption 3: Predetermined software configurations\nOption 4: Limited scalability options\n\nCorrect Answer: Limited scalability options\n\n---\n\n**Q6:** What is the primary purpose of implementing a disaster recovery plan in a cloud environment?\n\nOption 1: To prevent unauthorized access to cloud resources\nOption 2: To ensure continuous availability of critical services during a disaster\nOption 3: To optimize cloud resource utilization\nOption 4: To automate software deployment processes\n\nCorrect Answer: To ensure continuous availability of critical services during a disaster\n\n---\n\n**Q7:** Which device is used to connect WAN to LAN?\n\nOption 1: Firewalls\nOption 2: Router\nOption 3: Hub\nOption 4: Switch\n\nCorrect Answer: Router\n\n---\n\n**Q8:** Which cloud service model provides developers with a platform to build, deploy, and manage applications without managing underlying infrastructure?\n\nOption 1: Infrastructure as a Service (IaaS)\nOption 2: Platform as a Service (PaaS)\nOption 3: Software as a Service (SaaS)\nOption 4: Function as a Service (FaaS)\n\nCorrect Answer: Platform as a Service (PaaS)\n\n---\n\n**Q9:** An attacker intercepts traffic between a user and a server in order to eavesdrop on sensitive information being transmitted. This is an example of what type of attack?\n\nOption 1: On-path Attack\nOption 2: Spoofing\nOption 3: Phishing\nOption 4: Side-channel\n\nCorrect Answer: On-path Attack\n\n---\n\n**Q10:** Which network security measure is used to authenticate and authorize users and devices connecting to a network?\n\nOption 1: Virtual Private Network (VPN)\nOption 2: Intrusion Detection System (IDS)\nOption 3: Network Access Control (NAC)\nOption 4: Packet Filtering\n\nCorrect Answer: Network Access Control (NAC)\n\n---\n\n**Q11:** Which port is used by the FTP protocol?\n\nOption 1: 21\nOption 2: 22\nOption 3: 23\nOption 4: 80\n\nCorrect Answer: 21\n\n---\n\n**Q12:** Which authentication mechanism is commonly used to access cloud resources securely from external networks?\n\nOption 1: Username and password\nOption 2: Biometric authentication\nOption 3: OAuth (Open Authorization)\nOption 4: LDAP (Lightweight Directory Access Protocol)\n\nCorrect Answer: Username and password\n\n---\n\n**Q13:** Which port is commonly used for SSH?\n\nOption 1: 22\nOption 2: 23\nOption 3: 80\nOption 4: 443\n\nCorrect Answer: 22\n\n---\n\n**Q14:** What is the primary purpose of data encryption in transit in cloud environments?\n\nOption 1: To prevent unauthorized access to cloud resources\nOption 2: To protect data from unauthorized disclosure during transmission over networks\nOption 3: To optimize cloud resource utilization\nOption 4: To automate software deployment processes\n\nCorrect Answer: To protect data from unauthorized disclosure during transmission over networks\n\n---\n\n**Q15:** A user receives an email that appears to be from their bank, requesting their login credentials. This is an example of what type of attack?\n\nOption 1: Spoofing\nOption 2: Phishing\nOption 3: DOS/DDOS\nOption 4: Virus\n\nCorrect Answer: Phishing\n\n---\n\n**Q16:** Which port is used by the SSH protocol for secure file transfers?\n\nOption 1: SFTP\nOption 2: SCP\nOption 3: FTPS\nOption 4: TFTP\n\nCorrect Answer: SFTP\n\n---\n\n**Q17:** What is the purpose of conducting regular tests and exercises of a Business Continuity Plan (BCP)?\n\nOption 1: To minimize resource utilization during normal operations\nOption 2: To validate the effectiveness of the plan and identify areas for improvement\nOption 3: To increase profitability of the organization\nOption 4: To prevent all types of disasters from occurring\n\nCorrect Answer: To validate the effectiveness of the plan and identify areas for improvement\n\n---\n\n**Q18:** What is the main advantage of using a cloud access security broker (CASB) solution in cloud environments?\n\nOption 1: To prevent distributed denial of service (DDoS) attacks\nOption 2: To monitor and control data traffic between on-premises and cloud environments\nOption 3: To encrypt data stored in cloud databases\nOption 4: To optimize cloud resource utilization\n\nCorrect Answer: To monitor and control data traffic between on-premises and cloud environments\n\n---\n\n**Q19:** What is the purpose of a Business Continuity Plan (BCP)?\n\nOption 1: To prevent all types of disasters from occurring\nOption 2: To ensure the organization can continue critical business operations during and after a disaster\nOption 3: To optimize resource utilization during normal operations\nOption 4: To increase profitability\n\nCorrect Answer: To ensure the organization can continue critical business operations during and after a disaster\n\n---\n\n**Q20:** Which type of attack involves flooding a network or server with traffic, rendering it unavailable to legitimate users?\n\nOption 1: DOS/DDOS\nOption 2: Spoofing\nOption 3: Phishing\nOption 4: Virus\n\nCorrect Answer: DOS/DDOS\n\n---\n\n**Q21:** Which cloud deployment model provides dedicated infrastructure for a single organization?\n\nOption 1: Public cloud\nOption 2: Private cloud\nOption 3: Hybrid cloud\nOption 4: Community cloud\n\nCorrect Answer: Private cloud\n\n---\n\n**Q22:** What is the primary goal of cloud access security brokers (CASBs)?\n\nOption 1: To provide identity and access management services\nOption 2: To monitor and control data traffic between on-premises and cloud environments\nOption 3: To encrypt data stored in cloud databases\nOption 4: To optimize cloud resource allocation\n\nCorrect Answer: To monitor and control data traffic between on-premises and cloud environments\n\n---\n\n**Q23:** What is the primary purpose of data encryption in transit in cloud environments?\n\nOption 1: To prevent unauthorized access to cloud resources\nOption 2: To protect data from unauthorized disclosure during transmission over networks\nOption 3: To optimize cloud resource utilization\nOption 4: To automate software deployment processes\n\nCorrect Answer: To protect data from unauthorized disclosure during transmission over networks\n\n---\n\n**Q24:** Which encryption protocol is commonly used to secure data transmitted over wireless networks?\n\nOption 1: WPA2 (Wi-Fi Protected Access 2)\nOption 2: SSL (Secure Sockets Layer)\nOption 3: TLS (Transport Layer Security)\nOption 4: AES (Advanced Encryption Standard)\n\nCorrect Answer: WPA2 (Wi-Fi Protected Access 2)\n\n---\n\n**Q25:** How does IPSec protect against replay attacks?\n\nOption 1: By encrypting all network traffic\nOption 2: By using digital signatures\nOption 3: By using sequence numbers\nOption 4: By limiting access to the network\n\nCorrect Answer: By using sequence numbers\n\n---\n\n**Q26:** Which cloud deployment model provides a combination of private and public cloud resources?\n\nOption 1: Public cloud\nOption 2: Private cloud\nOption 3: Hybrid cloud\nOption 4: Community cloud\n\nCorrect Answer: Hybrid cloud\n\n---\n\n**Q27:** Which port is used by the Telnet protocol?\n\nOption 1: 23\nOption 2: 21\nOption 3: 22\nOption 4: 80\n\nCorrect Answer: 23\n\n---\n\n**Q28:** Which authentication mechanism is commonly used to access cloud resources securely from external networks?\n\nOption 1: Username and password\nOption 2: Biometric authentication\nOption 3: OAuth (Open Authorization)\nOption 4: LDAP (Lightweight Directory Access Protocol)\n\nCorrect Answer: OAuth (Open Authorization)\n\n---\n\n**Q29:** What is the primary purpose of using role-based access control (RBAC) in a cloud environment?\n\nOption 1: To prevent distributed denial of service (DDoS) attacks\nOption 2: To enforce regulatory compliance\nOption 3: To monitor user activities and access patterns\nOption 4: To restrict access to cloud resources based on users' roles and responsibilities\n\nCorrect Answer: To restrict access to cloud resources based on users' roles and responsibilities\n\n---\n\n**Q30:** What is the primary purpose of network segmentation in cloud environments?\n\nOption 1: To increase network bandwidth\nOption 2: To reduce latency for cloud applications\nOption 3: To isolate sensitive workloads and data from potential threats\nOption 4: To automate network provisioning processes\n\nCorrect Answer: To isolate sensitive workloads and data from potential threats\n\n---\n\n**Q31:** Which of the following is an example of a registered port?\n\nOption 1: Microsoft SQL Server\nOption 2: RADIUS authentication\nOption 3: HTTP\nOption 4: SMB\n\nCorrect Answer: Microsoft SQL Server\n\n---\n\n**Q32:** What is the purpose of implementing a Virtual Private Network (VPN) in a network?\n\nOption 1: To optimize network performance\nOption 2: To securely connect remote users and devices to a private network over the internet\nOption 3: To prevent physical access to network devices\nOption 4: To monitor network traffic for compliance purposes\n\nCorrect Answer: To securely connect remote users and devices to a private network over the internet\n\n---\n\n**Q33:** Which cloud service model provides ready-to-use software applications over the internet?\n\nOption 1: Infrastructure as a Service (IaaS)\nOption 2: Platform as a Service (PaaS)\nOption 3: Software as a Service (SaaS)\nOption 4: Function as a Service (FaaS)\n\nCorrect Answer: Software as a Service (SaaS)\n\n---\n\n**Q34:** An organization is experiencing issues with their VPN connection, causing frequent disconnects. Which OSI layer is most likely affected by this issue?\n\nOption 1: Application Layer\nOption 2: Transport Layer\nOption 3: Network Layer\nOption 4: Physical Layer\n\nCorrect Answer: Transport Layer\n\n---\n\n**Q35:** Which cryptographic algorithm is vulnerable to collision attacks and should not be used for generating digital signatures?\n\nOption 1: AES (Advanced Encryption Standard)\nOption 2: RSA (Rivest-Shamir-Adleman)\nOption 3: MD5 (Message Digest Algorithm 5)\nOption 4: SHA-256 (Secure Hash Algorithm 256-bit)\n\nCorrect Answer: MD5 (Message Digest Algorithm 5)\n\n---\n\n**Q36:** What is the primary purpose of a distributed denial of service (DDoS) mitigation service in cloud environments?\n\nOption 1: To prevent unauthorized access to cloud resources\nOption 2: To monitor and analyze network traffic patterns\nOption 3: To detect and block malicious traffic targeting cloud services\nOption 4: To optimize cloud resource utilization\n\nCorrect Answer: To detect and block malicious traffic targeting cloud services\n\n---\n\n**Q37:** Which cloud service model provides ready-to-use software applications over the internet?\n\nOption 1: Infrastructure as a Service (IaaS)\nOption 2: Platform as a Service (PaaS)\nOption 3: Software as a Service (SaaS)\nOption 4: Function as a Service (FaaS)\n\nCorrect Answer: Software as a Service (SaaS)\n\n---\n\n**Q38:** Which of the following would be considered an endpoint?\n\nOption 1: Software task\nOption 2: Router\nOption 3: Firewall\nOption 4: Laptop\n\nCorrect Answer: Laptop\n\n---\n\n**Q39:** Which encryption algorithm is commonly used to protect data in transit between cloud services and users' devices?\n\nOption 1: AES (Advanced Encryption Standard)\nOption 2: RSA (Rivest-Shamir-Adleman)\nOption 3: DES (Data Encryption Standard)\nOption 4: MD5 (Message Digest Algorithm 5)\n\nCorrect Answer: AES (Advanced Encryption Standard)\n\n---\n\n**Q40:** What is an IPv4 address?\n\nOption 1: A 128-bit address used to uniquely identify devices on a network.\nOption 2: A 32-bit address used to uniquely identify devices on a network.\nOption 3: An address used for internal network use only.\nOption 4: An address used for documentation purposes only.\n\nCorrect Answer: A 32-bit address used to uniquely identify devices on a network.\n\n---\n\n**Q41:** A user receives an email that appears to be from their bank, requesting their login credentials. This is an example of what type of attack?\n\nOption 1: Spoofing\nOption 2: Phishing\nOption 3: DOS/DDOS\nOption 4: Virus\n\nCorrect Answer: Phishing\n\n---\n\n**Q42:** Which cryptographic attack targets the process of intercepting and altering communication between two parties?\n\nOption 1: Man-in-the-middle (MITM) attack\nOption 2: Brute-force attack\nOption 3: Dictionary attack\nOption 4: Rainbow table attack\n\nCorrect Answer: Man-in-the-middle (MITM) attack\n\n---\n\n**Q43:** Which type of malware encrypts a user's files and demands payment in exchange for the decryption key? a. Ransomware\n\nOption 1: Ransomware\nOption 2: Worm\nOption 3: Trojan\nOption 4: Virus\n\nCorrect Answer: Ransomware\n\n---\n\n**Q44:** What security control is used to protect data in transit between cloud services and users' devices?\n\nOption 1: Data encryption at rest\nOption 2: Network intrusion detection systems (NIDS)\nOption 3: Transport Layer Security (TLS)\nOption 4: Role-based access control (RBAC)\n\nCorrect Answer: Transport Layer Security (TLS)\n\n---\n\n**Q45:** Which component of a Business Continuity Plan (BCP) identifies critical business functions and the resources required to support them?\n\nOption 1: Plan development and testing\nOption 2: Risk assessment\nOption 3: Business impact analysis (BIA)\nOption 4: Plan implementation\n\nCorrect Answer: Business impact analysis (BIA)\n\n---\n\n**Q46:** What is the primary purpose of data encryption in transit in cloud environments?\n\nOption 1: To prevent unauthorized access to cloud resources\nOption 2: To protect data from unauthorized disclosure during transmission over networks\nOption 3: To optimize cloud resource utilization\nOption 4: To automate software deployment processes\n\nCorrect Answer: To protect data from unauthorized disclosure during transmission over networks\n\n---\n\n**Q47:** What is the primary objective of a disaster recovery plan in cloud computing?\n\nOption 1: To prevent unauthorized access to cloud resources\nOption 2: To ensure continuous availability of critical services during a disaster\nOption 3: To optimize cloud resource utilization\nOption 4: To automate software deployment processes\n\nCorrect Answer: To ensure continuous availability of critical services during a disaster\n\n---\n\n**Q48:** What is the primary purpose of using a digital certificate in public key infrastructure (PKI)?\n\nOption 1: To encrypt data for secure transmission\nOption 2: To authenticate the identity of users and devices\nOption 3: To generate random cryptographic keys\nOption 4: To prevent buffer overflow attacks\n\nCorrect Answer: To authenticate the identity of users and devices\n\n---\n\n**Q49:** A hacker gains access to a company's network and begins to intercept network traffic in order to steal login credentials. Which OSI layer is being attacked?\n\nOption 1: Physical layer\nOption 2: Data link layer\nOption 3: Network layer\nOption 4: Application layer\n\nCorrect Answer: Data link layer\n\n---\n\n**Q50:** Which security control is used to verify the integrity and authenticity of cloud service providers?\n\nOption 1: Service level agreements (SLAs)\nOption 2: Cloud security certifications\nOption 3: Encryption protocols\nOption 4: Intrusion detection systems (IDS)\n\nCorrect Answer: Cloud security certifications\n\n---\n\n**Q51:** Which encryption algorithm is commonly used to protect data in transit in cloud environments?\n\nOption 1: AES (Advanced Encryption Standard)\nOption 2: DES (Data Encryption Standard)\nOption 3: RSA (Rivest-Shamir-Adleman)\nOption 4: MD5 (Message Digest Algorithm 5)\n\nCorrect Answer: AES (Advanced Encryption Standard)\n\n---\n\n**Q52:** Which of the following is a characteristic of a public cloud deployment model?\n\nOption 1: Dedicated infrastructure for a single organization\nOption 2: Limited scalability options\nOption 3: Shared infrastructure for multiple organizations\nOption 4: Full control over hardware and software configurations\n\nCorrect Answer: Shared infrastructure for multiple organizations\n\n---\n\n**Q53:** At which layer of the TCP/IP protocol stack does a firewall operate?\n\nOption 1: Layer 1\nOption 2: Layer 2\nOption 3: Layer 3\nOption 4: Layer 4\n\nCorrect Answer: Layer 4\n\n---\n\n**Q54:** What is the primary purpose of using a salt when hashing passwords?\n\nOption 1: To add flavor to the password\nOption 2: To increase the entropy of the hashed passwords\nOption 3: To make the passwords easier to crack\nOption 4: To decrease the security of the hashing algorithm\n\nCorrect Answer: To increase the entropy of the hashed passwords\n\n---\n\n**Q55:** Which security control is used to prevent unauthorized access to sensitive data in cloud databases?\n\nOption 1: Role-based access control (RBAC)\nOption 2: Network intrusion detection systems (NIDS)\nOption 3: Distributed denial of service (DDoS) mitigation\nOption 4: Security information and event management (SIEM)\n\nCorrect Answer: Role-based access control (RBAC)\n\n---\n\n**Q56:** What protocol is associated with port 53?\n\nOption 1: DNS\nOption 2: SMTP\nOption 3: HTTP\nOption 4: HTTPS\n\nCorrect Answer: DNS\n\n---\n\n**Q57:** What layer of the OSI model is the target of a ping flood attack?\n\nOption 1: Layer 3\nOption 2: Layer 4\nOption 3: Layer 5\nOption 4: Layer 6\n\nCorrect Answer: Layer 3\n\n---\n\n**Q58:** What is the potential impact of an IPSec replay attack?\n\nOption 1: Unauthorized access to network resources\nOption 2: Disruption of network communication\nOption 3: Modification of network traffic\nOption 4: All of the above\n\nCorrect Answer: All of the above\n\n---\n\n**Q59:** Which security control is used to protect data in transit between cloud services and users' devices?\n\nOption 1: Data encryption at rest\nOption 2: Network intrusion detection systems (NIDS)\nOption 3: Transport Layer Security (TLS)\nOption 4: Role-based access control (RBAC)\n\nCorrect Answer: Transport Layer Security (TLS)\n\n---\n\n**Q60:** What is the primary goal of implementing multi-factor authentication (MFA) in a cloud environment?\n\nOption 1: To prevent unauthorized access to cloud resources\nOption 2: To optimize cloud resource utilization\nOption 3: To automate software deployment processes\nOption 4: To monitor user activities and access patterns\n\nCorrect Answer: To prevent unauthorized access to cloud resources\n\n---\n\n**Q61:** Which cloud deployment model provides cloud resources exclusively for a specific organization?\n\nOption 1: Hybrid cloud\nOption 2: Public cloud\nOption 3: Private cloud\nOption 4: Community cloud\n\nCorrect Answer: Private cloud\n\n---\n\n**Q62:** What is the primary purpose of implementing network segmentation?\n\nOption 1: To prevent unauthorized access to network resources\nOption 2: To increase the speed of data transmission across the network\nOption 3: To divide a network into smaller subnetworks for improved security and performance\nOption 4: To monitor network traffic for compliance purposes\n\nCorrect Answer: To divide a network into smaller subnetworks for improved security and performance\n\n---\n\n**Q63:** Which encryption algorithm is commonly used to protect data at rest in cloud storage?\n\nOption 1: AES (Advanced Encryption Standard)\nOption 2: RSA (Rivest-Shamir-Adleman)\nOption 3: DES (Data Encryption Standard)\nOption 4: MD5 (Message Digest Algorithm 5)\n\nCorrect Answer: AES (Advanced Encryption Standard)\n\n---\n\n**Q64:** A user clicks on an attachment in an email that they believe is from a friend, which then installs malicious software on their computer. This is an example of what type of malware?\n\nOption 1: Worm\nOption 2: Virus\nOption 3: Trojan\nOption 4: Ransomware\n\nCorrect Answer: Trojan\n\n---\n\n**Q65:** A company has been experiencing network connectivity issues that have been traced to a problem with the cabling. Which OSI layer is affected by this issue?\n\nOption 1: Application Layer\nOption 2: Transport Layer\nOption 3: Network Layer\nOption 4: Physical Layer\n\nCorrect Answer: Physical Layer\n\n---\n\n**Q66:** What is the primary goal of data loss prevention (DLP) solutions in cloud environments?\n\nOption 1: To prevent unauthorized access to cloud resources\nOption 2: To monitor and control data movement within and outside the organization\nOption 3: To optimize cloud resource utilization\nOption 4: To automate software deployment processes\n\nCorrect Answer: To monitor and control data movement within and outside the organization\n\n---\n\n**Q67:** A hacker uses a distributed denial of service (DDoS) attack to flood a company's network with traffic, rendering it unable to function properly. Which OSI layer is being attacked?\n\nOption 1: Physical layer\nOption 2: Data link layer\nOption 3: Network layer\nOption 4: Transport layer\n\nCorrect Answer: Network layer\n\n---\n\n**Q68:** What is the well-known port for SMTP?\n\nOption 1: 25\nOption 2: 80\nOption 3: 443\nOption 4: 22\n\nCorrect Answer: 25\n\n---\n\n**Q69:** What are registered ports used for?\n\nOption 1: Proprietary applications from vendors and developers\nOption 2: Common protocols at the core of TCP/IP model\nOption 3: Used for Web servers\nOption 4: Used for inhouse or opensource applications\n\nCorrect Answer: Proprietary applications from vendors and developers\n\n---\n\n**Q70:** Which cloud service model provides developers with a platform to build, deploy, and manage applications without managing underlying infrastructure?\n\nOption 1: Infrastructure as a Service (IaaS)\nOption 2: Platform as a Service (PaaS)\nOption 3: Software as a Service (SaaS)\nOption 4: Function as a Service (FaaS)\n\nCorrect Answer: Platform as a Service (PaaS)\n\n---\n\n**Q71:** What layer of the OSI model is the target of a port scanning attack?\n\nOption 1: Layer 1\nOption 2: Layer 2\nOption 3: Layer 3\nOption 4: Layer 4\n\nCorrect Answer: Layer 4\n\n---\n\n**Q72:** A user reports that they are unable to access a specific website. Which OSI layer is most likely affected by this issue?\n\nOption 1: Application Layer\nOption 2: Transport Layer\nOption 3: Network Layer\nOption 4: Data Link Layer\n\nCorrect Answer: Application Layer\n\n---\n\n**Q73:** What is the primary objective of implementing a cloud access security broker (CASB) solution?\n\nOption 1: To manage cloud service provider relationships\nOption 2: To optimize cloud resource utilization\nOption 3: To monitor and control data traffic between on-premises and cloud environments\nOption 4: To encrypt data stored in cloud databases\n\nCorrect Answer: To monitor and control data traffic between on-premises and cloud environments\n\n---\n\n**Q74:** Which cloud deployment model provides cloud resources exclusively for a specific organization?\n\nOption 1: Public cloud\nOption 2: Private cloud\nOption 3: Hybrid cloud\nOption 4: Community cloud\n\nCorrect Answer: Private cloud\n\n---\n\n**Q75:** What is the purpose of a cloud security posture management (CSPM) tool?\n\nOption 1: To monitor and enforce compliance with security policies in cloud environments\nOption 2: To optimize cloud resource allocation\nOption 3: To encrypt data stored in cloud databases\nOption 4: To automate software deployment processes\n\nCorrect Answer: To monitor and enforce compliance with security policies in cloud environments\n\n---\n\n**Q76:** What security control is used to protect data at rest in cloud storage?\n\nOption 1: Role-based access control (RBAC)\nOption 2: Data encryption\nOption 3: Intrusion detection systems (IDS)\nOption 4: Multi-factor authentication (MFA)\n\nCorrect Answer: Data encryption\n\n---\n\n**Q77:** What is the main advantage of using a cloud access security broker (CASB) solution in cloud environments?\n\nOption 1: To prevent distributed denial of service (DDoS) attacks\nOption 2: To monitor and control data traffic between on-premises and cloud environments\nOption 3: To encrypt data stored in cloud databases\nOption 4: To optimize cloud resource utilization\n\nCorrect Answer: To monitor and control data traffic between on-premises and cloud environments\n\n---\n\n**Q78:** What is the primary goal of a Disaster Recovery Plan (DRP)?\n\nOption 1: To prevent all types of disasters from occurring\nOption 2: To ensure the continuity of critical business operations\nOption 3: To optimize resource utilization during normal operations\nOption 4: To increase profitability\n\nCorrect Answer: To ensure the continuity of critical business operations\n\n---\n\n**Q79:** Which cloud deployment model provides dedicated infrastructure for a single organization?\n\nOption 1: Public cloud\nOption 2: Private cloud\nOption 3: Hybrid cloud\nOption 4: Community cloud\n\nCorrect Answer: Private cloud\n\n---\n\n**Q80:** What protocol is associated with port 80?\n\nOption 1: HTTP\nOption 2: FTP\nOption 3: SSH\nOption 4: Telnet\n\nCorrect Answer: HTTP\n\n---\n\n**Q81:** What is the purpose of a virtual private cloud (VPC)?\n\nOption 1: To provide dedicated physical servers to customers\nOption 2: To isolate network traffic within a public cloud environment\nOption 3: To optimize virtual machine performance\nOption 4: To enforce strict access controls on cloud resources\n\nCorrect Answer: To isolate network traffic within a public cloud environment\n\n---\n\n**Q82:** What is the primary purpose of a distributed denial of service (DDoS) mitigation service in cloud environments?\n\nOption 1: To prevent unauthorized access to cloud resources\nOption 2: To monitor and analyze network traffic patterns\nOption 3: To detect and block malicious traffic targeting cloud services\nOption 4: To optimize cloud resource utilization\n\nCorrect Answer: To detect and block malicious traffic targeting cloud services\n\n---\n\n**Q83:** Which security control is used to detect and respond to security incidents in cloud environments?\n\nOption 1: Multi-factor authentication (MFA)\nOption 2: Intrusion detection systems (IDS)\nOption 3: Role-based access control (RBAC)\nOption 4: Data encryption at rest\n\nCorrect Answer: Intrusion detection systems (IDS)\n\n---\n\n**Q84:** What is the primary goal of implementing a disaster recovery plan in a cloud environment?\n\nOption 1: To prevent unauthorized access to cloud resources\nOption 2: To ensure continuous availability of critical services during a disaster\nOption 3: To optimize cloud resource utilization\nOption 4: To automate software deployment processes\n\nCorrect Answer: To ensure continuous availability of critical services during a disaster\n\n---\n\n**Q85:** A user reports that they are unable to access a specific website. Which OSI layer is most likely affected by this issue?\n\nOption 1: Application Layer\nOption 2: Transport Layer\nOption 3: Network Layer\nOption 4: Data Link Layer\n\nCorrect Answer: Application Layer\n\n---\n\n**Q86:** What layer of the OSI model is the target of a man-in-the-middle (MITM) attack?\n\nOption 1: Layer 2\nOption 2: Layer 3\nOption 3: Layer 4\nOption 4: Layer 7\n\nCorrect Answer: Layer 3\n\n---\n\n**Q87:** What is the main advantage of using a cloud access security broker (CASB) solution in cloud environments?\n\nOption 1: To prevent distributed denial of service (DDoS) attacks\nOption 2: To monitor and control data traffic between on-premises and cloud environments\nOption 3: To encrypt data stored in cloud databases\nOption 4: To optimize cloud resource utilization\n\nCorrect Answer: To monitor and control data traffic between on-premises and cloud environments\n\n---\n\n**Q88:** Which cloud service model provides access to virtualized computing resources over the internet?\n\nOption 1: Infrastructure as a Service (IaaS)\nOption 2: Software as a Service (SaaS)\nOption 3: Platform as a Service (PaaS)\nOption 4: Function as a Service (FaaS)\n\nCorrect Answer: Infrastructure as a Service (IaaS)\n\n---\n\n**Q89:** What is the primary goal of implementing role-based access control (RBAC) in a cloud environment?\n\nOption 1: To prevent distributed denial of service (DDoS) attacks\nOption 2: To enforce regulatory compliance\nOption 3: To monitor user activities and access patterns\nOption 4: To restrict access to cloud resources based on users' roles and responsibilities\n\nCorrect Answer: To restrict access to cloud resources based on users' roles and responsibilities\n\n---\n\n**Q90:** What is the primary purpose of using encryption at rest in cloud storage?\n\nOption 1: To prevent unauthorized access to cloud resources\nOption 2: To protect data from unauthorized disclosure during transmission over networks\nOption 3: To optimize cloud resource utilization\nOption 4: To protect data stored in cloud storage from unauthorized access\n\nCorrect Answer: To protect data stored in cloud storage from unauthorized access\n\n---\n\n**Q91:** Which phase of the Business Continuity Planning (BCP) process involves identifying potential risks and threats to an organization's operations?\n\nOption 1: Risk assessment\nOption 2: Business impact analysis\nOption 3: Plan development and testing\nOption 4: Plan implementation\n\nCorrect Answer: Risk assessment\n\n---\n\n**Q92:** Which authentication mechanism is commonly used to access cloud resources securely from external networks?\n\nOption 1: Username and password\nOption 2: Biometric authentication\nOption 3: OAuth (Open Authorization)\nOption 4: LDAP (Lightweight Directory Access Protocol)\n\nCorrect Answer: OAuth (Open Authorization)\n\n---\n\n**Q93:** What is the primary purpose of using network segmentation in a cloud environment?\n\nOption 1: To optimize network bandwidth\nOption 2: To increase network latency\nOption 3: To isolate workloads and data for security purposes\nOption 4: To automate network provisioning processes\n\nCorrect Answer: To isolate workloads and data for security purposes\n\n---\n\n**Q94:** Which cloud service model provides developers with a platform to build, deploy, and manage applications without managing underlying infrastructure?\n\nOption 1: Infrastructure as a Service (IaaS)\nOption 2: Platform as a Service (PaaS)\nOption 3: Software as a Service (SaaS)\nOption 4: Function as a Service (FaaS)\n\nCorrect Answer: Platform as a Service (PaaS)\n\n---\n\n**Q95:** What is the primary purpose of a cloud security group (CSG) in a public cloud environment?\n\nOption 1: To provide physical security for cloud data centers\nOption 2: To manage access control for cloud resources\nOption 3: To optimize cloud resource allocation\nOption 4: To enforce regulatory compliance in the cloud\n\nCorrect Answer: To manage access control for cloud resources\n\n---\n\n**Q96:** Which type of malware encrypts a user's files and demands payment in exchange for the decryption key?\n\nOption 1: Ransomware\nOption 2: Worm\nOption 3: Trojan\nOption 4: Virus\n\nCorrect Answer: Ransomware\n\n---\n\n**Q97:** What is the main advantage of using a cloud access security broker (CASB) solution in cloud environments?\n\nOption 1: To prevent distributed denial of service (DDoS) attacks\nOption 2: To monitor and control data traffic between on-premises and cloud environments\nOption 3: To encrypt data stored in cloud databases\nOption 4: To optimize cloud resource utilization\n\nCorrect Answer: To monitor and control data traffic between on-premises and cloud environments\n\n---\n\n**Q98:** What is the primary purpose of using a nonce in cryptographic protocols?\n\nOption 1: To add randomness to the encryption process\nOption 2: To increase the security of the cryptographic keys\nOption 3: To prevent replay attacks\nOption 4: To authenticate the parties involved in the communication\n\nCorrect Answer: To prevent replay attacks\n\n---\n\n**Q99:** A hacker uses a DNS spoofing attack to redirect a user to a fake website that looks like a legitimate one. Once the user enters their login credentials, the hacker steals the information. Which OSI layer is being attacked?\n\nOption 1: Physical layer\nOption 2: Data link layer\nOption 3: Network layer\nOption 4: Application layer\n\nCorrect Answer: Application layer\n\n---\n\n**Q100:** An attacker intercepts traffic between a user and a server in order to eavesdrop on sensitive information being transmitted. This is an example of what type of attack?\n\nOption 1: On-path Attack\nOption 2: Spoofing\nOption 3: Phishing\nOption 4: Side-channel\n\nCorrect Answer: On-path Attack\n\n---\n\n**Q101:** Which security control is used to monitor and analyze user activities and access patterns in cloud environments?\n\nOption 1: Security information and event management (SIEM)\nOption 2: Intrusion detection systems (IDS)\nOption 3: Multi-factor authentication (MFA)\nOption 4: Role-based access control (RBAC)\n\nCorrect Answer: Security information and event management (SIEM)\n\n---\n\n**Q102:** What is the primary purpose of using role-based access control (RBAC) in a cloud environment?\n\nOption 1: To prevent distributed denial of service (DDoS) attacks\nOption 2: To enforce regulatory compliance\nOption 3: To monitor user activities and access patterns\nOption 4: To restrict access to cloud resources based on users' roles and responsibilities\n\nCorrect Answer: To restrict access to cloud resources based on users' roles and responsibilities\n\n---\n\n**Q103:** What is the range of dynamic or private ports?\n\nOption 1: 49152-65535\nOption 2: 0-1023\nOption 3: 1024-49151\nOption 4: none of the above\n\nCorrect Answer: 49152-65535\n\n---\n\n**Q104:** Which security control is designed to detect and prevent buffer overflow attacks?\n\nOption 1: Intrusion detection systems (IDS)\nOption 2: Firewalls\nOption 3: Antivirus software\nOption 4: Input validation mechanisms\n\nCorrect Answer: Input validation mechanisms\n\n---\n\n**Q105:** What layer of the OSI model is the target of a MAC flooding attack?\n\nOption 1: Layer 2\nOption 2: Layer 3\nOption 3: Layer 4\nOption 4: Layer 7\n\nCorrect Answer: Layer 2\n\n---\n\n**Q106:** What is the primary purpose of implementing multi-factor authentication (MFA) in a cloud environment?\n\nOption 1: To optimize cloud resource utilization\nOption 2: To prevent unauthorized access to cloud resources\nOption 3: To automate software deployment processes\nOption 4: To monitor user activities and access patterns\n\nCorrect Answer: To prevent unauthorized access to cloud resources\n\n---\n\n**Q107:** What is the main purpose of an Incident Response Plan (IRP)?\n\nOption 1: To improve employee productivity\nOption 2: To prevent all security incidents from occurring\nOption 3: To allocate resources for routine maintenance tasks\nOption 4: To provide guidelines and procedures for responding to and mitigating security incidents\n\nCorrect Answer: To provide guidelines and procedures for responding to and mitigating security incidents\n\n---\n\n**Q108:** What is the primary purpose of a cloud security group (CSG) in a public cloud environment?\n\nOption 1: To provide physical security for cloud data centers\nOption 2: To manage access control for cloud resources\nOption 3: To optimize cloud resource allocation\nOption 4: To enforce regulatory compliance in the cloud\n\nCorrect Answer: To manage access control for cloud resources\n\n---\n\n**Q109:** What is the primary goal of implementing role-based access control (RBAC) in a cloud environment?\n\nOption 1: To prevent distributed denial of service (DDoS) attacks\nOption 2: To enforce regulatory compliance\nOption 3: To monitor user activities and access patterns\nOption 4: To restrict access to cloud resources based on users' roles and responsibilities\n\nCorrect Answer: To restrict access to cloud resources based on users' roles and responsibilities\n\n---\n\n**Q110:** Which type of attack involves flooding a network or server with traffic, rendering it unavailable to legitimate users?\n\nOption 1: DOS/DDOS\nOption 2: Spoofing\nOption 3: Phishing\nOption 4: Virus\n\nCorrect Answer: DOS/DDOS\n\n---\n\n**Q111:** What is the purpose of a distributed denial of service (DDoS) mitigation service in cloud environments?\n\nOption 1: To prevent unauthorized access to cloud resources\nOption 2: To monitor and analyze network traffic patterns\nOption 3: To detect and block malicious traffic targeting cloud services\nOption 4: To optimize cloud resource utilization\n\nCorrect Answer: To detect and block malicious traffic targeting cloud services\n\n---\n\n**Q112:** A user clicks on an attachment in an email that they believe is from a friend, which then installs malicious software on their computer. This is an example of what type of malware?\n\nOption 1: Worm\nOption 2: Virus\nOption 3: Trojan\nOption 4: Ransomware\n\nCorrect Answer: Trojan\n\n---\n\n**Q113:** Which cloud deployment model provides a combination of private and public cloud resources?\n\nOption 1: Public cloud\nOption 2: Private cloud\nOption 3: Hybrid cloud\nOption 4: Community cloud\n\nCorrect Answer: Hybrid cloud\n\n---\n\n**Q114:** Which of the following is a characteristic of a public cloud deployment model?\n\nOption 1: Dedicated infrastructure for a single organization\nOption 2: Limited scalability options\nOption 3: Shared infrastructure for multiple organizations\nOption 4: Full control over hardware and software configurations\n\nCorrect Answer: Shared infrastructure for multiple organizations\n\n---\n\n**Q115:** What security measure can help prevent unauthorized access to cloud resources through stolen or compromised credentials?\n\nOption 1: Intrusion detection systems (IDS)\nOption 2: Multi-factor authentication (MFA)\nOption 3: Data encryption at rest\nOption 4: Network segmentation\n\nCorrect Answer: Multi-factor authentication (MFA)\n\n---\n\n**Q116:** A hacker uses a distributed denial of service (DDoS) attack to flood a company's network with traffic, rendering it unable to function properly. Which OSI layer is being attacked?\n\nOption 1: Physical layer\nOption 2: Data link layer\nOption 3: Network layer\nOption 4: Transport layer\n\nCorrect Answer: Network layer\n\n---\n\n**Q117:** What is the primary objective of implementing a cloud access security broker (CASB) solution?\n\nOption 1: To manage cloud service provider relationships\nOption 2: To optimize cloud resource utilization\nOption 3: To monitor and control data traffic between on-premises and cloud environments\nOption 4: To encrypt data stored in cloud databases\n\nCorrect Answer: To monitor and control data traffic between on-premises and cloud environments\n\n---\n\n**Q118:** What layer of the OSI model is the target of a SYN flood attack?\n\nOption 1: Layer 4\nOption 2: Layer 5\nOption 3: Layer 6\nOption 4: Layer 7\n\nCorrect Answer: Layer 4\n\n---\n\n**Q119:** What security measure can help prevent unauthorized access to cloud resources through stolen or compromised credentials?\n\nOption 1: Intrusion detection systems (IDS)\nOption 2: Multi-factor authentication (MFA)\nOption 3: Data encryption at rest\nOption 4: Network segmentation\n\nCorrect Answer: Multi-factor authentication (MFA)\n\n---\n\n**Q120:** Which encryption algorithm is commonly used to protect data in transit between cloud services and users' devices?\n\nOption 1: AES (Advanced Encryption Standard)\nOption 2: RSA (Rivest-Shamir-Adleman)\nOption 3: DES (Data Encryption Standard)\nOption 4: MD5 (Message Digest Algorithm 5)\n\nCorrect Answer: AES (Advanced Encryption Standard)\n\n---\n\n**Q121:** An organization is experiencing issues with their VPN connection, causing frequent disconnects. Which OSI layer is most likely affected by this issue?\n\nOption 1: Application Layer\nOption 2: Transport Layer\nOption 3: Network Layer\nOption 4: Physical Layer\n\nCorrect Answer: Transport Layer\n\n---\n\n**Q122:** Which cloud service model provides ready-to-use software applications over the internet?\n\nOption 1: Platform as a Service (PaaS)\nOption 2: Infrastructure as a Service (IaaS)\nOption 3: Software as a Service (SaaS)\nOption 4: Function as a Service (FaaS)\n\nCorrect Answer: Software as a Service (SaaS)\n\n---\n\n**Q123:** Which authentication mechanism is commonly used to access cloud resources securely from external networks?\n\nOption 1: Username and password\nOption 2: Biometric authentication\nOption 3: OAuth (Open Authorization)\nOption 4: LDAP (Lightweight Directory Access Protocol)\n\nCorrect Answer: OAuth (Open Authorization)\n\n---\n\n**Q124:** A company has been experiencing network connectivity issues that have been traced to a problem with the cabling. Which OSI layer is affected by this issue?\n\nOption 1: Application Layer\nOption 2: Transport Layer\nOption 3: Network Layer\nOption 4: Physical Layer\n\nCorrect Answer: Physical Layer\n\n---\n\n**Q125:** What is an IPv4 address?\n\nOption 1: A 128-bit address used to uniquely identify devices on a network.\nOption 2: A 32-bit address used to uniquely identify devices on a network.\nOption 3: An address used for internal network use only.\nOption 4: An address used for documentation purposes only.\n\nCorrect Answer: A 32-bit address used to uniquely identify devices on a network.\n\n---\n\n**Q126:** Which security control is used to detect and respond to security incidents in cloud environments?\n\nOption 1: Intrusion detection systems (IDS)\nOption 2: Multi-factor authentication (MFA)\nOption 3: Role-based access control (RBAC)\nOption 4: Data encryption at rest\n\nCorrect Answer: Intrusion detection systems (IDS)\n\n---\n\n**Q127:** Which security control is used to prevent unauthorized access to sensitive data in cloud databases?\n\nOption 1: Role-based access control (RBAC)\nOption 2: Network intrusion detection systems (NIDS)\nOption 3: Distributed denial of service (DDoS) mitigation\nOption 4: Security information and event management (SIEM)\n\nCorrect Answer: Role-based access control (RBAC)\n\n---\n\n**Q128:** What is the primary purpose of a cloud access security broker (CASB) solution?\n\nOption 1: To manage cloud service provider relationships\nOption 2: To optimize cloud resource utilization\nOption 3: To monitor and control data traffic between on-premises and cloud environments\nOption 4: To encrypt data stored in cloud databases\n\nCorrect Answer: To monitor and control data traffic between on-premises and cloud environments\n\n---\n\n**Q129:** Which cloud deployment model provides dedicated infrastructure for a single organization?\n\nOption 1: Public cloud\nOption 2: Private cloud\nOption 3: Hybrid cloud\nOption 4: Community cloud\n\nCorrect Answer: Private cloud\n\n---\n\n**Q130:** What is the range of well-known ports?\n\nOption 1: 0-1023\nOption 2: 1024-49151\nOption 3: 1024-49151\nOption 4: none of the above\n\nCorrect Answer: 0-1023\n\n---\n\n**Q131:** What is the primary purpose of implementing a firewall in a network?\n\nOption 1: To optimize network performance\nOption 2: To monitor and control incoming and outgoing network traffic\nOption 3: To encrypt data transmitted over the network\nOption 4: To prevent physical access to network devices\n\nCorrect Answer: To monitor and control incoming and outgoing network traffic\n\n---\n\n**Q132:** Which of the following is a characteristic of a private cloud deployment model?\n\nOption 1: Shared infrastructure for multiple organizations\nOption 2: Limited scalability options\nOption 3: Dedicated infrastructure for a single organization\nOption 4: Full control over hardware and software configurations\n\nCorrect Answer: Dedicated infrastructure for a single organization\n\n---\n\n**Q133:** Which encryption algorithm is commonly used to protect data at rest in cloud storage?\n\nOption 1: AES (Advanced Encryption Standard)\nOption 2: RSA (Rivest-Shamir-Adleman)\nOption 3: DES (Data Encryption Standard)\nOption 4: MD5 (Message Digest Algorithm 5)\n\nCorrect Answer: AES (Advanced Encryption Standard)\n\n---\n\n**Q134:** What is an IP address?\n\nOption 1: A physical address used to connect multiple devices in a network\nOption 2: An address that represents the network interface within the network\nOption 3: An address that denotes the vendor or manufacturer of the physical network interface\nOption 4: A logical address associated with a unique network interface within the network\n\nCorrect Answer: A logical address associated with a unique network interface within the network\n\n---\n\n**Q135:** What is the difference between a hub and a switch?\n\nOption 1: A hub is smarter than a switch.\nOption 2: A switch is less likely to be seen in home networks.\nOption 3: A switch can create separate broadcast domains when used to create VLANs.\nOption 4: A switch retransmits traffic to all devices, while a switch routes traffic to a specific device.\n\nCorrect Answer: A switch retransmits traffic to all devices, while a switch routes traffic to a specific device.\n\n---\n\n**Q136:** Which device is used to control traffic flow on networks?\n\nOption 1: switch\nOption 2: Firewalls\nOption 3: hub\nOption 4: router\n\nCorrect Answer: switch\n\n---\n\n**Q137:** Which protocol is used for secure email?\n\nOption 1: SMTPS\nOption 2: IMAPS\nOption 3: POP3S\nOption 4: All of the above\n\nCorrect Answer: All of the above\n\n---\n\n**Q138:** Which phase of the Incident Response Plan (IRP) process involves containing the impact of a security incident and mitigating further damage?\n\nOption 1: Preparation and planning\nOption 2: Detection and analysis\nOption 3: Response and mitigation\nOption 4: Recovery and post-incident activities\n\nCorrect Answer: Response and mitigation\n\n---\n\n**Q139:** What layer of the OSI model is the target of a buffer overflow attack?\n\nOption 1: Layer 5\nOption 2: Layer 6\nOption 3: Layer 7\nOption 4: Layer 8\n\nCorrect Answer: Layer 7\n\n---\n\n**Q140:** What does the \"shared responsibility model\" in cloud computing refer to? \n\nOption 1: Responsibility for data encryption\nOption 2: Division of security responsibilities between the cloud provider and the customer\nOption 3: Ownership of physical infrastructure\nOption 4: Compliance with industry regulations\n\nCorrect Answer: Division of security responsibilities between the cloud provider and the customer\n\n---\n\n**Q141:** What is the primary purpose of using network segmentation in a cloud environment?\n\nOption 1: To optimize network bandwidth\nOption 2: To increase network latency\nOption 3: To isolate workloads and data for security purposes\nOption 4: To automate network provisioning processes\n\nCorrect Answer: To isolate workloads and data for security purposes\n\n---\n\n**Q142:** How does subnetting help to improve network performance?\n\nOption 1: By reducing network congestion\nOption 2: By increasing network bandwidth\nOption 3: By improving network security\nOption 4: By simplifying network management\n\nCorrect Answer: By reducing network congestion\n\n---\n\n**Q143:** Which cloud service model provides ready-to-use software applications over the internet?\n\nOption 1: Infrastructure as a Service (IaaS)\nOption 2: Platform as a Service (PaaS)\nOption 3: Software as a Service (SaaS)\nOption 4: Function as a Service (FaaS)\n\nCorrect Answer: Software as a Service (SaaS)\n\n---\n\n**Q144:** Which port is commonly used for HTTPS?\n\nOption 1: 80\nOption 2: 443\nOption 3: 446\nOption 4: 22\n\nCorrect Answer: 443\n\n---\n\n**Q145:** Which security control is used to prevent unauthorized access to sensitive data in cloud databases?\n\nOption 1: Role-based access control (RBAC)\nOption 2: Network intrusion detection systems (NIDS)\nOption 3: Distributed denial of service (DDoS) mitigation\nOption 4: Security information and event management (SIEM)\n\nCorrect Answer: Role-based access control (RBAC)\n\n---\n\n**Q146:** What security measure can help prevent unauthorized access to cloud resources through stolen or compromised credentials?\n\nOption 1: Intrusion detection systems (IDS)\nOption 2: Multi-factor authentication (MFA)\nOption 3: Data encryption at rest\nOption 4: Network segmentation\n\nCorrect Answer: Multi-factor authentication (MFA)\n\n---\n\n**Q147:** What is the primary purpose of implementing network encryption in a cloud environment?\n\nOption 1: To prevent unauthorized access to cloud resources\nOption 2: To protect data from unauthorized disclosure during transmission over networks\nOption 3: To optimize cloud resource utilization\nOption 4: To automate software deployment processes\n\nCorrect Answer: To protect data from unauthorized disclosure during transmission over networks\n\n---\n\n**Q148:** What is the primary purpose of using role-based access control (RBAC) in a cloud environment?\n\nOption 1: To monitor user activities and access patterns\nOption 2: To prevent distributed denial of service (DDoS) attacks\nOption 3: To enforce regulatory compliance\nOption 4: To restrict access to cloud resources based on users' roles and responsibilities\n\nCorrect Answer: To restrict access to cloud resources based on users' roles and responsibilities\n\n---\n\n**Q149:** A hacker uses a man-in-the-middle attack to intercept network traffic between two nodes and injects malicious code into the data stream. Which TCP layer is being attacked?\n\nOption 1: Physical layer\nOption 2: Transport layer\nOption 3: Network layer\nOption 4: Application layer\n\nCorrect Answer: Transport layer\n\n---\n\n**Q150:** Which of the following is an example of a security control used to protect data at rest in cloud storage? )\n\nOption 1: Transport Layer Security (TLS)\nOption 2: Data encryption\nOption 3: Intrusion detection systems (IDS)\nOption 4: Multi-factor authentication (MFA\n\nCorrect Answer: Data encryption\n\n---\n\n**Q151:** What is an IPSec replay attack?\n\nOption 1: An attack where an attacker attempts to inject packets into an existing session\nOption 2: An attack where an attacker modifies packets in transit\nOption 3: An attack where an attacker eavesdrops on network traffic\nOption 4: An attack where an attacker overloads a network with traffic\n\nCorrect Answer: An attack where an attacker attempts to inject packets into an existing session\n\n---\n\n**Q152:** What is the primary goal of implementing intrusion detection and prevention systems (IDPS) in a network?\n\nOption 1: To monitor network traffic for compliance purposes\nOption 2: To optimize network performance\nOption 3: To detect and respond to malicious activities and security threats\nOption 4: To prevent physical access to network devices\n\nCorrect Answer: To detect and respond to malicious activities and security threats\n\n---\n\n**Q153:** A company has noticed that their network performance has been slow lately. After investigating, they discover that their router is not configured properly, leading to network congestion. Which OSI layer is most likely affected by this issue?\n\nOption 1: Application Layer\nOption 2: Transport Layer\nOption 3: Network Layer\nOption 4: Data Link Layer\n\nCorrect Answer: Network Layer\n\n---\n\n**Q154:** Which cloud service model provides access to virtualized computing resources over the internet?\n\nOption 1: Infrastructure as a Service (IaaS)\nOption 2: Platform as a Service (PaaS)\nOption 3: Software as a Service (SaaS)\nOption 4: Function as a Service (FaaS)\n\nCorrect Answer: Infrastructure as a Service (IaaS)\n\n---\n\n**Q155:** What is the primary goal of implementing data loss prevention (DLP) solutions in cloud environments?\n\nOption 1: To prevent unauthorized access to cloud resources\nOption 2: To monitor and control data movement within and outside the organization\nOption 3: To optimize cloud resource utilization\nOption 4: To automate software deployment processes\n\nCorrect Answer: To monitor and control data movement within and outside the organization\n\n---\n\n**Q156:** What is the main advantage of using a rainbow table attack compared to a brute-force attack?\n\nOption 1: Rainbow table attacks are faster and more efficient\nOption 2: Brute-force attacks are less computationally intensive\nOption 3: Rainbow table attacks are less likely to succeed\nOption 4: Brute-force attacks require less memory resources\n\nCorrect Answer: Rainbow table attacks are faster and more efficient\n\n---\n\n**Q157:** A company has noticed that their network performance has been slow lately. After investigating, they discover that their router is not configured properly, leading to network congestion. Which OSI layer is most likely affected by this issue?\n\nOption 1: Application Layer\nOption 2: Transport Layer\nOption 3: Network Layer\nOption 4: Data Link Layer\n\nCorrect Answer: Network Layer\n\n---\n\n**Q158:** A hacker sends a specially crafted email with a malicious attachment to an employee of a company. Once the employee downloads and opens the attachment, malware is installed on the computer. Which TCP layer is being attacked?\n\nOption 1: Application layer\nOption 2: Transport layer\nOption 3: Network layer\nOption 4: Physical layer\n\nCorrect Answer: Application layer\n\n---\n\n**Q159:** What is the primary purpose of using encryption at rest in cloud storage?\n\nOption 1: To prevent unauthorized access to cloud resources\nOption 2: To optimize cloud resource utilization\nOption 3: To automate software deployment processes\nOption 4: To protect data stored in cloud storage from unauthorized access\n\nCorrect Answer: To protect data stored in cloud storage from unauthorized access\n\n---\n\n**Q160:** Which security control is used to monitor and analyze user activities and access patterns in cloud environments?\n\nOption 1: Security information and event management (SIEM)\nOption 2: Intrusion detection systems (IDS)\nOption 3: Multi-factor authentication (MFA)\nOption 4: Role-based access control (RBAC)\n\nCorrect Answer: Security information and event management (SIEM)\n\n---\n\n**Q161:** What is the primary goal of data loss prevention (DLP) solutions in cloud environments?\n\nOption 1: To prevent unauthorized access to cloud resources\nOption 2: To monitor and control data movement within and outside the organization\nOption 3: To optimize cloud resource utilization\nOption 4: To automate software deployment processes\n\nCorrect Answer: To monitor and control data movement within and outside the organization\n\n---\n\n**Q162:** What security measure can help prevent unauthorized access to cloud resources through stolen or compromised credentials?\n\nOption 1: Intrusion detection systems (IDS)\nOption 2: Multi-factor authentication (MFA)\nOption 3: Data encryption at rest\nOption 4: Network segmentation\n\nCorrect Answer: Multi-factor authentication (MFA)\n\n---\n\n**Q163:** Which cloud service model provides the highest level of abstraction and requires the least management effort by customers?\n\nOption 1: Infrastructure as a Service (IaaS)\nOption 2: Platform as a Service (PaaS)\nOption 3: Software as a Service (SaaS)\nOption 4: Function as a Service (FaaS)\n\nCorrect Answer: Software as a Service (SaaS)\n\n---\n\n**Q164:** What is the main advantage of using a one-time pad (OTP) encryption scheme?\n\nOption 1: OTP encryption provides perfect secrecy\nOption 2: OTP encryption is computationally efficient\nOption 3: OTP encryption requires smaller key sizes\nOption 4: OTP encryption is resistant to brute-force attacks\n\nCorrect Answer: OTP encryption provides perfect secrecy\n\n---\n\n**Q165:** What is a key benefit of using containerization in cloud environments?\n\nOption 1: Improved hardware utilization\nOption 2: Enhanced network security\nOption 3: Simplified application deployment\nOption 4: Reduced data transfer costs\n\nCorrect Answer: Simplified application deployment\n\n---\n\n**Q166:** Which encryption algorithm is commonly used to protect data in transit between cloud services and users' devices?\n\nOption 1: AES (Advanced Encryption Standard)\nOption 2: RSA (Rivest-Shamir-Adleman)\nOption 3: DES (Data Encryption Standard)\nOption 4: MD5 (Message Digest Algorithm 5)\n\nCorrect Answer: AES (Advanced Encryption Standard)\n\n---\n\n**Q167:** What is the main problem with assigning static privileges to administrative users on a database?\n\nOption 1: Security is dependent upon the login process\nOption 2: Administrative users may forget their privileges\nOption 3: Static privileges are more expensive to implement\nOption 4: Static privileges may not provide enough access\n\nCorrect Answer: Security is dependent upon the login process\n\n---\n\n"
  },
  {
    "path": "Dump Questions/200+ Question Answer Flashcard.md",
    "content": "# [(ISC)2 Flashcards for CC (Certified in Cybersecurity)](https://learn.isc2.org/d2l/home/9541)\n\n## [Chapter 1 - Security Principles](https://www.isc2.org/Training/Self-Study-Resources/CC/chapter-1)\n\n1. Security commensurate with the risk and the magnitude of harm resulting from the loss, misuse or unauthorized access to or modification of information.\n  > Adequate Security\n2. Controls implemented through policy and procedures. Examples include access control processes and requiring multiple personnel to conduct a specific operation. Administrative controls in modern environments are often enforced in conjunction with physical and/or technical controls, such as an access-granting policy for new users that requires login and approval by the hiring manager.\n  > Administrative Controls\n3. The ability of computers and robots to simulate human intelligence and behavior.\n  > Artificial Intelligence\n4. Anything of value that is owned by an organization. Assets include both tangible items such as information systems and physical property and intangible assets such as intellectual property.\n  > Asset\n5. Access control process validating that the identity being claimed by a user or entity is known to the system, by comparing one (single factor or SFA) or more (multi-factor authentication or MFA) factors of identification.\n  > Authentication\n6. The right or a permission that is granted to a system entity to access a system resource.\n  > Authorization\n7. Ensuring timely and reliable access to and use of information by authorized users.\n  > Availability\n8. A documented, lowest level of security configuration allowed by a standard or organization.\n  > Baseline\n9. Biological characteristics of an individual, such as a fingerprint, hand geometry, voice, or iris patterns.\n  > Biometric\n10. Malicious code that acts like a remotely controlled \"robot\" for an attacker, with other Trojan and worm capabilities.\n  > Bot\n11. Information that has been determined to require protection against unauthorized disclosure and is marked to indicate its classified status and classification level when in documentary form.\n  > Classified or Sensitive Information\n12. The characteristic of data or information when it is not made available or disclosed to unauthorized persons or processes.\n  > Confidentiality\n13. A measure of the degree to which an organization depends on the information or information system for the success of a mission or of a business function.\n  > Criticality\n14. The property that data has not been altered in an unauthorized manner. Data integrity covers data in storage, during processing and while in transit.\n  > Data integrity\n15. The process and act of converting the message from its plaintext to ciphertext. Sometimes it is also referred to as enciphering. The two terms are sometimes used interchangeably in literature and have similar meanings.\n  > Encryption\n16. In 2016, the European Union passed comprehensive legislation that addresses personal privacy, deeming it an individual human right.\n  > General Data Protection Regulation (GDPR)\n17. The process of how an organization is managed; usually includes all aspects of how decisions are made for that organization, such as policies, roles, and procedures the organization uses to make those decisions.\n  > Governance\n18. This U.S. federal law is the most important healthcare information regulation in the United States. It directs the adoption of national standards for electronic healthcare transactions while protecting the privacy of individual's health information. Other provisions address fraud reduction, protections for individuals with health insurance and a wide range of other healthcare-related activities.\n  > Health Insurance Portability and Accountability Act (HIPAA)\n19. The magnitude of harm that could be caused by a threat's exercise of a vulnerability.\n  > Impact\n20. The potential adverse impacts to an organization's operations (including its mission, functions and image and reputation), assets, individuals, other organizations, and even the nation, which results from the possibility of unauthorized access, use, disclosure, disruption, modification or destruction of information and/or information systems.\n  > Information Security Risk\n21. The property of information whereby it is recorded, used and maintained in a way that ensures its completeness, accuracy, internal consistency and usefulness for a stated purpose.\n  > Integrity\n22. The ISO develops voluntary international standards in collaboration with its partners in international standardization, the International Electro-technical Commission (IEC) and the International Telecommunication Union (ITU), particularly in the field of information and communication technologies.\n  > International Organization of Standards (ISO)\n23. The internet standards organization, made up of network designers, operators, vendors and researchers, that defines protocol standards (e.g., IP, TCP, DNS) through a process of collaboration and consensus.\n  > Internet Engineering Task Force (IETF)\n24. The probability that a potential vulnerability may be exercised within the construct of the associated threat environment.\n  > Likelihood\n25. A weighted factor based on a subjective analysis of the probability that a given threat is capable of exploiting a given vulnerability or set of vulnerabilities.\n  > Likelihood of Occurrence\n26. Using two or more distinct instances of the three factors of authentication (something you know, something you have, something you are) for identity verification.\n  > Multi-Factor Authentication\n27. The NIST is part of the U.S. Department of Commerce and addresses the measurement infrastructure within science and technology efforts within the U.S. federal government. NIST sets standards in a number of areas, including information security within the Computer Security Resource Center of the Computer Security Divisions.\n  > National Institutes of Standards and Technology (NIST)\n28. The inability to deny taking an action such as creating information, approving information and sending or receiving a message.\n  > Non-repudiation\n29. The National Institute of Standards and Technology, known as NIST, in its Special Publication 800-122 defines PII as \"any information about an individual maintained by an agency, including (1) any information that can be used to distinguish or trace an individual's identity, such as name, Social Security number, date and place of birth, mother's maiden name, or biometric records; and (2) any other information that is linked or linkable to an individual, such as medical, educational, financial and employment information.\"\n  > Personally Identifiable Information (PII)\n30. Controls implemented through a tangible mechanism. Examples include walls, fences, guards, locks, etc. In modern organizations, many physical control systems are linked to technical/logical systems, such as badge readers connected to door locks.\n  > Physical Controls\n31. The right of an individual to control the distribution of information about themselves.\n  > Privacy\n32. The chances, or likelihood, that a given threat is capable of exploiting a given vulnerability or a set of vulnerabilities.\n  > Probability\n33. Information regarding health status, the provision of healthcare or payment for healthcare as defined in HIPAA (Health Insurance Portability and Accountability Act).\n  > Protected Health Information (PHI)\n34. A method for risk analysis that is based on the assignment of a descriptor such as low, medium or high.\n  > Qualitative Risk Analysis\n35. A method for risk analysis where numerical values are assigned to both impact and likelihood based on statistical probabilities and monetarized valuation of loss or gain.\n  > Quantitative Risk Analysis\n36. A possible event which can have a negative impact upon the organization.\n  > Risk\n37. Determining that the potential benefits of a business function outweigh the possible risk impact/likelihood and performing that business function with no other action.\n  > Risk Acceptance\n38. The process of identifying and analyzing risks to organizational operations (including mission, functions, image, or reputation), organizational assets, individuals and other organizations. The analysis performed as part of risk management which incorporates threat and vulnerability analyses and considers mitigations provided by security controls planned or in place.\n  > Risk Assessment\n39. Determining that the impact and/or likelihood of a specific risk is too great to be offset by the potential benefits and not performing a certain business function because of that determination.\n  > Risk Avoidance\n40. The process of identifying, evaluating and controlling threats, including all the phases of risk context (or frame), risk assessment, risk treatment and risk monitoring.\n  > Risk Management\n41. A structured approach used to oversee and manage risk for an enterprise.\n  > Risk Management Framework\n42. Putting security controls in place to reduce the possible impact and/or likelihood of a specific risk.\n  > Risk Mitigation\n43. The level of risk an entity is willing to assume in order to achieve a potential desired result. Source: NIST SP 800-32. Risk threshold, risk appetite and acceptable risk are also terms used synonymously with risk tolerance.\n  > Risk Tolerance\n44. Paying an external party to accept the financial impact of a given risk.\n  > Risk Transference\n45. The determination of the best way to address an identified risk.\n  > Risk Treatment\n46. The management, operational and technical controls (i.e., safeguards or countermeasures) prescribed for an information system to protect the confidentiality, integrity and availability of the system and its information.\n  > Security Controls\n47. A measure of the importance assigned to information by its owner, for the purpose of denoting its need for protection.\n  > Sensitivity\n48. Use of just one of the three available factors (something you know, something you have, something you are) to carry out the authentication process being requested.\n  > Single-Factor Authentication\n49. The condition an entity is in at a point in time.\n  > State\n50. The quality that a system has when it performs its intended function in an unimpaired manner, free from unauthorized manipulation of the system, whether intentional or accidental.\n  > System Integrity\n51. Security controls (i.e., safeguards or countermeasures) for an information system that are primarily implemented and executed by the information system through mechanisms contained in the hardware, software or firmware components of the system.\n  > Technical Controls\n52. Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image or reputation), organizational assets, individuals, other organizations or the nation through an information system via unauthorized access, destruction, disclosure, modification of information and/or denial of service.\n  > Threat\n53. An individual or a group that attempts to exploit vulnerabilities to cause or force a threat to occur.\n  > Threat Actor\n54. The means by which a threat actor carries out their objectives.\n  > Threat Vector\n55. A physical object a user possesses and controls that is used to authenticate the user's identity.\n  > Token\n56. Weakness in an information system, system security procedures, internal controls or implementation that could be exploited by a threat source.\n  > Vulnerability\n57. IEEE is a professional organization that sets standards for telecommunications, computer engineering and similar disciplines.\n  > Institute of Electrical and Electronics Engineers\n\n## [Chapter 2 - Incident Response, Business Continuity and Disaster Recovery Concepts](https://www.isc2.org/Training/Self-Study-Resources/CC/chapter-2)\n\n1. Events with a negative consequence, such as system crashes, network packet floods, unauthorized use of system privileges, defacement of a web page or execution of malicious code that destroys data.\n  > Adverse Events\n2. The loss of control, compromise, unauthorized disclosure, unauthorized acquisition or any similar occurrence where: a person other than an authorized user accesses or potentially accesses personally identifiable information; or an authorized user accesses personally identifiable information for other than an authorized purpose.\n  > Breach\n3. Actions, processes and tools for ensuring an organization can continue critical operations during a contingency.\n  > Business Continuity (BC)\n4. The documentation of a predetermined set of instructions or procedures that describe how an organization's mission/business processes will be sustained during and after a significant disruption.\n  > Business Continuity Plan (BCP)\n5. An analysis of an information system's requirements, functions, and interdependencies used to characterize system contingency requirements and priorities in the event of a significant disruption.\n  > Business Impact Analysis (BIA)\n6. In information systems terms, the activities necessary to restore IT and communications services to an organization during and after an outage, disruption or disturbance of any kind or scale.\n  > Disaster Recovery (DR)\n7. The processes, policies and procedures related to preparing for recovery or continuation of an organization's critical business functions, technology infrastructure, systems and applications after the organization experiences a disaster. A disaster is when an organization's critical business function(s) cannot be performed at an acceptable level within a predetermined period following a disruption.\n  > Disaster Recovery Plan (DRP)\n8. Any observable occurrence in a network or system.\n  > Event\n9. A particular attack. It is named this way because these attacks exploit system vulnerabilities.\n  > Exploit\n10. An event that actually or potentially jeopardizes the confidentiality, integrity or availability of an information system or the information the system processes, stores or transmits.\n  > Incident\n11. The mitigation of violations of security policies and recommended practices.\n  > Incident Handling\n12. The mitigation of violations of security policies and recommended practices.\n  > Incident Response (IR)\n13. The documentation of a predetermined set of instructions or procedures to detect, respond to and limit consequences of a malicious cyberattack against an organization's information systems(s).\n  > Incident Response Plan (IRP)\n14. A security event, or combination of security events, that constitutes a security incident in which an intruder gains, or attempts to gain, access to a system or system resource without authorization.\n  > Intrusion\n15. A centralized organizational function fulfilled by an information security team that monitors, detects and analyzes events on the network or system to prevent and resolve issues before they result in business disruptions.\n  > Security Operations Center\n16. Weakness in an information system, system security procedures, internal controls or implementation that could be exploited or triggered by a threat source.\n  > Vulnerability\n17. A previously unknown system vulnerability with the potential of exploitation without risk of detection or prevention because it does not, in general, fit recognized patterns, signatures or methods.\n  > Zero Day\n\n## [Chapter 3 - Access Control Concepts](https://www.isc2.org/Training/Self-Study-Resources/CC/chapter-3)\n\n1. Independent review and examination of records and activities to assess the adequacy of system controls, to ensure compliance with established policies and operational procedures.\n  > Audit\n2. An architectural approach to the design of buildings and spaces which emphasizes passive features to reduce the likelihood of criminal activity.\n  > Crime Prevention through Environmental Design (CPTED)\n3. Information security strategy integrating people, technology, and operations capabilities to establish variable barriers across multiple layers and missions of the organization.\n  > Defense in Depth\n4. A certain amount of access control is left to the discretion of the object's owner, or anyone else who is authorized to control the object's access. The owner can determine who should have access rights to an object and what those rights should be.\n  > Discretionary Access Control (DAC)\n5. To protect private information by putting it into a form that can only be read by people who have permission to do so.\n  > Encrypt\n6. Devices that enforce administrative security policies by filtering incoming traffic based on a set of rules.\n  > Firewalls\n7. An entity with authorized access that has the potential to harm an information system through destruction, disclosure, modification of data, and/or denial of service.\n  > Insider Threat\n8. An operating system manufactured by Apple Inc. Used for mobile devices.\n  > iOS\n9. The use of multiple controls arranged in series to provide several consecutive controls to protect an asset; also called defense in depth.\n  > Layered Defense\n10. An operating system that is open source, making its source code legally available to end users.\n  > Linux\n11. A system irregularity that is identified when studying log entries which could represent events of interest for further surveillance.\n  > Log Anomaly\n12. Collecting and storing user activities in a log, which is a record of the events occurring within an organization's systems and networks.\n  > Logging\n13. An automated system that controls an individual's ability to access one or more computer system resources, such as a workstation, network, application or database. A logical access control system requires the validation of an individual's identity through some mechanism, such as a PIN, card, biometric or other token. It has the capability to assign different access privileges to different individuals depending on their roles and responsibilities in an organization.\n  > Logical Access Control Systems\n14. Access control that requires the system itself to manage access controls in accordance with the organization's security policies.\n  > Mandatory Access Control\n15. An entrance to a building or an area that requires people to pass through two doors with only one door opened at a time.\n  > Mantrap\n16. Passive information system-related entity (e.g., devices, files, records, tables, processes, programs, domains) containing or receiving information. Access to an object (by a subject) implies access to the information it contains. See subject.\n  > Object\n17. Controls implemented through a tangible mechanism. Examples include walls, fences, guards, locks, etc. In modern organizations, many physical control systems are linked to technical/logical systems, such as badge readers connected to door locks.\n  > Physical Access Controls\n18. The principle that users and programs should have only the minimum privileges necessary to complete their tasks.\n  > Principle of Least Privilege\n19. An information system account with approved authorizations of a privileged user.\n  > Privileged Account\n20. A type of malicious software that locks the computer screen or files, thus preventing or limiting a user from accessing their system and data until money is paid.\n  > Ransomware\n21. An access control system that sets up user permissions based on roles.\n  > Role-based access control (RBAC)\n22. An instruction developed to allow or deny access to a system by comparing the validated identity of the subject to an access control list.\n  > Rule\n23. The practice of ensuring that an organizational process cannot be completed by a single person; forces collusion as a means to reduce insider threats. Also commonly known as Separation of Duties.\n  > Segregation of Duties\n24. Generally an individual, process or device causing information to flow among objects or change to the system state.\n  > Subject\n25. The security controls (i.e., safeguards or countermeasures) for an information system that are primarily implemented and executed by the information system through mechanisms contained in the hardware, software or firmware components of the system.\n  > Technical Controls\n26. A one-way spinning door or barrier that allows only one person at a time to enter a building or pass through an area.\n  > Turnstile\n27. An operating system used in software development.\n  > Unix\n28. The process of creating, maintaining and deactivating user identities on a system.\n  > User Provisioning\n\n## [Chapter 4 - Network Security](https://www.isc2.org/Training/Self-Study-Resources/CC/chapter-4)\n\n1. A set of routines, standards, protocols, and tools for building software applications to access a web-based software application or web tool.\n  > Application programming interface (API)\n2. The most essential representation of data (zero or one) at Layer 1 of the Open Systems Interconnection (OSI) model.\n  > Bit\n3. Broadcast transmission is a one-to-many (one-to-everyone) form of sending internet traffic.\n  > Broadcast\n4. The byte is a unit of digital information that most commonly consists of eight bits.\n  > Byte\n5. A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.\n  > Cloud Computing\n6. A system in which the cloud infrastructure is provisioned for exclusive use by a specific community of consumers from organizations that have shared concerns (e.g., mission, security requirements, policy and compliance considerations). It may be owned, managed and operated by one or more of the organizations in the community, a third party or some combination of them, and it may exist on or off premises.\n  > Community Cloud\n7. The opposite process of encapsulation, in which bundles of data are unpacked or revealed.\n  > De-encapsulation\n8. The prevention of authorized access to resources or the delaying of time-critical operations. (Time-critical may be milliseconds or it may be hours, depending upon the service provided.)\n  > Denial-of-Service (DoS)\n9. This acronym can be applied to three interrelated elements: a service, a physical server and a network protocol.\n  > Domain Name Service (DNS)\n10. Enforcement of data hiding and code hiding during all phases of software development and operational use. Bundling together data and methods is the process of encapsulation; its opposite process may be called unpacking, revealing, or using other terms. Also used to refer to taking any set of data and packaging it or hiding it in another data structure, as is common in network protocols and encryption.\n  > Encapsulation\n11. The process and act of converting the message from its plaintext to ciphertext. Sometimes it is also referred to as enciphering. The two terms are sometimes used interchangeably in literature and have similar meanings.\n  > Encryption\n12. The internet protocol (and program) used to transfer files between hosts.\n  > File Transfer Protocol (FTP)\n13. In a fragment attack, an attacker fragments traffic in such a way that a system is unable to put data packets back together.\n  > Fragment attack\n14. The physical parts of a computer and related devices.\n  > Hardware\n15. A combination of public cloud storage and private cloud storage where some critical data resides in the enterprise's private cloud while other data is stored and accessible from a public cloud storage provider.\n  > Hybrid cloud\n16. The provider of the core computing, storage and network hardware and software that is the foundation upon which organizations can build and then deploy applications. IaaS is popular in the data center where software and servers are purchased as a fully outsourced service and usually billed on usage and how much of the resource is used.\n  > Infrastructure as a Service (IaaS)\n17. An IP network protocol standardized by the Internet Engineering Task Force (IETF) through RFC 792 to determine if a particular service or host is available.\n  > Internet Control Message Protocol (ICMP)\n18. Standard protocol for transmission of data from source to destinations in packet-switched communications networks and interconnected systems of such networks.\n  > Internet Protocol (IPv4)\n19. An attack where the adversary positions himself in between the user and the system so that he can intercept and alter data traveling between them.\n  > Man-in-the-Middle\n20. Part of a zero-trust strategy that breaks LANs into very small, highly localized zones using firewalls or similar technologies. At the limit, this places firewall at every connection point.\n  > Microsegmentation\n21. Purposely sending a network packet that is larger than expected or larger than can be handled by the receiving system, causing the receiving system to fail unexpectedly.\n  > Oversized Packet Attack\n22. Representation of data at Layer 3 of the Open Systems Interconnection (OSI) model.\n  > Packet\n23. The primary action of a malicious code attack.\n  > Payload\n24. An information security standard administered by the Payment Card Industry Security Standards Council that applies to merchants and service providers who process credit or debit card transactions.\n  > Payment Card Industry Data Security Standard (PCI DSS)\n25. The web-authoring or application development middleware environment that allows applications to be built in the cloud before they're deployed as SaaS assets.\n  > Platform as a Service (PaaS)\n26. The phrase used to describe a cloud computing platform that is implemented within the corporate firewall, under the control of the IT department. A private cloud is designed to offer the same features and benefits of cloud systems, but removes a number of objections to the cloud computing model, including control over enterprise and customer data, worries about security, and issues connected to regulatory compliance.\n  > Private cloud\n27. A set of rules (formats and procedures) to implement and control some type of association (that is, communication) between systems.\n  > Protocols\n28. The cloud infrastructure is provisioned for open use by the general public. It may be owned, managed, and operated by a business, academic, or government organization, or some combination of them. It exists on the premises of the cloud provider.\n  > Public cloud\n29. The standard communication protocol for sending and receiving emails between senders and receivers.\n  > Simple Mail Transport Protocol (SMTP)\n30. Computer programs and associated data that may be dynamically written or modified during execution.\n  > Software\n31. The cloud customer uses the cloud provider's applications running within a cloud infrastructure. The applications are accessible from various client devices through either a thin client interface, such as a web browser or a program interface. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings.\n  > Software as a Service (SaaS)\n32. Faking the sending address of a transmission to gain illegal entry into a secure system\n  > Spoofing\n33. Internetworking protocol model created by the IETF, which specifies four layers of functionality: Link layer (physical communications), Internet Layer (network-to-network communication), Transport Layer (basic channels for connections and connectionless exchange of data between hosts), and Application Layer, where other protocols and user applications programs make use of network services.\n  > Transport Control Protocol/Internet Protocol (TCP/IP) Model\n34. A virtual local area network (VLAN) is a logical group of workstations, servers, and network devices that appear to be on the same LAN despite their geographical distribution.\n  > VLAN\n35. A virtual private network (VPN), built on top of existing networks, that can provide a secure communications mechanism for transmission between networks.\n  > VPN\n36. A wireless area network (WLAN) is a group of computers and devices that are located in the same vicinity, forming a network based on radio transmissions rather than wired connections. A Wi-Fi network is a type of WLAN.\n  > WLAN\n37. The graphical user interface (GUI) for the Nmap Security Scanner, an open-source application that scans networks to determine everything that is connected as well as other information.\n  > Zenmap\n38. Removing the design belief that the network has any trusted space. Security is managed at each possible level, representing the most granular asset. Microsegmentation of workloads is a tool of the model.\n  > Zero Trust\n\n## [Chapter 5 - Security Operations](https://www.isc2.org/Training/Self-Study-Resources/CC/chapter-5)\n\n1. A computer responsible for hosting applications to user workstations.\n  > Application Server\n2. An algorithm that uses one key to encrypt and a different key to decrypt the input plaintext.\n  > Asymmetric Encryption\n3. A digit representing the sum of the correct digits in a piece of stored or transmitted digital data, against which later comparisons can be made to detect errors in the data.\n  > Checksum\n4. The altered form of a plaintext message so it is unreadable for anyone except the intended recipients. In other words, it has been turned into a secret.\n  > Ciphertext\n5. Classification identifies the degree of harm to the organization, its stakeholders or others that might result if an information asset is divulged to an unauthorized person, process or organization. In short, classification is focused first and foremost on maintaining the confidentiality of the data, based on the data sensitivity.\n  > Classification\n6. A process and discipline used to ensure that the only changes made to a system are those that have been authorized and validated.\n  > Configuration management\n7. One who performs cryptanalysis which is the study of mathematical techniques for attempting to defeat cryptographic techniques and/or information systems security. This includes the process of looking for errors or weaknesses in the implementation of an algorithm or of the algorithm itself.\n  > Cryptanalyst\n8. The study or applications of methods to secure or protect the meaning and content of messages, files, or other information, usually by disguise, obscuration, or other transformations of that content and meaning.\n  > Cryptography\n9. System capabilities designed to detect and prevent the unauthorized use and transmission of information.\n  > Data Loss Prevention (DLP)\n10. The reverse process from encryption. It is the process of converting a ciphertext message back into plaintext through the use of the cryptographic algorithm and the appropriate key for decryption (which is the same for symmetric encryption, but different for asymmetric encryption). This term is also used interchangeably with the \"deciphering.\"\n  > Decryption\n11. A technique of erasing data on disk or tape (including video tapes) that, when performed properly, ensures that there is insufficient magnetic remanence to reconstruct data.\n  > Degaussing\n12. The result of a cryptographic transformation of data which, when properly implemented, provides the services of origin authentication, data integrity, and signer non-repudiation.\n  > Digital Signature\n13. Monitoring of outgoing network traffic.\n  > Egress Monitoring\n14. The process and act of converting the message from its plaintext to ciphertext. Sometimes it is also referred to as enciphering. The two terms are sometimes used interchangeably in literature and have similar meanings.\n  > Encryption\n15. The total set of algorithms, processes, hardware, software, and procedures that taken together provide an encryption and decryption capability.\n  > Encryption System\n16. A reference to the process of applying secure configurations (to reduce the attack surface) and locking down various hardware, communications systems, and software, including operating system, web server, application server, application, etc. Hardening is normally performed based on industry guidelines and benchmarks, such as those provided by the Center for Internet Security (CIS).\n  > Hardening\n17. An algorithm that computes a numerical value (called the hash value) on a data file or electronic message that is used to represent that file or message and depends on the entire contents of the file or message. A hash function can be considered to be a fingerprint of the file or message.\n  > Hash Function\n18. The process of using a mathematical algorithm against data to produce a numeric value that is representative of that data.\n  > Hashing\n19. The requirements for information sharing by an IT system with one or more other IT systems or applications, for information sharing to support multiple internal or external organizations, missions, or public programs.\n  > Information Sharing\n20. Monitoring of incoming network traffic.\n  > Ingress Monitoring\n21. A digital signature that uniquely identifies data and has the property such that changing a single bit in the data will cause a completely different message digest to be generated.\n  > Message Digest\n22. The software \"master control application\" that runs the computer. It is the first program loaded when the computer is turned on, and its main component, the kernel, resides in memory at all times. The operating system sets the standards for all application programs (such as the Web server) that run in the computer. The applications communicate with the operating system for most user interface and file management operations.\n  > Operating System\n23. A software component that, when installed, directly modifies files or device settings related to a different software component without changing the version number or release details for the related software component.\n  > Patch\n24. The systematic notification, identification, deployment, installation and verification of operating system and application software code revisions. These revisions are known as patches, hot fixes, and service packs.\n  > Patch Management\n25. A message or data in its natural format and in readable form; extremely vulnerable from a confidentiality perspective.\n  > Plaintext\n26. The recordings (automated and/or manual) of evidence of activities performed or results achieved (e.g., forms, reports, test results), which serve as a basis for verifying that the organization and the information system are performing as intended. Also used to refer to units of related data fields (i.e., groups of data fields that can be accessed by a program and that contain the complete set of information on particular items).\n  > Records\n27. A practice based on the records life cycle, according to which records are retained as long as necessary, and then are destroyed after the appropriate time interval has elapsed.\n  > Records Retention\n28. Residual information remaining on storage media after clearing.\n  > Remanence\n29. The first stage of change management, wherein a change in procedure or product is sought by a stakeholder.\n  > Request for change (RFC)\n30. The entirety of the policies, roles, and processes the organization uses to make security decisions in an organization.\n  > Security Governance\n31. Tactics to infiltrate systems via email, phone, text, or social media, often impersonating a person or agency in authority or offering a gift. A low-tech method would be simply following someone into a secure building.\n  > Social engineering\n32. An algorithm that uses the same key in both the encryption and the decryption processes.\n  > Symmetric encryption\n33. A computer that provides World Wide Web (WWW) services on the Internet. It includes the hardware, operating system, Web server software, and Web site content (Web pages). If the Web server is used internally and not by the public, it may be known as an \"intranet server.\"\n  > Web Server\n34. Phishing attacks that attempt to trick highly placed officials or private individuals with sizable assets into authorizing large fund wire transfers to previously unknown entities.\n  > Whaling Attack\n"
  },
  {
    "path": "Dump Questions/70+ Additional dumps.md",
    "content": "### Questions and Answers\n\n1. A cyberattacker changes the website of a pharmacy so it displays\nincorrect information about COVID testing. This is an example of\nwhat kind of compromise?\nA. Confidentiality\nB. Integrity\nC. Availability\nD. Nonrepudiation\n\nANS: B. Changing data without proper authorization is a compromise of\nintegrity.\n\n2. The function of a computer system that verifies the identity of a user\nis called _________.\nA. Authentication\nB. Authorization\nC. Authenticity\nD. Availability\n\nANS: A. Authentication is the function of verifying a user’s identity.\n\n3. Jane received an electronic message from Fred that was digitally\nsigned proving it came from him. However, Fred said he never sent it.\nThis is an example of what message integrity characteristic?\nA. Nonreputation\nB. Nonrefutability\nC. Nonrepudiation\nD. Authenticity\n\nANS: C. Nonrepudiation technologies are used to guarantee that a sender\nof a message cannot later deny that they sent the message.\n\n4. Which of the following elements do not apply to privacy?\nA. Confidentiality\nB. Integrity\nC. Availability\nD. None of the above\n\nANS: D. All of the items listed apply to privacy.\n\n5. Information assurance refers to the ____________ of information\nsecurity.\nA. Quality\nB. Confidentiality\nC. Ethics\nD. Measurement\n\nANS: D. Information assurance is the measurement of the security controls\nan organization has put into place.\n\n6. What is the first thing a cyberattacker would want to do to launch an\nattack against an organization?\nA. Learn about the organization’s vulnerabilities.\nB. Learn about the organization’s business, including domain names,\ncorporate information, facilities, names of employees, etc.\nC. Deploy malware.\nD. Steal data.\n\nANS: B. While learning about vulnerabilities might seem like a good\nanswer, the best answer is learning about the organization’s business\ndetails because that will provide the basic information the\ncyberattacker can use to launch the attack.\n\n7. An earthquake is an example of a ____________?\nA. Threat agent\nB. Threat\nC. Vulnerability\nD. Risk\n\nANS: B. An earthquake is a natural disaster that may occur and that could\ncause harm to an organization; therefore it is a threat to the\norganization.\n\n8. Which of the following statements is most correct?\nA. Security should be done the same way regardless of the situation.\nB. Security should be tailored based on the situation.\nC. It’s always best to mitigate risks rather than transfer them.\nD. Risk avoidance trumps security controls every time.\n\nANS: B. Answers A, C, and D all contain absolute statements about\napplying security. But security is never absolute; it is tailored based\non the situation and the organization’s tolerance for risk, so the best\nanswer is B.\n\n9. You are asked to perform a risk assessment of an information system\nfor the purpose of recommending the most appropriate security\ncontrols. You have a short amount of time to do this. You have\ninformation about how each asset in the system is used and its\nimportance to the business, but you have no financial information\nabout the assets or the information systems. Which is the most\nappropriate method to use for this assessment?\nA. Qualitative\nB. Threat modeling\nC. Quantitative\nD. Delphi\n\nANS: A. Since you have no financial data, a quantitative assessment is not\npossible, but since you have information about how each asset in the\nsystem is used and its importance to the business, you have what you\nneed to do a qualitative analysis.\n\n10. You are asked to implement a risk treatment in which your IT\ndepartment is removing a server from the environment that it deems is\ntoo risky due to having too many vulnerabilities in it. You have just\npracticed which type of risk treatment?\nA. Risk transfer\nB. Risk avoidance\nC. Risk acceptance\nD. Risk mitigation\n\nANS: C. Risk avoidance is the best answer because by removing the risky\nserver altogether, you are avoiding the risk. Answer D may have\nbeen considered because vulnerability mitigation is a type of risk\ntreatment, but that usually involves addressing specific\nvulnerabilities, not removing entire systems or services.\n\n11. A security engineer is performing a review of an organization’s\ndatacenter security controls. They document that the datacenter lacks\nsecurity cameras for monitoring the facilities. What type of control\ndoes this represent?\nA. Administrative\nB. Technical\nC. Physical\nD. Logical\n\nANS: C. Security cameras used for monitoring facilities are an example of\nphysical security controls. Administrative controls are managementoriented controls such as documentation, policies, procedures, and\ntraining. Technical or logical controls are hardware or software\ncomponents implemented by computer systems or network devices.\n\n12. Which of the following statements is true regarding the types of\nsecurity controls?\nA. Physical controls are also referred to as logical controls.\nB. Logical controls are also referred to as managerial controls.\nC. Physical controls are also referred to as managerial controls.\nD. Administrative controls are also referred to as soft controls.\n\nANS: D. Administrative controls are also referred to as soft controls or\nmanagerial controls. Technical controls are also referred to as logical\ncontrols.\n\n13. The senior security engineer is creating a document that provides\nstep-by-step instructions on how to launch a vulnerability scan\nutilizing the organization’s vulnerability scanning tool that all security\nengineers will be required to follow. Which of the following\ngovernance elements is this an example of?\nA. Policy\nB. Procedure\nC. Guideline\nD. Law\n\nANS: B. A document containing step-by-step instructions on how to\nperform a vulnerability scanning is an example of a procedure.\nPolicies are high-level management statements providing directives\nto the organization but do not prescribe exact steps. Guidelines serve\nas best practice references but are not required to be followed. While\nfollowing the procedure may be a requirement of the business, the\nprocedure itself is not a law.\n\n14. An information security policy is an example of which of the\nfollowing types of controls?\nA. Administrative\nB. Technical\nC. Logical\nD. Physical\n\nANS: A. A policy is an example of an administrative control.\nAdministrative controls are management-oriented controls that\nprovide directives and instruction aimed at people within the\norganization, such as documentation, training, and other personnel\nmanagement practices. Technical controls, also known as logical\ncontrols, are hardware or software components that protect virtual\nresources. Physical controls are tangible controls put in place to\nprotect physical resources against physical threats\n\n15. Sarah is a security engineer for a Software as a Service (SaaS)\norganization. Her friend Kyle is a systems administrator for the\norganization and helped her get the job by serving as a reference.\nWhile reviewing some system logs, Sarah discovered that Kyle is\nrunning a crypto-mining program on a company server for his own\nfinancial gain. How should Sarah respond to this situation?\nA. Ask Kyle to stop\nB. Ask Kyle to share the profits with her\nC. Mind her own business\nD. Escalate to senior management\n\nANS: D. Sarah should immediately escalate this to senior leadership in\naccordance with the organization’s policies and procedures. This\nwould be the ethical response to this situation.\n\n\n\n\n\n\n\n\n16. Jane is a security administrator setting up access for a new employee\nwho works in the manufacturing department. Jane makes sure to\nenable the employee’s access for the manufacturing area but not for\nthe parts storage area. What best describes the principle Jane is\napplying?\nA. Principle of authentication\nB. Two-person rule\nC. Need to know\nD. Least privilege\n\nANS: D. Least privilege is the most correct answer. By giving the\nemployee access to the area the employee requires access to but no\nmore, Jane is applying the principle of least privilege.\n\n17. Which statement best describes the relationship between subjects,\nobjects, and rules?\nA. A subject grants access to an object based on rules.\nB. An object is granted access to a subject based on rules.\nC. A subject is granted access to an object based on rules.\nD. An object is granted access to a subject based on credentials.\n\nANS: C. After first requesting access, a subject gets access to an object\nbased on rules.\n\n18. Credentials are composed of which of the following elements?\nA. Username and password\nB. Authorization and accountability\nC. Something you know and something you have\nD. Subjects and objects\n\nANS: A. Identification (commonly a username, ID, or account number)\nand authentication (commonly a password, PIN, or token) are\ntypically used in combination and are called credentials.\n\n19. Joe has to log in to many systems on a daily basis and has too many\npasswords to remember. What is the best way for Joe to manage his\npasswords?\nA. Write the passwords down on a piece of paper.\nB. Store the passwords in a text file and store it in a safe place.\nC. Use the same password for every system so he only has to\nremember one password.\nD. Use a password manager or password vault software.\n\nANS: D. The best answer is to use a password manager or password vault\nsoftware to manage passwords. These products require credentials to\nlog in and protect the passwords with encryption and good access\ncontrol. None of the other answers provide a secure solution.\n\n20. Debby has been an employee of Acme Corp. for over 20 years.\nDuring that time, she has been able to access more and more systems.\nNow she has access to systems she doesn’t even need access to in\norder to do her job. This is an example of what type of situation?\nA. Privilege modification\nB. Access management\nC. Privileged access management\nD. Privilege creep\n\nANS: D. The situation described is an example of privilege creep, where\nover time a person’s access increases beyond that which they require\nto do their job.\n\n21. The identity and access management lifecycle consists of which\nsteps?\nA. Provisioning, review, revocation\nB. Setup, review, auditing\nC. Creation, monitoring, termination\nD. Identification, authentication, authorization\n\nANS: A. The identity and access management lifecycle consists of\nprovisioning, review, and revocation steps.\n\n22. Which of the following access control models leverages roles to\nprovision access, where users with similar access needs are assigned\nto the same role?\nA. DAC\nB. MAC\nC. RBAC\nD. None of the above\n\nANS: C. Role-based access control (RBAC) enforces access based on roles\nthat define permissions and the level of access provided to any user\nassigned to that role. Roles are typically developed for similar users\nwith the same access needs (e.g., HR, Sales, IT, Security).\n\n23. An organization is concerned about the risk of a car driving from the\nparking lot through the entrance of the building. Which of the\nfollowing security measures would best help address this concern?\nA. Biometrics\nB. RBAC\nC. Badge system\nD. Bollards\n\nANS: D. Bollards are pillars or spheres made out of hard material used to\nprevent vehicles from driving through entrances. Biometrics and\nbadge systems are measures to implement physical access control\nbut would not prevent a car from driving through the entrance.\nRBAC is an access control model.\n\n24. The security team is reviewing the configuration of the door that\nserves as the only entrance or exit to the datacenter. Organization\npersonnel commonly access the datacenter to perform their work. In\nthe event of a fire that impacts power to the door-locking mechanism,\nwhich of the following configurations is best?\nA. The door should always remain locked.\nB. The door should fail-secure.\nC. The door should fail-open.\nD. The door should automatically lock when there is no power.\n\nANS: C. The door should fail-open (also known as fail-safe). While this is\na less secure option, it ensures the preservation of human life, which\nis the number-one priority.\n\n25. The security team of an organization is concerned about the physical\nsecurity of datacenter access. They want the datacenter entrance built\nin such a way that there are two doors with locks and the first door\nmust close before the next door can be unlocked. Which of the\nfollowing is this an example of?\nA. Bollard\nB. Mantrap\nC. Fence\nD. Biometric \n\nANS: B. A mantrap is an area that has two doors built in such a way that\nthe first door must be closed before the second door can be opened.\n\n26. Which of the following access control models allows the creator of a\nresource the ability to assign permissions to other users?\nA. DAC\nB. MAC\nC. RBAC\nD. None of the above\n\nANS: A. Discretionary access control (DAC) provides the owner of the\nresource, typically the creator, full control to configure which users\ncan access the resource.\n\n\n27. Which of the following is referred to as a physical address in\ncomputer networking?\nA. IPv4 address\nB. IPv6 address\nC. MAC address\nD. Loopback address\n\nANS: C. Media access control (MAC) addresses are often referred to as a\nphysical address or hardware address since they are assigned to the\ndevice’s physical hardware. Internet Protocol (IP) addresses are\nknown as logical addresses. A loopback address is a special type of\nIP address.\n\n28. How many layers are there in the OSI model?\nA. 8\nB. 7\nC. 6\nD. 5\n\nANS: B. There are seven layers in the OSI model. These Include\nApplication, Presentation, Session, Transport, Network, Data, and\nPhysical.\n\n29. Which of the following terms best describes a computer that provides\ncontent to other computers such as a website or an application?\nA. Client\nB. Server\nC. Endpoint\nD. Router\n\nANS: B. Server is a term that describes a computer that serves content or\nprovides a service to another computer on a network. A client is a\ncomputer that accesses or uses the content or service provided by the\nserver. An endpoint is a computing device on a network, which\ncould include a server but is not the best answer. A router is a\nnetwork device that routes traffic on a network.\n\n30. What is the name of the seventh layer of the OSI model?\nA. Application\nB. Session\nC. Presentation\nD. Network\n\nANS: A. The Application Layer is Layer 7 (the uppermost layer) of the\nOSI model. The order of the layers from top (Layer 7) to bottom\n(Layer 1) are Application, Presentation, Session, Transport,\nNetwork, Data Link, and Physical.\n\n31. Which of the following attacks are most likely to be carried out by a\nbotnet?\nA. Advanced persistent threat attack\nB. DDoS attack\nC. Trojan horse attack\nD. Backdoor attack\n\nANS: B. A botnet is a group of computers under the control of an attacker,\nmost often for a coordinated attacker such as a DDoS attack.\nAdvanced persistent threat and backdoors are not specific types of\nattacks, but rather features of attacks. A trojan horse is a type of\nattack but unlikely to be carried out by a botnet.\n\n32. What is the best description of the difference between a phishing email and a spear phishing e-mail?\nA. A phishing e-mail is sent to a specific person; a spear phishing email is sent to an entire company.\nB. A phishing e-mail is sent to random recipients; a spear phishing email is sent to specific recipients.\nC. A phishing e-mail is sent to an entire company; a spear phishing\ne-mail is sent to a specific person.\nD. A spear phishing e-mail is sent to random recipients; a phishing email is sent to specific recipients.\n\nANS: A phishing e-mail is sent to random recipients; a spear phishing email is sent to specific recipients. A phishing e-mail is literally like\ngoing fishing—you cast a wide net randomly and you see what you\nget. Conversely spear phishing is literally like spearfishing—you\nhave a specific target in mind, and you shoot the spear directly at it.\nA spear phishing e-mail is sent to a specific person or specific people\nor an organization.\n\n33. Which of the following is not a true statement about a worm?\nA. It can replicate itself.\nB. It is a type of malware.\nC. It is a type of botnet.\nD. It does not require a host program to infect and deliver it to the\nvictim system.\n\nANS: C. A worm is not a type of botnet. A worm can replicate itself and is\na type of malware, but since it isn’t a virus, it does not require a host\nprogram to infect and serve as the delivery mechanism.\n\n34. A rainbow table attack seeks to mitigate the limitations of dictionary\nor brute force attacks by precomputing the hash of passwords and\nstoring them for later comparison.\nA. True\nB. False\n\nANS: A. The answer is true. Dictionary and brute force attacks take a lot of\nprocessing time and resources, whereas rainbow table attacks do the\nprocessing ahead of time and store the hashes in a table or database.\n\n35. What is the primary difference between an IDS and an IPS?\nA. They both do the same thing.\nB. An IDS detects malicious activity, whereas an IPS prevents the\nactivity from happening in the first place.\nC. An IDS detects malicious activity, whereas an IPS monitors\nsystem performance.\nD. An IDS detects malicious activity, whereas an IPS detects\nmalicious activity and takes action on it.\n\nANS: D. An IDS, which stands for intrusion detection system, detects\nmalicious activity, whereas an IPS, which stands for intrusion\nprevention system, detects malicious activity and takes action on it.\n\n36. Joe is a cyber criminal who has targeted a web server for a potential\ncyberattack. Joe wants to know if the server has any unpatched\nvulnerabilities he might be able to exploit. Which of the following\nactions is Joe most likely to take?\nA. Launch a smurf attack against the target server.\nB. Run a vulnerability scan against the target server.\nC. Send a phishing e-mail to the target server.\nD. Send a spear phishing e-mail to the target server.\n\nANS: B. The answer is to run a vulnerability scan, as that is the only one of\nthe choices that will reveal vulnerabilities on the server.\n\n37. __________________ is a method of attack where a hacker enters\nSQL commands into fields on a vulnerable web page. The commands\nare executed without proper authorization.\nA. Buffer overflow\nB. SQL injection\nC. HTTP response splitting\nD. Backdoor\n\nANS: B. If a web server software does not properly check the data input by\nthe user, it could allow an attacker to put SQL commands in the\nfield, which are then executed by the SQL database without proper\nauthorization. This is called a SQL injection attack.\n\n38. Most cyber criminals would agree that _________________ are the\nweakest link in cybersecurity.\nA. Passwords\nB. Backdoors\nC. Laws\nD. People\n\nANS: D. It is widely acknowledged that people are the weakest link in\ncybersecurity. Despite extensive progress in technical tools and\ncontrols, deliberate or accidental acts by people lead to the largest\nnumber of and most damaging security breaches.\n\n39. A hacker uses a phishing attack to obtain a user’s credentials, access\ntheir company’s database, and steal proprietary information. This is an\nexample of _______________.\nA. Denial of service\nB. Advanced persistent threat\nC. Extortion\nD. Data exfiltration\n\nANS: D. The correct answer is data exfiltration, which is the unauthorized\ntransfer of data from a computer or network.\n\n40. A sophisticated cyber criminal gains access to a financial institution’s\ne-mail server, installs malware, and then over a period of weeks,\nmoves to other servers and systems on the company’s network,\ninstalling other malware and tools, finding other credentials, stealing\ndata, and scrubbing logs to cover her tracks. Which term best\ndescribes this type of activity?\nA. Denial of service attack\nB. Advanced persistent threat attack\nC. Extortion attack\nD. Website defacement attack\n\nANS: B. During an advanced persistent threat attack, there is a\nsophisticated cyber criminal seeking to expand the attack over time,\nprobing the network, finding more systems with vulnerabilities,\nexploiting them, and gaining unauthorized access to more and more\nsystems and data, all the while doing things to cover their tracks.\n\n41. Mary is a network engineer who wants to install a firewall in front of\na database server to hide its IP address. What type of firewall should\nMary choose?\nA. Proxy\nB. Packet filter\nC. Stateful/dynamic packet filter\nD. Database filter\n\nANS: A. A proxy firewall impersonates the system at the other end of the\nconnection and hides the IP address of the devices within the\nnetwork it is protecting.\n\n42. Antivirus software vendors use ______________ to keep up with the\nlatest information about viruses and threats.\nA. Google\nB. National Vulnerability Database\nC. Threat intelligence\nD. National Security Agency\n\nANS: C. Organizations and product vendors use threat intelligence from a\nvariety of sources. By collecting and studying data about threats,\nvendors can prepare for and defend against them.\n\n43. When leveraging a third-party cloud service provider, which of the\nfollowing is always the responsibility of the provider?\nA. Data security\nB. Physical security of the datacenter\nC. Identity and access management controls\nD. Endpoint protection\n\nANS: B. Physical security of the datacenter is always the responsibility of\nthe cloud service provider.\n\n44. An organization is utilizing a public cloud from a cloud service whose\nservice offering allows the organization to use a framework to build\nand deploy custom applications. Which of the following cloud service\nmodels is being utilized?\nA. IaaS\nB. PaaS\nC. SaaS\nD. On-premises\nANS: B. Platform as a service (PaaS) provides cloud service customers\nwith development or application platforms to build and deploy\napplications.\n\n45. An organization is using a cloud service provider to host their\ninfrastructure. The cloud service provider manages the underlying\ninfrastructure, and the organization manages the platforms and\nsoftware (such as the OS, development tools, and applications).\nWhich of the following cloud service models is being utilized?\nA. IaaS\nB. PaaS\nC. SaaS\nD. On-premises\n\nANS: A. Infrastructure as a service (IaaS) provides customers with access\nto a pool of infrastructure resources such as network, server, and\nstorage resources that can be virtually provisioned. The cloud service\nprovider manages the underlying physical infrastructure, and the\ncloud service customer manages the platforms and software (such as\nOS, development tools, and applications) that run on the\ninfrastructure.\n\n46. An organization has built out a cloud environment in their own\ndatacenter for exclusive use by their employees to allow other teams\nto provision and manage virtual resources. Which of the following\ncloud deployment models is this an example of?\nA. Public\nB. Private\nC. Community\nD. Hybrid\nANS: B. A private cloud deployment model consists of computing\ninfrastructure and resources that are dedicated for use by a single\norganization.\n\n47. An organization is hosting applications in a private cloud environment\nand also making use of Amazon Web Services (AWS) to load-balance\nthe traffic for applications if there is a spike in demand. Which of the\nfollowing cloud deployment models is this an example of?\nA. Public\nB. Private\nC. Community\nD. Hybrid\n\nANS: D. A hybrid cloud deployment model is a mix of the other models\n(such as a public and private model).\n\n48. An organization is utilizing Google Mail (Gmail) as their e-mail\nservice provider. Which of the following types of cloud service\nmodels is being utilized?\nA. SaaS\nB. PaaS\nC. IaaS\nD. On-premises\n\nANS: A. Software as a service (SaaS) provides customers with access to an\napplication hosted by the cloud service provider (such as an e-mail\nservice).\n\n\n49. Alice sends Bob a message encrypted with a private key. Bob\ndecrypts the message with the same private key. Which of the\nfollowing types of encryption is this an example of?\nA. Asymmetric\nB. Symmetric\nC. Hashing\nD. None of the above\n\nANS: B. Symmetric encryption uses the same key for encryption and\ndecryption. This means that the sender and receiver of a message\nneed to have a copy of the same key in order to encrypt/decrypt the\nmessage.\n\n50. Which of the following is not a secure method of data deletion?\nA. Emptying the recycle bin on your computer desktop\nB. Physical destruction of a hard drive\nC. Zeroization\nD. Overwriting\n\nANS: A. Pressing the delete key on a computer and emptying the recycle\nbin on your desktop are not secure methods of data destruction, as\nthe data is not actually securely deleted from the hard drive. These\nactions simply tell the operating system that the location on the hard\ndrive is free for use.\n\n51. Which of the following can be used to create message digests?\nA. Symmetric encryption algorithms\nB. Asymmetric encryption algorithms\nC. Hash functions\nD. All of the above\n\nANS: C. Hash functions transform information into fixed-length output\nknown as a hash value, message digest, or fingerprint.\n\n52. A security administrator is looking for ways to automate the\nmonitoring of logs throughout the environment. Which of the\nfollowing solutions would help provide automated monitoring\ncapability?\nA. Regularly review the logs\nB. Store the logs on a centralized log server\nC. Implement a SIEM\nD. Implement a firewall\n\nANS: C. Implementing a security information and event management\n(SIEM) system is one example of how an organization can\nimplement automated monitoring. A SIEM system is a tool that\ningests logs from various sources, serves as a central secure log\nrepository, and contains rules that alert on suspicious events\nidentified in logs.\n\n53. Which of the following types of encryption uses two keys: one for\nencryption and a separate key for decryption?\nA. Asymmetric\nB. Symmetric\nC. Hashing\nD. None of the above\n\nANS: A. Asymmetric encryption uses two keys: a public key (for\nencryption) and a private key (for decryption).\n\n54. As the new CISO of his organization, Joe decided to initiate a\ncomprehensive set of scans. The scans reported that nearly all of his\nendpoints have known operating system vulnerabilities. What is the\nmost likely root cause of this situation?\nA. The organization is the victim of an advanced persistent threat.\nB. The endpoints do not have up-to-date antimalware software\ninstalled.\nC. The endpoints have not been kept up-to-date with the latest\nsecurity patches.\nD. Brute force attack.\n\nANS: C. The most likely reason endpoints have known operating system\nvulnerabilities is they do not have the latest patches installed from\nthe vendors. Poorly configured antimalware software or a brute force\nattack would not cause this, and an APT might be the result of this\nsituation but not the cause of it.\n\n55. A network administrator found that one of the firewalls was no longer\nconfigured in accordance with recommended settings from DISA as it\nonce was. What is the most likely reason for this?\nA. The settings from DISA were incorrect.\nB. Configuration management procedures for the device were not\nfollowed.\nC. Privilege creep.\nD. Data integrity.\n\nANS: B. The best answer is that it is most likely that someone changed a\nsetting without the proper approval and documentation; therefore,\nCM procedures were not followed.\n\n56. Mary isn’t sure if she is allowed to use her company-owned laptop to\nsend messages to her friend on Facebook. To find out if she can,\nwhich policy should she refer to?\nA. AUP\nB. BYOD policy\nC. Data handling policy\nD. None of the above\n\nANS: A. Of the choices provided, the AUP is the one most likely to\nprovide guidance concerning whether or not Mary can use the\ncompany-owned laptop for nonbusiness use.\n\n57. Of the policies listed, which one is most likely to provide guidance on\nconnecting a home computer to the work network via VPN?\nA. AUP\nB. BYOD\nC. Data handling policy\nD. None of the above\n\nANS: B. Of the choices provided, the BYOD policy is the best choice. The\nBYOD policy is used by organizations that want to allow their\nemployees to use their personally owned devices to connect to the\ncorporate network.\n\n58. An employee notices a poster in the lunchroom reminding her about\nnot writing down her passwords but instead to use the companyprovided password vault software. What is this an example of?\nA. Security awareness\nB. Security training\nC. Security policy\nD. Security testing\nANS: A. The use of posters and reminders in the workplace is an example\nof security awareness.\n\n59. What is the best reason to provide social engineering training to\nemployees?\nA. To show people how to perform a social engineering attack\nB. So employees can report security violations to management\nC. To teach people what to look out for\nD. None of the above\n\nANS: C. The correct answer is to show people what kinds of things they\nshould look out for as a way to defend against social engineering\nattacks.\n\n\n60. During which phase of the incident response process is the incident\nresponse plan developed and documented?\nA. Preparation\nB. Containment, eradication, and recovery\nC. Detection and analysis\nD. Post-incident activity\n\nANS: A. The incident response plan is developed and documented during\nthe preparation phase of the incident response process.\n\n61. During which phase of the incident response process does the lessonslearned assessment take place?\nA. Detection and analysis\nB. Containment, eradication, and recovery\nC. Preparation\nD. Post-incident activity\n\nANS: D. The lessons-learned assessment occurs during the post-incident\nactivity phase of the incident response process.\n\n62. A security analyst is reviewing log files from a system to determine if\na security incident has occurred. This is an example of an activity that\ntakes place in which of the following incident response process\nphases?\nA. Containment, eradication, and recovery\nB. Detection and analysis\nC. Preparation\nD. Post-incident activity\n\nANS: B. Reviewing logs to determine if a security incident has occurred is\nan example of an activity that takes place in the detection and\nanalysis phase of the incident response process.\n\n63. In which phase of the incident response process would a security\nanalyst recover a system from a backup?\nA. Preparation\nB. Detection and analysis\nC. Post-incident activity\nD. Containment, eradication, and recovery\n\nANS: D. Recovering a system from backup would take place during the\ncontainment, eradication, and recovery phase of the incident\nresponse process.\n\n64. What phase comes after the detection and analysis phase in the\nincident response process?\nA. Containment, eradication, and recovery.\nB. Preparation.\nC. Post-incident activity.\nD. Detection and analysis is the last phase of the process.\n\nANS: A. The containment, eradication, and recovery phase comes after the\ndetection and analysis phase of the incident response process. The\nprocess steps are Preparation -> Detection and Analysis ->\nContainment, Eradication, and Recovery -> Post-Incident Activity.\n\n65. Carol is tasked with creating a business continuity plan for her\norganization. What should she do to determine which of her\norganization’s business functions should be restored in the event of an\nincident?\nA. Conduct a risk assessment.\nB. Interview key stakeholders throughout the organization.\nC. Calculate the MTD for each business function.\nD. Conduct a business impact analysis.\n\nANS: D. The purpose of a business impact analysis is to determine which\nbusiness functions should be restored after an incident.\n\n67. Of the following which is the most likely reason(s) a business\ncontinuity program might fail?\nA. Failure to test the plan and procedures\nB. Failure to document activation procedures\nC. Failure to address the threats the organization is most likely to\nface\nD. All of the above\n\nANS: D. Failure to test the plan and procedures, document activation\nprocedures, and address likely threats are all reasons the business\ncontinuity program may fail.\n\n68. Alice is responsible for designing her organization’s datacenter to\nprovide resiliency in the event of a disaster. If a disaster occurs, she\nwants to have the new datacenter up and running within a few days,\nbut she does not want to incur the cost of building a full datacenter\nwith all equipment fully installed and configured. Which of the\nfollowing options is the best choice for her situation?\nA. Hot site\nB. Warm site\nC. Cold site\nD. Tertiary site\n\nANS: B. A warm site is a facility that is configured with equipment\nsuitable for supporting IT operations but without the computing\nequipment itself. The warm site has power, HVAC, physical\ninfrastructure, and possibly telecommunications and peripheral\nequipment.\n\n69. Which of the following is the best example of a hot site?\nA. A facility that is configured with equipment suitable for supporting IT operations but without the computing equipment itself\nB. A facility that is configured with equipment suitable for supporting IT operations and has the computing equipment installed and\nconfigured\nC. A facility that is configured with equipment suitable for supporting IT operations and has the computing equipment installed but not\nconfigured\nD. A facility that is configured with equipment suitable for supporting IT operations and has the computing equipment installed and configured, but the equipment is not powered on\n\nANS: B. A hot site is a facility that is configured with equipment suitable\nfor supporting IT operations and has the computing equipment\n\n70. Which of the following is the best example of a cold site?\nA. A facility that is configured with equipment suitable for supporting IT operations but without the computing equipment itself\nB. A facility that is configured with equipment suitable for supporting IT operations and has the computing equipment installed and configured\nC. A facility that is configured with equipment suitable for supporting IT operations and has the computing equipment installed but not\nconfigured\nD. A facility that is configured with equipment suitable for supporting IT operations and has the computing equipment installed and configured, but the equipment is not powered on\n\nANS: A. A cold site is a facility that is configured with equipment suitable"
  },
  {
    "path": "Exam-voucher.md",
    "content": "\n## Free Voucher\n1. Goto: https://www.isc2.org/register-for-exam \n2. Select CC Exam\n3. Give All the details\n4. Use the code: **CC1M12312024** to get the exam for free on checkout page"
  },
  {
    "path": "Most essential topics.md",
    "content": "### Know These Essential Topics:\n\n- ISC2 Code of Ethics 4 Canons\n- CIA triad, IAAA, privacy, non-repudiation, and what attacks/controls are associated with each.\n\n- Know authentication types and what is associated with them. 1- Something you know, 2- Something you have, 3- Something you are. Know MFA and what authentication methods count as MFA (should be two or more distinct types of authentication)\n- Governance: Regulations, Standards, Policies, Procedures, Guidelines. Know what is mandatory and not. Know who creates what. Know PII, PHI, HIPAA, PCI-DSS, and GDPR.\n- Know ciphertext & plaintext, hashing, digital signatures, symmetric/asymmetric encryption, and public/private keys.\n\n- All types of cyberattacks (watch professor messer sec+ videos for this). Know which part(s) of the CIA triad is compromised in the attacks. Know social engineering (phishing, spear phishing, whaling, smishing, vishing).\n- Defense in Depth, Segregation of Duties, Least Privilege\n- Access Controls (DAC, MAC, RBAC, ABAC) and their advantages/disadvantages\n- Administrative, Technical, and especially your Physical controls.\n- Preventative, Corrective, Detective, Detterent, Recovery, and Compensating control types\n\n\n- Network Devices (Router, Switch, Firewall, IPS/IDS, NIDS/HIDS, SIEM/SOAR, CASB, VLAN, VPN, DMZ, NAC, Client, Server, etc.). Know IPV4 vs IPV6. Know to segment and isolate vulnerable IoT devices and what is microsegmentation.\n- Memorize OSI Model, how many layers, and what protocols/devices are in each layer. Know what data is called in different layers (bits, frames, packets, segments). Know TCP/IP as well.\n- IR (especially the steps), BCP, DRP what their purpose is, and what is in each of these. Know risk identification, assessment, and treatment (avoid, mitigate, transfer, accept).\n- Hardening and Configuration Management, Patch Management, Change Management, and components in each.\n\n- AUP, Password Policy, BYOD\n- Data Lifecycle and Destruction methods. Know classification vs labeling. Data retention.\n- Cloud models (IAAS, PAAS, SAAS), Cloud characteristics. Know what is a Public, Private, Hybrid, and Community cloud. Know what is an MSP. Know MOU/MOA and SLA.\n- Hot, Warm, Cold, Sites. Data backup types (full, differential incremental), and how to create redundancy.\n- Know the difference between environmental, natural, and manmade.\n\nHope this helped you out and good luck!"
  },
  {
    "path": "README.md",
    "content": "# ISC2-CC-Study-Material-Dump-Questions\n\n## Introduction\n\nThe content in this repo is based on the self-paced course called Certified in Cybersecurity from (ISC)2, which is a preparation for (ISC)2 Certified in Cybersecurity.\n\nIn this entry-level cybersecurity certification, the domains included are: Security Principles, Business Continuity, Disaster Recovery & Incident Response Concepts, Access Controls Concepts, Network Security and Security Operations.\n\nThis Official (ISC)² Certified in Cybersecurity (CC) self-paced course provides a comprehensive review of information systems security concepts, industry best practices and terminology. The goal of this content is to provide students with the core knowledge necessary to be a successful entry-level cybersecurity practitioner in today’s world and review concepts outlined in the Official (ISC)² Certified in Cybersecurity (CC) Exam Outline.\n\n## Step By Step to prepare for ISC2 CC exam\n1. Start The ISC2 CC course\n2. Read the Resources by ISC2\n3. Check the notes and other resources in this repo\n4. Try the dump questions\n5. Go to exam hall :)\n\n\n\n\n## Repo objectives\n\n1. Discuss the foundational concepts of cybersecurity principles. \n2. Recognize foundational security concepts of information assurance. \n3. Define risk management terminology and summarize the process. \n4. Relate risk management to personal or professional practices. \n5. Classify types of security controls. \n6. Distinguish between policies, procedures, standards, regulations and laws. \n7. Demonstrate the relationship among governance elements. \n8. Analyze appropriate outcomes according to the canons of the (ISC)² Code of Ethics when given examples. \n9. Practice the terminology of and review security policies. \n10. Explain how organizations respond to, recover from and continue to operate during unplanned disruptions. \n11. Recall the terms and components of incident response. \n12. Summarize the components of a business continuity plan. \n13. Identify the components of disaster recovery. \n14. Practice the terminology and review concepts of business continuity, disaster recovery and incident response. \n15. Select access controls that are appropriate in a given scenario. \n16. Relate access control concepts and processes to given scenarios. \n17. Compare various physical access controls. \n18. Describe logical access controls. \n19. Practice the terminology and review concepts of access controls. \n20. Explain the concepts of network security. \n21. Recognize common networking terms and models. \n22. Identify common protocols and port and their secure counterparts. \n23. Identify types of network (cyber) threats and attacks. \n24. Discuss common tools used to identify and prevent threats. \n25. Identify common data center terminology. \n26. Recognize common cloud service terminology. \n27. Identify secure network design terminology. \n28. Practice the terminology and review concepts of network security. \n29. Explain concepts of security operations. \n30. Discuss data handling best practices. \n31. Identify key concepts of logging and monitoring. \n32. Summarize the different types of encryption and their common uses. \n33. Describe the concepts of configuration management. \n34. Explain the application of common security policies. \n35. Discuss the importance of security awareness training. \n36. Practice the terminology and review concepts of network operations.\n\n\n\n\n## Keywords:\nISC2, CC, ISC2 CC Dump, ISC2 CC Dump Questionk, ISC2 Questions, Cybersecurity, Security, Principles, Business Continuity, Disaster Recovery, Incident Response, Access Controls, Network Security, Security Operations"
  },
  {
    "path": "Suggested Another Course.md",
    "content": "### Suggested Another Course\n\n- https://quizlet.com/user/carla_jenkins3/folders/isc2-certified-in-cybersecurity/sets"
  },
  {
    "path": "Suggested Youtube Playlist.md",
    "content": "## Free Youtube Playlist\n\n1. https://www.youtube.com/playlist?list=PL0hT6hgexlYw-k6GxQf_DIAPdc96T2MP-\n2. https://www.youtube.com/playlist?list=PLKbf3fxddlUHuoUGGOSe1onIObJDfpSbF\n\n"
  },
  {
    "path": "practice_exam.md",
    "content": "### Practice Exam You can take the practice exam at:\n\nhttps://certpreps.com/cc/"
  }
]