ISC2 CC — Certified in Cybersecurity · Difficulty

Easy CC practice questions

Direct recall — confirm you know the core facts and definitions. 28 easy questions available — no sign-up, always free.

Question 1 of 25

A new employee is going through onboarding and receives a document that outlines what activities are permitted when using the company's computers, email, and internet connection, along with the consequences for misuse. Which type of policy is the employee reviewing?

Reviewed for accuracy · Report an issue
Question 2 of 25

An employee logs into the corporate VPN by entering a password and then typing a six-digit code displayed on a physical key fob issued by the company. The security team wants to classify each element used during this login. How should the physical key fob be categorized?

Reviewed for accuracy · Report an issue
Question 3 of 25

A company allows employees to use their own smartphones and tablets to access corporate email and applications. Management is concerned about protecting company data on these personal devices. Which policy should the organization implement to define the security requirements and responsibilities for using personally owned devices for work?

Reviewed for accuracy · Report an issue
Question 4 of 25

A retail company's public website suddenly becomes unreachable. Monitoring shows the web servers are receiving an overwhelming volume of traffic from thousands of different IP addresses across the globe, consuming all available bandwidth and connection capacity so legitimate customers cannot load the site. What type of attack is most likely occurring?

Reviewed for accuracy · Report an issue
Question 5 of 25

A network administrator is troubleshooting name-resolution failures on a workstation. Using a packet capture tool, she notices the workstation's DNS lookup requests are being sent to the resolver. Which transport protocol and default port are typically used for these standard DNS query requests?

Reviewed for accuracy · Report an issue
Question 6 of 25

A sales representative loses a company laptop on a train. The laptop's entire drive was protected with full-disk encryption, and no data was accessible to whoever finds it. Which element of the CIA triad did the encryption primarily preserve in this incident?

Reviewed for accuracy · Report an issue
Question 7 of 25

A company installs a network firewall that automatically inspects and blocks malicious inbound traffic based on configured rules. When categorizing this safeguard for a risk assessment report, which type of security control does the firewall represent?

Reviewed for accuracy · Report an issue
Question 8 of 25

A network technician is reviewing firewall logs and notices inbound connection attempts to TCP port 21 on a server that hosts file transfers. Which protocol is most likely being used on this port?

Reviewed for accuracy · Report an issue
Question 9 of 25

A systems administrator downloads a firmware update and wants to confirm the file was not altered during transfer. The vendor publishes a SHA-256 value alongside the download. After downloading, the administrator computes the SHA-256 of the local file and compares it to the published value. What security goal does this process primarily support?

Reviewed for accuracy · Report an issue
Question 10 of 25

A network administrator is configuring firewall rules for a company's public-facing web server that must serve encrypted web pages to customers over the internet. Which port must the administrator allow through the firewall to permit this encrypted web traffic?

Reviewed for accuracy · Report an issue
Question 11 of 25

A network administrator is documenting the addressing scheme for a new office. The organization is migrating from IPv4 to IPv6 to support address exhaustion concerns. When explaining the difference to junior staff, what is the correct address length of an IPv6 address?

Reviewed for accuracy · Report an issue
Question 12 of 25

A network engineer is planning a migration from IPv4 to IPv6 for a growing organization. Management asks what the primary driver was for developing IPv6 in the first place. Which answer best explains the fundamental reason IPv6 was created?

Reviewed for accuracy · Report an issue
Question 13 of 25

A network technician cannot reach a remote server and wants to confirm basic reachability and measure round-trip response time before escalating the issue. Which protocol is most directly used by the ping utility to perform this test?

Reviewed for accuracy · Report an issue
Question 14 of 25

A network technician is documenting the devices on the company LAN. She needs to identify the device that forwards traffic between hosts on the same local network by reading the destination hardware (MAC) address in each frame. At which OSI layer does this device primarily operate?

Reviewed for accuracy · Report an issue
Question 15 of 25

A network engineer is documenting where each device operates in the OSI model. She notes that the office router makes forwarding decisions based on IP addresses to route packets between different networks. At which OSI layer does the router primarily operate when performing this function?

Reviewed for accuracy · Report an issue
Question 16 of 25

A warehouse installs infrared motion sensors in a storage area that should be empty after business hours. One night the sensors trigger an alert to the monitoring station, and security staff respond to investigate. Within the physical access control model, what is the primary function this sensor is performing?

Reviewed for accuracy · Report an issue
Question 17 of 25

During a major sales event, an e-commerce company's checkout system becomes unreachable for two hours because the servers cannot handle the surge in customer traffic. Customer data was never exposed and no records were altered. Which element of the CIA triad was primarily affected by this incident?

Reviewed for accuracy · Report an issue
Question 18 of 25

A regional bank experiences frequent short power outages that briefly knock its online banking portal offline, frustrating customers who cannot access their accounts. The IT team installs an uninterruptible power supply (UPS) and a backup generator so the portal keeps running during outages. Which element of the CIA triad is this measure primarily protecting?

Reviewed for accuracy · Report an issue
Question 19 of 25

A new analyst named Priya is hired into the finance department. Before she logs in for the first time, an administrator configures the system so that Priya's account will be permitted to open and edit the quarterly-budget spreadsheet. In the access control model terminology, what role does Priya's user account play in this arrangement?

Reviewed for accuracy · Report an issue
Question 20 of 25

A systems administrator is preparing a newly provisioned Windows server for production. She disables unused services, removes default sample accounts, closes unnecessary ports, and applies a documented set of secure configuration settings before the server is connected to the network. What security operations practice is she performing?

Reviewed for accuracy · Report an issue
Question 21 of 25

A logistics company relies on a single internet connection for its web-based tracking portal. After a fiber cut left the portal unreachable for eight hours, management approves installing a second internet link from a different provider that automatically takes over if the primary fails. Which element of the CIA triad is this change primarily intended to protect?

Reviewed for accuracy · Report an issue
Question 22 of 25

A company posts a security guard at the main lobby entrance. When employees arrive, the guard visually compares each person's face to the photo on their access badge before allowing them through the turnstile. Which type of access control does the guard's activity primarily represent?

Reviewed for accuracy · Report an issue
Question 23 of 25

A finance department is disposing of boxes of printed customer account statements that are past their retention period. The records manager wants to ensure the physical documents cannot be reconstructed or read after disposal. Which method is the most appropriate for securely destroying these paper records?

Reviewed for accuracy · Report an issue
Question 24 of 25

A company requires employees to enter their password and then approve a push notification on their enrolled smartphone before logging in to the corporate portal. Which authentication factor does the smartphone push approval represent?

Reviewed for accuracy · Report an issue
Question 25 of 25

A network administrator is reviewing firewall rules for the company's outbound mail server. She needs to allow the server to transfer email messages to other mail servers across the internet. Which port and protocol should she permit for this server-to-server email transfer?

Reviewed for accuracy · Report an issue