ISC2 CC - Certified in Cybersecurity (CC) Certification Exam
Question #6 (Topic: Demo Questions)
What is the purpose of the post-incident phase?
Correct Answer: C
Explanation:
The post-incident phase focuses on documenting lessons learned, improving controls, and preventing recurrence.
Question #7 (Topic: Demo Questions)
Which OSI layer is the primary target of a buffer overflow attack?
Correct Answer: A
Explanation:
Buffer overflow attacks target applications, exploiting improper memory handling. Applications operate atLayer 7 (Application Layer), making it the primary target.
Question #8 (Topic: Demo Questions)
What is an IPSec replay attack?
Correct Answer: D
Explanation:
An IPSec replay attack occurs when an attacker captures legitimate encrypted packets and attempts to retransmit (replay) them to gain unauthorized access or disrupt communication. The attacker does not need to decrypt the packets; instead, they rely on resending previously valid packets within an existing session.
Without proper protections, replayed packets could be accepted as valid, allowing attackers to impersonate legitimate users or repeat sensitive actions. IPSec defends against replay attacks usingsequence numbers and sliding windows, which ensure packets are processed only once and in the correct order.
Packet modification, eavesdropping, and traffic flooding are different attack types and are not specifically replay attacks. Replay attacks are particularly dangerous in authentication and session-based protocols, which is why anti-replay protection is a mandatory IPSec feature defined by the IETF.
Question #9 (Topic: Demo Questions)
How often should an organization test its BCP?
Correct Answer: C
Explanation:
BCPs should be testedroutinely(e.g., tabletop, simulations) to ensure readiness and relevance.
Question #10 (Topic: Demo Questions)
When is the Business Continuity Plan (BCP) enacted?
Correct Answer: C
Explanation: