C Certs Club
Home
Oracle SAP Microsoft Cisco CompTIA Fortinet Salesforce Nutanix Linux Foundation Amazon View All Vendors →
Login Register

ISC2 CC - Certified in Cybersecurity (CC) Certification Exam

Download Exam View Entire Exam
Page: 2 / 2
Question #6 (Topic: Demo Questions)

What is the purpose of the post-incident phase?

A.
Detection and analysis
B.
Preparation
C.
Lessons learned and improvement
D.
Containment and eradication
Correct Answer: C
Explanation:
The post-incident phase focuses on documenting lessons learned, improving controls, and preventing recurrence.
Question #7 (Topic: Demo Questions)

Which OSI layer is the primary target of a buffer overflow attack?

A.
Layer 7
B.
Layer 3
C.
Layer 5
D.
Layer 4
Correct Answer: A
Explanation:
Buffer overflow attacks target applications, exploiting improper memory handling. Applications operate atLayer 7 (Application Layer), making it the primary target.
Question #8 (Topic: Demo Questions)

What is an IPSec replay attack?

A.
An attack where an attacker modifies packets in transit
B.
An attack where an attacker eavesdrops on network traffic
C.
An attack where an attacker overloads a network with traffic
D.
An attack where an attacker attempts to inject packets in an existing session
Correct Answer: D
Explanation:
An IPSec replay attack occurs when an attacker captures legitimate encrypted packets and attempts to retransmit (replay) them to gain unauthorized access or disrupt communication. The attacker does not need to decrypt the packets; instead, they rely on resending previously valid packets within an existing session.
Without proper protections, replayed packets could be accepted as valid, allowing attackers to impersonate legitimate users or repeat sensitive actions. IPSec defends against replay attacks usingsequence numbers and sliding windows, which ensure packets are processed only once and in the correct order.
Packet modification, eavesdropping, and traffic flooding are different attack types and are not specifically replay attacks. Replay attacks are particularly dangerous in authentication and session-based protocols, which is why anti-replay protection is a mandatory IPSec feature defined by the IETF.
Question #9 (Topic: Demo Questions)

How often should an organization test its BCP?

A.
Continually
B.
Annually
C.
Routinely
D.
Daily
Correct Answer: C
Explanation:
BCPs should be testedroutinely(e.g., tabletop, simulations) to ensure readiness and relevance.
Question #10 (Topic: Demo Questions)

When is the Business Continuity Plan (BCP) enacted?

A.
When there is an event
B.
When there is an incident
C.
When there is a loss of business operations
D.
When there is a natural disaster
Correct Answer: C
Explanation:
A Business Continuity Plan is enacted when an organization experiences aloss or disruption of critical business operations. The goal of BCP is to ensure that essential business functions continue or are quickly restored, regardless of the cause of the disruption.
While events, incidents, or natural disasters may trigger disruptions, BCP activation is based on impact to operations, not the type of event itself. BCP focuses on people, processes, facilities, and third parties not just IT systems.
Download Exam
« Prev Page: 2 / 2
Next Page