Aaww, that's an incredible news. You made my day. Hearty congratulations on your success. Please share these sessions to whom ever you feel get benefited. We are releasing sessions for multiple other certifications too. Wish you all the best for your future endeavors. Stay tuned and have a blessed day.
This video has popped up in my suggestion list this AM. Even though I obtained my certification last month, I wanted to review the questions and answers. Certification Terminal deserves credit for compiling these Q&As. Going through these questions earlier would have made my journey easier. To other aspiring individuals, while the same questions may not appear in the real exam, it is important to focus on the technical explanations provided in this video and review the documentation before appearing to the exam. @CertificationTerminal, Thanks for adding value to others life and keep rocking..
Thank you so much for your kind words! 💖 I'm thrilled to hear that these Q&As useful to our journey. Your support means a lot to me. Please subscribe to our channel, share to whom ever it is needed and stay tuned for more great content
Congratulations on your successful completion of the ISC2 CC exam! We're thrilled that our practice questions are beneficial to you. Thank you for choosing us as a part of your journey to success. - Certification Terminal team
@@sairamsubu its some of my refresher bro. I used the selfphase of ISC2 and practice exam of Udemy. After I study, my refresher is these questions and very helpful.
You're welcome, Evita. Kindly explore more videos in this series and provide feedback if there are areas for improvement. Best of luck with your preparation and exam.
Hearty congratulations on your success @ashtapathyps. Thanks for you compliment. Request you to please suggest our playlists to whomsoever needed. Wish you all the best for your career.
I also have a question about Question 26: Which protocol is used for secure email communications...? I think it could be either SMTP or POP3 - SMTP pushes mail out and POP3 pulls mail in, and neither is inherently secure without SSL/TLS. Please help me understand why the correct answer is POP3? Thanks!
Thanks for reaching out. Post Office Protocol version 3 (POP3) is a standard email protocol used to retrieve emails from a server. When using SSL/TLS (Secure Sockets Layer/Transport Layer Security) with POP3, the communication between the email client and the email server is encrypted, adding a layer of security to protect sensitive information such as login credentials and email content. - Certification Terminal team
@@CertificationTerminal not correct/wrong - for email communications are using POP3/SMTP. Both. Your question is not about client/server. SMTP has secure variants - SMTPS a STARTLS. And POP3 has secure variant PO3S a STARTTLS for POP3. Both are for secure email communications. the question is ambiguous and misleading.
For question No 44. It says ''The most prevalent physical security measure utilized to safeguard high security areas'' ? You picked Access control systems over perimeter fencing. I think perhaps you need to remove the prevalent from the question and maybe replace it with ''most secured'' as every high security area has perimeter fencing but not all of them has access control systems
Logical controls primarily involve policies and procedures governing access and data handling, while technical controls involve the hardware or software mechanisms put in place to enforce those policies and secure the systems and data. Logical controls refer to security measures that focus on regulating access to computer systems and data. These controls include policies, procedures, and restrictions that manage user authentication, authorization, and data encryption. Logical controls also encompass the management of user IDs, passwords, access rights, and other software-based security measures aimed at protecting digital assets. Technical controls, on the other hand, are security measures implemented through technology or software solutions to protect systems, networks, and data. They encompass hardware or software mechanisms such as firewalls, intrusion detection systems, encryption tools, bio-metric authentication, access control systems, and antivirus software. These controls are designed to safeguard against unauthorized access, data breaches, malware, and other technical threats. Hence, among the options provided 'Passwords' is considered as Logical access control. - Certification Terminal team
Thanks for reaching out. In this question we 'should' select one of the (ISC)² canons that signfies the continuous professional development and the maintenance of competence within the realm of information security. The "Advance and protect the profession" principle within the ISC2 Code of Ethics refers to the commitment of cybersecurity professionals to contribute positively to the field, promote its integrity, and elevate the standards of the profession. By adhering to the "Advance and protect the profession" principle, cybersecurity professionals not only enhance their own professional standing but also contribute to the growth, credibility, and reliability of the cybersecurity field as a whole. Hence, Option B is the correct choice. - Certification Terminal team
Q26 - none of them - you have to write POP3 over TLS, SMTP over SSL or somethins else. BUt anozher wrong - PO3 a SMTP both are for secure comm wia secure ports.
Thanks for reaching out. Please find clarifications below for the two questions. Question-10: The three possible models for incident response are: 1. Leveraged 2. Dedicated 3. Hybrid. There is no Incident response model named as 'Pre-existing'. Hence Option D is the correct answer. Question-26: Which protocol is utilized for secure email communication among the options provided? POP3 (Post Office Protocol version 3), is used for receiving email messages from a server. The HTTPS (Hypertext Transfer Protocol Secure) protocol is specifically designed for secure communication over a network, typically used for web browsing. Hence Option C is the correct answer.
The question is asking about the intent or aim behind the existence of laws or regulations that pertain to data breach notifications. It seeks an explanation of why these specific laws or regulations are in place and what objectives they serve in the context of data breaches. Among the options provided, "To notify individuals affected by a data breach" is correct. Notifications allow individuals to take necessary actions to mitigate potential risks. Prompt notification helps maintain trust between users and the organizations collecting their data. It demonstrates transparency and a commitment to addressing security issues promptly. - Certification Terminal team
Good point. Though, ABAC is more flexible and versatile, and an access control model that controls access to objects, using rules that are evaluated according to the attributes of the subject, relevant objects, and attributes of the environment and action. RuBAC, on the other hand, relies on explicitly defined rules to make access control decisions.
Thanks for reaching out. An access control system serves as a technical safeguard regulating and overseeing access to specific zones or data within a system. By enforcing policies and guidelines dictating who or what can access resources in a network, it mitigates unauthorized entry, bolstering security measures. While training employees in cybersecurity best practices constitutes a preventive measure, human error remains a potential gateway for breaches. To preclude unforeseen breaches, implementing robust preventive measures like an access control system becomes imperative. Thus, the best choice lies in "Option D: Access control system."
Q15 - zhis is not administrative! Why afminitrative a re papered a or word documents excel tables, guidelines, policies and other the same. background check it means what?!?!? This is sw checking of employes? this is technical control.
Background checks for employees typically fall under administrative controls rather than technical controls. Background checks, being a part of the hiring process and primarily managed by human resources or compliance departments, align more with administrative controls. They aim to mitigate risks associated with hiring by ensuring that employees meet certain standards and pose minimal risk to the organization. The technical controls involve the use of technology, systems, or tools to enforce security policies. For instance, access control systems, firewalls, encryption, and intrusion detection systems are technical controls that protect systems and data. - Certification Terminal team
Option D specifies that there's no alteration in data as the system continues to operate seamlessly with the current configuration, devoid of any issues. - Certification Terminal team
![3. Master Certified in CyberSecurity [CC Exam]: Top Practice Questions](http://i.ytimg.com/vi/Lm7CJn-qqKA/mqdefault.jpg)
![3. Master Certified in CyberSecurity [CC Exam]: Top Practice Questions](/img/tr.png)
![5. Master Certified in CyberSecurity [CC Exam]: Top Practice Questions](http://i.ytimg.com/vi/JvFPSxBSmy8/mqdefault.jpg)
More ISC2 CC exam (ISC2 Certified in CyberSecurity) practice questions:
th-cam.com/play/PLKbf3fxddlUFul5Yg2CDXiI2degmfR70F.html
Thank you for the videos. Well compiled with adequate explanations. I passed the exam this AM
Aaww, that's an incredible news. You made my day. Hearty congratulations on your success. Please share these sessions to whom ever you feel get benefited. We are releasing sessions for multiple other certifications too. Wish you all the best for your future endeavors. Stay tuned and have a blessed day.
@@CertificationTerminalwould be great if you could do some for ISACA’s CISA
@@gowridhivakar - Certainly. We will prioritize and try to publish ISACA's CISA at the earliest. Thanks for mentioning.
This video has popped up in my suggestion list this AM. Even though I obtained my certification last month, I wanted to review the questions and answers. Certification Terminal deserves credit for compiling these Q&As. Going through these questions earlier would have made my journey easier. To other aspiring individuals, while the same questions may not appear in the real exam, it is important to focus on the technical explanations provided in this video and review the documentation before appearing to the exam.
@CertificationTerminal, Thanks for adding value to others life and keep rocking..
Thank you so much for your kind words! 💖 I'm thrilled to hear that these Q&As useful to our journey. Your support means a lot to me. Please subscribe to our channel, share to whom ever it is needed and stay tuned for more great content
Thank you for the various helpful videos. I passed the exam today.
Congratulations on your successful completion of the ISC2 CC exam! We're thrilled that our practice questions are beneficial to you. Thank you for choosing us as a part of your journey to success.
- Certification Terminal team
Thank you for the questions! I passed CC today! God Bless you more!
Hearty congratulations Arldrick Lubag. Happy for your achievement and wishing you continued success. God bless you abundantly.
Did you prepare only from these videos? any other study material to prepare?
@@sairamsubu its some of my refresher bro. I used the selfphase of ISC2 and practice exam of Udemy. After I study, my refresher is these questions and very helpful.
This was really good. Thanks!
You're welcome, Evita. Kindly explore more videos in this series and provide feedback if there are areas for improvement. Best of luck with your preparation and exam.
Thank you for the videos. Well compiled with adequate explanations. I passed the exam
Hearty congratulations on your success @ashtapathyps. Thanks for you compliment. Request you to please suggest our playlists to whomsoever needed. Wish you all the best for your career.
For qn-43, Training is also part of preventative control.
I also have a question about Question 26: Which protocol is used for secure email communications...? I think it could be either SMTP or POP3 - SMTP pushes mail out and POP3 pulls mail in, and neither is inherently secure without SSL/TLS. Please help me understand why the correct answer is POP3? Thanks!
Thanks for reaching out.
Post Office Protocol version 3 (POP3) is a standard email protocol used to retrieve emails from a server. When using SSL/TLS (Secure Sockets Layer/Transport Layer Security) with POP3, the communication between the email client and the email server is encrypted, adding a layer of security to protect sensitive information such as login credentials and email content.
- Certification Terminal team
@@CertificationTerminal yes SMTPS
@@SarwarJavaid- Thanks for reaching out. I need to do more research on it.
@@CertificationTerminal not correct/wrong - for email communications are using POP3/SMTP. Both. Your question is not about client/server. SMTP has secure variants - SMTPS a STARTLS. And POP3 has secure variant PO3S a STARTTLS for POP3. Both are for secure email communications. the question is ambiguous and misleading.
yes you are right - the question is ambiguous and misleading
Kudos wow
Thank you very much for your appreciation!
For question No 44. It says ''The most prevalent physical security measure utilized to safeguard high security areas'' ? You picked Access control systems over perimeter fencing. I think perhaps you need to remove the prevalent from the question and maybe replace it with ''most secured'' as every high security area has perimeter fencing but not all of them has access control systems
Ok, thanks for your valuable input.
Q18 - logicl? it means technical? It means sw/fw conrol?
Logical controls primarily involve policies and procedures governing access and data handling, while technical controls involve the hardware or software mechanisms put in place to enforce those policies and secure the systems and data.
Logical controls refer to security measures that focus on regulating access to computer systems and data. These controls include policies, procedures, and restrictions that manage user authentication, authorization, and data encryption. Logical controls also encompass the management of user IDs, passwords, access rights, and other software-based security measures aimed at protecting digital assets.
Technical controls, on the other hand, are security measures implemented through technology or software solutions to protect systems, networks, and data. They encompass hardware or software mechanisms such as firewalls, intrusion detection systems, encryption tools, bio-metric authentication, access control systems, and antivirus software. These controls are designed to safeguard against unauthorized access, data breaches, malware, and other technical threats.
Hence, among the options provided 'Passwords' is considered as Logical access control.
- Certification Terminal team
Q23 - something worng - you have to select what is not i IISC2 cannon. that sentence doesn't make sense to me.
Thanks for reaching out.
In this question we 'should' select one of the (ISC)² canons that signfies the continuous professional development and the maintenance of competence within the realm of information security.
The "Advance and protect the profession" principle within the ISC2 Code of Ethics refers to the commitment of cybersecurity professionals to contribute positively to the field, promote its integrity, and elevate the standards of the profession. By adhering to the "Advance and protect the profession" principle, cybersecurity professionals not only enhance their own professional standing but also contribute to the growth, credibility, and reliability of the cybersecurity field as a whole.
Hence, Option B is the correct choice.
- Certification Terminal team
Q26 - none of them - you have to write POP3 over TLS, SMTP over SSL or somethins else. BUt anozher wrong - PO3 a SMTP both are for secure comm wia secure ports.
Correct.
Can you explain Q10 why not the leveraged ?
And can q26 ans be HTTPS
Thanks for reaching out. Please find clarifications below for the two questions.
Question-10:
The three possible models for incident response are:
1. Leveraged
2. Dedicated
3. Hybrid.
There is no Incident response model named as 'Pre-existing'.
Hence Option D is the correct answer.
Question-26:
Which protocol is utilized for secure email communication among the options provided?
POP3 (Post Office Protocol version 3), is used for receiving email messages from a server.
The HTTPS (Hypertext Transfer Protocol Secure) protocol is specifically designed for secure communication over a network, typically used for web browsing.
Hence Option C is the correct answer.
why not SMTP?
@@CertificationTerminal
Q28 - why to notify person:??? goal is not to breach privacy. And second is to notify person!!!!
The question is asking about the intent or aim behind the existence of laws or regulations that pertain to data breach notifications. It seeks an explanation of why these specific laws or regulations are in place and what objectives they serve in the context of data breaches.
Among the options provided, "To notify individuals affected by a data breach" is correct.
Notifications allow individuals to take necessary actions to mitigate potential risks. Prompt notification helps maintain trust between users and the organizations collecting their data. It demonstrates transparency and a commitment to addressing security issues promptly.
- Certification Terminal team
Q39 § Why? AC based on rules is RUBAC!
Good point.
Though, ABAC is more flexible and versatile, and an access control model that controls access to objects, using rules that are evaluated according to the attributes of the subject, relevant objects, and attributes of the environment and action. RuBAC, on the other hand, relies on explicitly defined rules to make access control decisions.
SMTP is more secured than POP3
Thanks for your inputs. We will take your inputs and update our database.
Q43 - why not trainng - this is really preventive conrtol. Prevention for not to have data breach.
Thanks for reaching out.
An access control system serves as a technical safeguard regulating and overseeing access to specific zones or data within a system. By enforcing policies and guidelines dictating who or what can access resources in a network, it mitigates unauthorized entry, bolstering security measures.
While training employees in cybersecurity best practices constitutes a preventive measure, human error remains a potential gateway for breaches.
To preclude unforeseen breaches, implementing robust preventive measures like an access control system becomes imperative. Thus, the best choice lies in "Option D: Access control system."
Q15 - zhis is not administrative! Why afminitrative a re papered a or word documents excel tables, guidelines, policies and other the same. background check it means what?!?!? This is sw checking of employes? this is technical control.
Background checks for employees typically fall under administrative controls rather than technical controls.
Background checks, being a part of the hiring process and primarily managed by human resources or compliance departments, align more with administrative controls. They aim to mitigate risks associated with hiring by ensuring that employees meet certain standards and pose minimal risk to the organization.
The technical controls involve the use of technology, systems, or tools to enforce security policies. For instance, access control systems, firewalls, encryption, and intrusion detection systems are technical controls that protect systems and data.
- Certification Terminal team
Q13 this is not integrity - integrity is my data are not changed.
Option D specifies that there's no alteration in data as the system continues to operate seamlessly with the current configuration, devoid of any issues.
- Certification Terminal team
Q47- why they are using this horrible words - better is watch/surveillance and manitenance
Noted. Thanks.