Pass the ISC certification CC Questions and answers with Dumpstech

Separation of duties prevents fraud by ensuring no single individual can complete critical actions alone, enabling detection through checks and balances.

Zero Trust assumes no implicit trust and requires continuous verification of every access request. Microsegmentation is a core Zero Trust technique that limits lateral movement.

An Intrusion Detection System (IDS) consists of three fundamental functional components: information sources, analysis engines, and response mechanisms. Information sources collect data such as network packets, logs, or system events. Analysis engines evaluate this data to detect suspicious behavior. Response components generate alerts or notifications.

While IDS systems typically do not block traffic (unlike IPS), they still perform response actions such as logging, alerting, and triggering workflows.

All three components work together to detect and report security incidents. This architecture is well documented in NIST intrusion detection guidance and forms the basis of both host-based and network-based IDS solutions.

Risk identification is the first step in the risk management process. Organizations must first identify assets, threats, and vulnerabilities before they can assess likelihood or impact. Without knowing what risks exist, meaningful assessment and mitigation are impossible.

Threat actors include insiders, external attackers, and automated technologies such as bots. Modern threat landscapes recognize non-human actors as valid threats due to automation and AI-driven attacks.

Honeytokens are decoy data elements designed to lure attackers and detect unauthorized access. Examples include fake credentials, files, or database entries that have no legitimate use.

When a honeytoken is accessed, it triggers an alert, indicating a compromise. Honeytokens are valuable for detecting insider threats and lateral movement.

They do not encrypt data, improve performance, or manage access. Honeytokens are part of deception-based security strategies that enhance detection capabilities.

Standards such as ISO, NIST, and CIS are commonly developed by third-party organizations and provide best practices and compliance guidance. They are not laws unless mandated.

Distributed Denial-of-Service (DDoS) attacks disrupt availability by overwhelming systems, preventing legitimate access.

Guidelines are non-binding recommendations within a security policy framework. They provide best practices, suggestions, and advice to help users and administrators make informed decisions, but they do not require mandatory compliance.

Policies are high-level, mandatory statements approved by senior management. Standards define specific, mandatory requirements that must be followed to comply with policies. Procedures provide step-by-step instructions for implementing policies and standards.

Guidelines offer flexibility and allow organizations to adapt recommendations to different environments, technologies, or risk levels. Because they are not enforceable, guidelines are often used to encourage secure behavior without imposing strict controls.

For example, a guideline might recommend using a password manager, while a standard would require minimum password length. Security frameworks such as ISO/IEC 27001 and NIST distinguish clearly between mandatory controls and advisory guidance to balance security with operational flexibility.

Technical (logical) controls are implemented using technology to enforce security policies. A GPS tracking system is a technical control because it relies on electronic systems and software to monitor and record vehicle location.

Security guards and door locks are physical controls. Technical controls include firewalls, encryption, intrusion detection systems, access control systems, and monitoring tools.

Technical controls play a major role in preventing, detecting, and responding to cyber threats and are emphasized heavily in modern cybersecurity frameworks.