Free Practice Questions for ISC CC Exam

Technical (logical) controls are implemented using technology to enforce security policies. A GPS tracking system is a technical control because it relies on electronic systems and software to monitor and record vehicle location.

Security guards and door locks are physical controls. Technical controls include firewalls, encryption, intrusion detection systems, access control systems, and monitoring tools.

Technical controls play a major role in preventing, detecting, and responding to cyber threats and are emphasized heavily in modern cybersecurity frameworks.

Data loss affecting availability or integrity is classified as asecurity incident, even if no attacker is involved.

ABAC supports dynamic, context-aware access decisions based on attributes such as location, device, and time—ideal for global access scenarios.

ABAC uses centralized policy engines (PDPs) to evaluate attributes and enforce fine-grained access control decisions dynamically.

Security benchmarks define baseline performance and configuration standards against which systems are measured.

Data remanence refers to the residual representation of data that remains on storage media even after attempts have been made to delete or erase it. When files are deleted, the operating system typically removes references to the data rather than overwriting the actual bits on the disk. As a result, the data may still be recoverable using forensic tools.

Remanence is especially relevant for magnetic storage, solid-state drives, and backup media. Because of this risk, security standards recommend proper media sanitization techniques such as overwriting, degaussing, or physical destruction. NIST SP 800-88 specifically addresses media sanitization methods to mitigate remanence risks.

This concept is critical when disposing of or repurposing storage devices, particularly those that previously contained sensitive or regulated data.

When a device does not meet security baseline requirements, it poses a risk to the environment. Best practice is todisable or quarantine the deviceto prevent potential compromise or lateral movement. Network Access Control (NAC) solutions commonly automate this process.

Isolation ensures the device cannot interact with production systems until it is patched, configured correctly, and verified as compliant. This approach aligns with NIST and Zero Trust principles, emphasizing continuous compliance and containment.

Spoofing involves falsifying identity information such as IP or MAC addresses to bypass security controls.

Zero Trust is a security architecture that assumesno implicit trust—inside or outside the network perimeter. Every access request must be continuously verified based on identity, device health, context, and policy. Unlike traditional perimeter-based models, Zero Trust eliminates the concept of a “trusted internal network.”

Microsegmentation is a core Zero Trust technique that divides networks and workloads into highly granular security zones. Each zone enforces its own access controls, dramatically reducing lateral movement if an attacker gains access. This model aligns with NIST SP 800-207, which defines Zero Trust as a strategy to minimize attack surfaces and contain breaches.

ATrojanis a direct form of malware that disguises itself as legitimate software to perform malicious actions.