Pass the ISC ISC certification CC Questions and answers with CertsForce

Attribute-Based Access Control (ABAC) is considered a dynamic authorization model because access decisions are made in real time based on attributes of the user, resource, action, and environment. These attributes can include time of day, device type, location, data sensitivity, and user role.

Unlike RBAC or MAC, which rely on static roles or labels, ABAC evaluates policies dynamically using a policy decision point (PDP). This makes ABAC ideal for modern cloud, zero trust, and highly distributed environments.

DAC allows owners to grant permissions, RBAC uses predefined roles, and MAC relies on fixed security labels. ABAC provides the most flexible and context-aware authorization.

Disaster Recovery Planning focuses on restoringIT systems, infrastructure, and communicationsafter a disruption. Business Continuity Planning focuses onmaintaining critical business functionsduring and after incidents, often using alternative processes.

BCP is broader than DRP and includes people, processes, facilities, and third parties, while DRP is IT-centric. Both plans complement each other but serve different purposes.

The primary goal of incident management is toreduce the impact of an incidenton the organization. Incident management focuses on minimizing damage, limiting scope, and restoring stability as quickly as possible.

Preparation is handled before incidents occur, and disaster recovery focuses on long-term system restoration. Protecting life and safety is important but not the core definition of incident management in cybersecurity frameworks.

NIST SP 800-61 emphasizes rapid containment, mitigation, and impact reduction as the central objectives of incident management.

PAM solutions focus onjust-in-time (JIT) access, granting elevated privileges only when needed and revoking them afterward. This reduces standing privileges and minimizes attack surfaces.

Multitenancy allows shared infrastructure while maintaining logical isolation between customers.

Potential conflicts of interest must be evaluated against the organization’s internal code of ethics. While professional codes (like ISC2) are important, employment-related decisions are governed primarily by organizational ethics and HR policies.

Preparation is the foundational phase of incident response. It defines policies, roles, responsibilities, tools, training, and communication procedures. Without preparation, all other phases become chaotic and ineffective.

NIST SP 800-61 emphasizes preparation as the first phase because it ensures responders understand escalation paths, legal considerations, evidence handling, and authority. A new security engineer must understand preparation to operate effectively during real incidents.

Availabilityensures that authorized users can access information and systems when needed, a core element of the CIA triad.

Side-channel attacks exploit physical characteristics such as power usage, timing, or electromagnetic emissions to infer sensitive information like cryptographic keys.

The three core structural components of an SQL database aretables,views, andschemas. Tables store the actual data in rows and columns. Views are virtual tables created from queries that present data in a specific way without duplicating it. Schemas act as logical containers that organize database objects and define ownership and access control.

Object-oriented interfaces are not a fundamental component of an SQL database. While modern databases may support object-relational features or APIs that allow object-oriented programming languages to interact with the database, these interfaces exist outside the core database structure.

SQL databases are based on the relational model, not the object-oriented model. Even though object-relational mapping (ORM) tools exist, they are middleware components rather than native database structures.

Understanding core database components is important for security professionals when managing access controls, permissions, and data exposure risks.