Practice IIBA-CCA Exam Online

Question 1

Which type security audit is most reliable and with most value?

A : Scheduled audit

B : External audit

C : All of the above

D : Internal audit

Answer: B

Question 2

A process by which potential threats is identified, enumerated, and prioritized from a hypothetical attacker’s point is called?

A : Vulnerability

B : Threat modeling

C : Threat risk assessment

D : Cyber threat

Answer: B

Question 3

The following are data states except

A : Data in use

B : Data at rest

C : Data in transit

D : Data in storage

Answer: D

Question 4

Which stage of an adversarial threat attack does the attacker exploit physical access and vulnerabilities, compromise information systems, critical information, and components?

A : Craft or Create Attack Tools

B : Deliver/Insert/Install Malicious Capabilities

C : Exploit and Compromise

D : Perform Reconnaissance

Answer: C

Question 5

Which of the following statement is false?

A : U.S. law tends to encourage retaining information, whereas EU law tends to encourage deleting it

B : The least famous data privacy regulation is the European Union’s General Data Protection Regulation (GDPR) in EU.

C : Canada’s data privacy policy is called Personal Information Protection and Electronic Documents Act.

D : The United States regulates the storage of credit and other financial information.

Answer: B

Name:	Certificate in Cybersecurity Analysis
Exam Code:	IIBA-CCA
Certification:	IIBA
Vendor:	IIBA
Total Questions:	372
Last Updated:	Apr 24, 2024

IIBA IIBA-CCA