The answer is chmod 644 project_data.txt, because this command sets file permissions to rw-r--r--, meaning the owner can read and write while the group and others can only read. The chmod command uses numeric values where 6 grants read and write (4+2), 4 grants read-only, and the three digits represent owner, group, and others respectively. On the ISC2 Certified in Cybersecurity CC exam, this tests your understanding of Linux file permission basics and how to modify access using octal notation—a common scenario where you must remove write access from a file that initially has 666 permissions (readable and writable by all). A frequent trap is confusing the order of digits or forgetting that 4 equals read and 2 equals write; remember that 644 is the standard permission for a file that should be editable only by its owner but viewable by everyone. A helpful memory tip: think of 644 as “owner gets the full 6 (read+write), everyone else gets just the 4 (read).”
ISC2 CC Access Controls Concepts Practice Question
This CC practice question tests your understanding of access controls concepts. Match the stated requirement to the specific cloud service, access model, or configuration option — many options are valid in isolation but not for this scenario. After answering, compare your reasoning against the explanation and wrong-answer breakdown below. Once you have made your selection, read the full explanation to reinforce the concept and understand why each distractor is designed to mislead on exam day.
Exhibit
-rw-rw-rw- 1 user1 devteam 1024 Mar 10 10:00 project_data.txt
Refer to the exhibit. The file is readable and writable by everyone. A user from the marketing team, user2, needs to be able to read the file but not write to it. Which command should the administrator use to achieve this?
Clue words in this question
Noticing these words before you look at the options changes how you read each choice.
Clue: "which command"
Why it matters: Tests specific CLI syntax. Recall the exact command and its required context — near-synonyms and partial matches are common distractors.
-rw-rw-rw- 1 user1 devteam 1024 Mar 10 10:00 project_data.txt
A
chmod 664 project_data.txt
Why wrong: 664 gives owner read/write, group read/write, others read, so group (devteam) could write, but user2 (marketing) is not in group, so they get read only. However, it does not tighten group write.
B
chmod 755 project_data.txt
Why wrong: 755 gives owner read/write/execute, group and others read/execute, so user2 still cannot write, but execute is unnecessarily granted.
C
chmod 644 project_data.txt
644 sets read/write for owner, read for group and others, so user2 can read but not write.
D
chmod 600 project_data.txt
Why wrong: 600 gives owner read/write only, denying all access to user2.
Answer the question above first, then reveal the full breakdown to understand why each option is right or wrong.
Correct answer & explanation
✓
chmod 644 project_data.txt
Option C is correct because `chmod 644` sets the file permissions to `rw-r--r--`, which grants read and write to the owner, read-only to the group, and read-only to others. Since the file is initially readable and writable by everyone (likely `666`), changing to `644` removes write access for the group and others while preserving read access for all, meeting the requirement that user2 (a marketing team member, presumably in the group or others category) can read but not write.
Key principle: Answer the scenario, not the keyword: identify the specific constraint before choosing the most familiar-sounding option.
Answer analysis
Option-by-option breakdown
For each option: why learners choose it and why it is or isn't the right answer here.
✗
chmod 664 project_data.txt
Why it's wrong here
664 gives owner read/write, group read/write, others read, so group (devteam) could write, but user2 (marketing) is not in group, so they get read only. However, it does not tighten group write.
✗
chmod 755 project_data.txt
Why it's wrong here
755 gives owner read/write/execute, group and others read/execute, so user2 still cannot write, but execute is unnecessarily granted.
✓
chmod 644 project_data.txt
Why this is correct
644 sets read/write for owner, read for group and others, so user2 can read but not write.
Clue confirmation
The clue word "which command" in the question point toward this answer.
Related concept
Read the scenario before looking for a memorised answer.
✗
chmod 600 project_data.txt
Why it's wrong here
600 gives owner read/write only, denying all access to user2.
Common exam traps
Common exam trap: answer the scenario, not the keyword
ISC2 often tests the misconception that `chmod 664` is the standard 'read and write for owner and group, read-only for others' when in fact it grants write to the group, which would allow user2 to write if they are in the group, so candidates must carefully consider the user's group membership and the exact requirement of 'read but not write'.
Detailed technical explanation
How to think about this question
In Linux file permissions, the numeric mode `644` corresponds to binary `110 100 100`, where the first digit (6) is owner read+write, the second (4) is group read-only, and the third (4) is others read-only. The `chmod` command directly modifies the inode's permission bits, and since the file was originally `666` (rw-rw-rw-), the change to `644` effectively clears the write bit for group and others (bits 1 and 2 of the second and third octal digits). This is a common scenario in shared environments where a file must remain readable by all but writable only by its owner, such as a configuration file in a team directory.
KKey Concepts to Remember
Read the scenario before looking for a memorised answer.
Find the constraint that changes the correct option.
Eliminate answers that are true in general but not in this case.
TExam Day Tips
→Watch for words such as best, first, most likely and least administrative effort.
→Review why wrong options are wrong, not only why the correct option is correct.
Key takeaway
Answer the scenario, not the keyword: identify the specific constraint before choosing the most familiar-sounding option.
Real-world example
How this comes up in practice
A security analyst at a medium-sized enterprise encounters this scenario during an investigation or architecture review. The correct answer reflects best practice for the specific threat or control described. Answer the scenario, not the keyword: identify the specific constraint before choosing the most familiar-sounding option. Security exam questions test whether you can match controls to threats in context — not just recall definitions.
Related glossary terms
Concepts from this question explained
These glossary pages explain the core terms tested in this CC question in full detail.
Access Controls Concepts — This question tests Access Controls Concepts — Read the scenario before looking for a memorised answer..
What is the correct answer to this question?
The correct answer is: chmod 644 project_data.txt — Option C is correct because `chmod 644` sets the file permissions to `rw-r--r--`, which grants read and write to the owner, read-only to the group, and read-only to others. Since the file is initially readable and writable by everyone (likely `666`), changing to `644` removes write access for the group and others while preserving read access for all, meeting the requirement that user2 (a marketing team member, presumably in the group or others category) can read but not write.
What should I do if I get this CC question wrong?
Identify which exam domain this question belongs to, review the core concept, then practise similar questions from the same domain.
Are there clue words in this question I should notice?
Yes — watch for: "which command". Tests specific CLI syntax. Recall the exact command and its required context — near-synonyms and partial matches are common distractors.
What is the key concept behind this question?
Read the scenario before looking for a memorised answer.
About these practice questions
Courseiva creates original exam-style practice questions with explanations and wrong-answer analysis. It does not publish real exam questions, exam dumps, or protected exam content. Learn why practice questions differ from exam dumps →
Share a tip, memory trick, or ask about the reasoning behind this question. Do not post real exam questions, leaked content, braindumps, or copyrighted exam material. Comments are moderated and may be removed without notice.
This CC practice question is part of Courseiva's free ISC2 certification practice question bank. Courseiva provides original exam-style practice questions with explanations, topic-based practice, mock exams, readiness tracking, and study analytics to help learners prepare for the CC exam.
Question Discussion
Share a tip, memory trick, or ask about the reasoning behind this question. Do not post real exam questions, leaked content, braindumps, or copyrighted exam material. Comments are moderated and may be removed without notice.
Sign in to join the discussion.