Back to ISC2 Certified in Cybersecurity CC questions

Scenario-based practice

Drag and Drop Matching Questions

Practise ISC2 Certified in Cybersecurity CC practice questions — original exam-style scenarios covering every exam domain, with detailed explanations, wrong-answer analysis, and common exam traps.

10
scenario questions
CC
exam code
ISC2
vendor

Scenario guide

How to approach drag and drop matching questions

Matching questions give you two columns — concepts, commands, or protocols on the left, and their definitions or use-cases on the right. You drag each left item to its correct match. These appear on most certification exams and punish superficial memorisation.

Quick answer

Drag and Drop Matching Questions questions test whether you can apply the concept in context, not just recognise a definition.

How the topic appears in realistic exam-style scenarios.

Which detail in the question changes the correct answer.

How to eliminate plausible but wrong options.

How to connect the question back to the wider exam objective.

Related practice questions

Related CC topic practice pages

Scenario questions usually connect to one or more exam topics. Use these links to review the underlying concepts behind the scenario.

Practice set

Practice scenarios

Question 1mediummatching
Full question →

Match each type of malware to its primary behavior.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Attaches to files and spreads

Self-replicates without a host file

Disguised as legitimate software

Encrypts data for payment

Secretly monitors user activity

Question 2mediummatching
Full question →

Match each network security concept to its purpose.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Filters traffic based on rules

Segments public-facing servers

Maps private to public IPs

Encrypts data over public networks

Monitors for suspicious activity

Question 3mediummatching
Full question →

Match each security control type to its description.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Discourages potential attackers

Blocks unauthorized access

Identifies and logs incidents

Restores after an incident

Alternative control when primary is not feasible

Question 4mediummatching
Full question →

Match each access control model to its key characteristic.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Owner sets permissions

System-enforced labels

Roles determine access

Attributes and policies

Question 5mediummatching
Full question →

Match each authentication factor to an example.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Password

Smart card

Fingerprint

GPS location

Question 6mediummatching
Full question →

Match each risk management term to its meaning.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Weakness in a system

Potential cause of harm

Likelihood and impact of a threat exploiting a vulnerability

Control to mitigate risk

Question 7mediummatching
Full question →

Match each cryptographic concept to its definition.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Same key for encrypt and decrypt

Key pair: public and private

One-way transformation to fixed size

Ensures authenticity and non-repudiation

Binds a public key to an identity

Question 8mediummatching
Full question →

Match each phase of the incident response process to its description.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Train and equip the team

Identify and scope the incident

Stop the spread and restore systems

Lessons learned and reporting

Question 9mediummatching
Full question →

Match each OSI layer to its function.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Data Link: frames and MAC addresses

Network: routing and IP addresses

Transport: end-to-end reliability

Application: user interface and protocols

Question 10mediummatching
Full question →

Match each security policy type to its focus.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Rules for using company assets

How long data is kept

Steps to restore IT after a disaster

Maintain operations during disruptions

These CC practice questions are part of Courseiva's free ISC2 certification practice question bank. Courseiva provides original exam-style CC questions with detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics.