CC · topic practice

Network Security practice questions

Practise ISC2 Certified in Cybersecurity CC Network Security practice questions — original exam-style scenarios with answer choices, explanations, and analysis of common mistakes.

Courseiva uses original exam-style practice questions designed for learning and revision. The goal is to understand the concepts, recognise exam patterns, and improve through explanations — not memorise copied exam dumps.

Reviewed byJohnson Ajibi· MSc IT Security
20 questionsDomain: Network Security

What the exam tests

What to know about Network Security

Network Security questions test whether you can apply the concept in context, not just recognise a definition.

How the topic appears in realistic exam-style scenarios.

Which detail in the question changes the correct answer.

How to eliminate plausible but wrong options.

How to connect the question back to the wider exam objective.

Watch out for

Common Network Security exam traps

  • Answering from memory before reading the full scenario.
  • Missing a constraint such as cost, availability, security, scope or command context.
  • Choosing a broad answer when the question asks for the most specific fix.
  • Ignoring why the wrong options are tempting.

Practice set

Network Security questions

20 questions · select your answer, then reveal the explanation

Question 1easymultiple choice
Review the full routing breakdown →

Which OSI layer is responsible for routing packets across networks using IP addresses?

A security analyst notices unusual traffic from an internal workstation to an external IP address on port 25. Which protocol is most likely being used?

Question 3mediummultiple choice
Open the full VLAN trunking answer →

In the OSI model, which layer uses MAC addresses to forward frames and supports VLANs?

Question 4mediummultiple choice
Read the full Network Security explanation →

An attacker captures network traffic and forges the source IP address to impersonate a trusted host. Which type of network threat is this?

A security engineer is configuring a network security device that can block malicious HTTP requests based on application-layer inspection. Which device type is most suitable?

Which TCP segment is sent to initiate the three-way handshake?

Question 7mediummultiple choice
Read the full DNS explanation →

An organization wants to place its public web server, email server, and DNS server in a network that is accessible from the internet but isolated from the internal corporate network. Which network design should be used?

Question 8mediummultiple choice
Read the full Network Security explanation →

Which firewall type inspects the entire packet, including application data, and can enforce rules based on user identity?

A security analyst detects an ARP spoofing attack on the local network. What is the primary goal of an ARP spoofing attack?

Which protocol is considered insecure because it transmits data in cleartext, including passwords?

During a DDoS attack, a company's web server is overwhelmed with a high volume of SYN packets from spoofed IP addresses, never completing the TCP handshake. Which type of attack is this?

Question 12mediummultiple choice
Read the full Network Security explanation →

Which security control would best mitigate the risk of network sniffing on a wired LAN segment?

Question 13mediummulti select
Read the full DNS explanation →

A network administrator is designing a DMZ to host a web server, an email server, and a DNS server. Which TWO of the following principles should be applied to secure the DMZ? (Select TWO.)

An organization is selecting a network security solution to protect against advanced threats. Which THREE features are characteristic of a Next-Generation Firewall (NGFW)? (Select THREE.)

A security team is investigating a potential man-in-the-middle attack. Which TWO of the following are common techniques used in MITM attacks? (Select TWO.)

A security analyst notices unusual traffic on the network and wants to capture packets for analysis without altering traffic. Which device should they use?

Question 17mediummultiple choice
Read the full Network Security explanation →

A company wants to isolate its public web server from internal networks to reduce risk. The server must be accessible from the internet. Which network architecture should be used?

An attacker sends forged ARP messages to associate their MAC address with the IP address of a legitimate server. This allows the attacker to intercept traffic intended for that server. What is this attack?

Question 19mediummultiple choice
Read the full Network Security explanation →

Which transport layer protocol is used by voice over IP (VoIP) applications that require low latency and can tolerate some packet loss?

A firewall that filters traffic based solely on source and destination IP addresses and ports without considering the state of connections is known as a:

Free account

Track your progress over time

Create a free account to save your results and see which topics improve across sessions.

Focused Network Security sessions

Start a Network Security only practice session

Every question in these sessions is drawn from the Network Security domain — nothing else.

Related practice questions

Related CC topic practice pages

Move into related areas when this topic feels solid.

Frequently asked questions

What does the CC exam test about Network Security?
Network Security questions test whether you can apply the concept in context, not just recognise a definition.
How should I use these practice questions?
Select your answer before revealing the explanation. Then read why each option is right or wrong — this active recall approach builds retention far faster than re-reading notes.
Can I practise just Network Security questions in a focused session?
Yes — the session launcher on this page draws every question from the Network Security domain. Use a 10-question session first to gauge your baseline, then move to 20 or 30 once the weak spots are clear.
Where can I practise other CC topics?
Use the topic links above to move to related areas, or go back to the CC question bank to see all topics.
Are these real exam questions or dumps?
These are original practice questions written to test the same concepts the CC exam covers. They are not copied from any real exam or dump site.