ISC CC - CC - Certified in Cybersecurity

The first step isisolation—disconnecting infected systems to prevent further spread. Restoring systems before containment risks reinfection. NIST SP 800-61 stresses containment before recovery.

At Layer 3 (Network Layer), data is encapsulated intopacketsfor routing across networks.

The Disaster Recovery Plan (DRP) contains step-by-step technical procedures to restore IT systems, data, and infrastructure after a disruptive event. While the BCP focuses on maintaining operations, the DRP focuses onrestoration.

Carbon dioxide (COâ‚‚) systems suppress fire without leaving residue or damaging electronic equipment. While they pose risks to people, they are effective for protecting electronics compared to water or foam.

Criticality reflects how essential an asset or system is to business success or mission accomplishment. It is commonly determined during a Business Impact Analysis (BIA) and influences recovery priorities.

IPSec uses sequence numbers in AH and ESP headers to detect and reject duplicate packets. This prevents attackers from capturing and replaying valid packets. Anti-replay protection is a core IPSec security feature defined by the IETF.

The primary objective of incident management is to minimize business impact and restore normal operations as quickly as possible. Analysis and lessons learned occur later in the lifecycle.

Modern firewalls operate at Layers 3, 4, and 7, supporting packet filtering, stateful inspection, and application-layer filtering.

In anasymmetric cryptography system, each user is assigned akey pairconsisting ofone public key and one private key. These two keys are mathematically related but serve different purposes: the public key is shared openly for encryption or verification, while the private key is kept secret for decryption or signing.

To support50 users, each user must have2 keys:

1 public key

1 private key

Therefore, the total number of keys required is:

50 users × 2 keys per user = 100 keys

This is one of the major advantages of asymmetric cryptography over symmetric cryptography. In symmetric systems, the number of required keys grows rapidly as the number of users increases (n(n−1)/2), making key management complex. Asymmetric cryptography scales much more efficiently because each user manages only their own key pair.

Asymmetric encryption is widely used in secure communications such as TLS, digital signatures, and PKI-based authentication. Standards bodies like NIST and ISO/IEC rely heavily on asymmetric cryptography for scalable and secure key management.

Segregation of duties reduces fraud and insider threats by requiring multiple individuals to complete critical tasks.