100-160 Sample Questions Answers

TheCCST Cybersecurity Study Guidedescribes the CIA Triad as the foundational model for information security:

Confidentiality

"Confidentiality ensures that sensitive information is accessed only by authorized individuals and is protected from unauthorized disclosure."

Integrity

"Integrity ensures that data remains accurate, complete, and unaltered except by authorized processes or users."

Availability

"Availability ensures that information and systems are accessible to authorized users when needed."

(CCST Cybersecurity,Essential Security Principles, CIA Triad section, Cisco Networking Academy)

TheCCST Cybersecurity Study Guidecovers major privacy and security frameworks:

GDPR (General Data Protection Regulation)–

"EU regulation that protects personal data and privacy for individuals within the European Union."

HIPAA (Health Insurance Portability and Accountability Act)–

"US law that protects sensitive patient health information from being disclosed without the patient’s consent or knowledge."

PCI-DSS (Payment Card Industry Data Security Standard)–

"Security standard to protect credit card data and reduce fraud."

FERPA (Family Educational Rights and Privacy Act)–

"US law that protects the privacy of student education records."

FISMA (Federal Information Security Management Act)–

"US law that requires federal agencies to protect information and information systems."

(CCST Cybersecurity,Essential Security Principles, Regulatory Compliance section, Cisco Networking Academy)

TheCCST Cybersecurity Study Guidedistinguishes betweenDisaster Recovery Plans (DRP)andBusiness Continuity Plans (BCP):

ABCPfocuses on keeping the business running during a disruption.

ADRPfocuses on restoring IT services and data after a disaster has occurred.

"A disaster recovery plan outlines procedures for restoring data and critical IT infrastructure to operational status following a disruptive incident. The goal is to resume normal IT operations as quickly as possible."

(CCST Cybersecurity,Essential Security Principles, Business Continuity and Disaster Recovery section, Cisco Networking Academy)

Ais a general effect of both BCP and DRP.

BandDdescribe business continuity, not disaster recovery.

Cis correct: DRP’s main purpose isrestoring IT systems and data quicklyafter disruption

TheCCST Cybersecurity Study Guidespecifies thatAES (Advanced Encryption Standard)is the encryption method used in modern WiFi security protocols like WPA2 and WPA3.

"WPA2 and WPA3 use the Advanced Encryption Standard (AES) for securing wireless traffic. AES provides strong symmetric encryption, replacing outdated methods like WEP and TKIP."

(CCST Cybersecurity,Basic Network Security Concepts, Wireless Security section, Cisco Networking Academy)

A(DES) is outdated and insecure.

B(Triple DES) is older and slower, rarely used in WiFi.

Cis correct: AES is the industry standard for WiFi security.

D(RSA) is asymmetric encryption used in key exchange, not bulk WiFi encryption.

TheCCST Cybersecurity Study Guidenotes that HIPAA (Health Insurance Portability and Accountability Act) requires that ePHI be protected both in storage and when devices are decommissioned or repurposed. This includes implementingdata removal policiesfor mobile devices.

"HIPAA requires procedures for the removal of electronic protected health information (ePHI) from devices before disposal, reuse, or reassignment."

(CCST Cybersecurity,Essential Security Principles, Regulatory Compliance section, Cisco Networking Academy)

TheCCST Cybersecuritycourse states that anIntrusion Detection System (IDS)passively monitors network or system traffic and analyzes it against a database of known threat signatures or behavioral patterns.

"IDS devices inspect network traffic, compare it to known malicious signatures or anomalies, and generate alerts for suspicious activity without actively blocking traffic."

(CCST Cybersecurity,Basic Network Security Concepts, IDS and IPS section, Cisco Networking Academy)

Ais correct: IDS is passive and signature-based.

B(IPS) is active and can block traffic.

C(Proxy Server) handles requests between clients and servers.

D(Honeypot) is a decoy system to attract attackers.

TheCCST Cybersecurity Study GuidehighlightsFileVaultas the macOS full-disk encryption tool.

"FileVault is macOS’s built-in full-disk encryption feature. It encrypts the contents of the entire startup disk to help prevent unauthorized access to the information stored on the drive, even if the device is lost or stolen."

(CCST Cybersecurity,Endpoint Security Concepts, Disk Encryption section, Cisco Networking Academy)

Ais correct: FileVault provides complete volume encryption.

B(Gatekeeper) controls app installation by verifying code signatures.

C(System Integrity Protection) protects system files from modification.

D(XProtect) is macOS’s built-in malware detection system.

TheCCST Cybersecuritycourse teaches that vulnerability scan results should be reviewed for misconfigurations and exposures that can be exploited by attackers.

"Disabled firewalls expose systems to direct network attacks and should be treated as critical findings. Open ports can indicate unnecessary or unsecured services running, which may provide entry points for attackers. These findings should be escalated for remediation or further security hardening."

(CCST Cybersecurity,Vulnerability Assessment and Risk Management, Analyzing and Responding to Scan Results section, Cisco Networking Academy)

Encrypted passwords (A)are good practice, not a vulnerability.

Disabled firewalls (B)leave systems defenseless against incoming attacks.

Open ports (C)can be exploited if the services they expose are vulnerable or misconfigured.

SSH packets (D)are normal in secure remote administration and are not inherently a vulnerability.

TheCCST Cybersecuritycourse describes ransomware as a form of malicious software that encrypts or locks access to an organization’s data, demanding payment for its release.

"Ransomware is a type of malware that denies access to data by encrypting it and demands payment from the victim to restore access. Threat actors may deliver ransomware through phishing emails, malicious downloads, or exploiting vulnerabilities in exposed systems."

(CCST Cybersecurity,Essential Security Principles, Malware Types and Threats section, Cisco Networking Academy)

Adescribes spyware or information-stealing malware.

Bis website defacement, which is vandalism, not ransomware.

Cis correct: locking/encrypting data and demanding payment is the defining behavior of ransomware.

Dis more aligned with insider threat or espionage activities.

TheCCST Cybersecuritycourse defines a strong password as one that:

Is at least 8–12 characters long

Uses a mix of uppercase, lowercase, numbers, and symbols

Avoids dictionary words, personal information, and predictable patterns

"Strong passwords combine length, complexity, and unpredictability, making them resistant to brute force and dictionary attacks."

(CCST Cybersecurity,Essential Security Principles, Authentication and Access Control section, Cisco Networking Academy)

Ais correct: It’s long, mixed case, includes numbers and symbols, and is not easily guessable.

Bis incorrect: It’s based on a date, which is predictable.

Cis incorrect: Short and based on a dictionary word.

Dis correct: Uses complexity and length with leetspeak for added unpredictability.

TheCCST Cybersecurity Study Guideexplains that aninsider threatis any threat to an organization that comes from people within the organization—employees, contractors, or business partners—who have inside information concerning the organization's security practices, data, and systems. Insider threats may be intentional or unintentional.

"An insider threat can be malicious or accidental. Employees may unintentionally cause data breaches by mishandling sensitive information, such as sending it to the wrong recipient."

(CCST Cybersecurity,Essential Security Principles, Threat Actor Types section, Cisco Networking Academy)

A(Logic bomb) is malicious code triggered by conditions.

B(Malware) is malicious software, unrelated to accidental email leaks.

C(Phishing) is an external social engineering attack.

Dis correct: This is anunintentional insider threat.

TheCCST Cybersecurity Study Guideexplains that aBYOD policy(Bring Your Own Device) should outline security requirements for personally owned devices connecting to the corporate network. Common requirements include:

Device encryptionfor stored sensitive corporate data.

Strong password or PINconfiguration for device access.

Restriction to secure and approved applicationsto reduce malware risk.

"BYOD policies typically mandate strong authentication, encryption of sensitive corporate data on personal devices, and installation of secure or approved applications. The goal is to protect corporate information while respecting personal ownership of the device."

(CCST Cybersecurity,Endpoint Security Concepts, BYOD Security section, Cisco Networking Academy)

Ais incorrect: BYOD policies do not require deletion of personal data unless wiping after separation.

Bis not a common requirement due to privacy and technical limitations.

E(upgrading data plans) is unrelated to security.