SkillTestPro | CCST Cybersecurity Practice Test

CCST Cybersecurity Practice Test 1

CCST Cybersecurity Practice Tests

1 / 30

A security operations center (SOC) analyst detects an ongoing cyberattack. What is the first step in responding to this incident?

Immediately shut down all affected systems

Erase all logs to remove traces of the attack

Contain the attack and prevent further spread

Notify all employees to change their passwords

Publicly announce the breach to customers

2 / 30

A company is implementing encryption to protect sensitive customer information stored on its servers. Which security principle does this support?

Authentication

Integrity

Availability

Non-repudiation

Confidentiality

3 / 30

A security administrator notices that users in different departments have access to data that they do not need for their roles. Which security principle should be enforced?

Least privilege

Zero trust

Defense in depth

Role-based access control (RBAC)

Multi-factor authentication

4 / 30

A cybersecurity team is implementing a policy that requires users to verify their identity using a fingerprint scan along with a password. What type of authentication is this?

Single-factor authentication

Multi-factor authentication

One-time password authentication

Identity federation

5 / 30

A hacker installs a program on a victim's computer that secretly records their keystrokes. What type of malware is this?

Ransomware

Spyware

Rootkit

Keylogger

Trojan

6 / 30

A cybersecurity analyst wants to check if a company's employees are susceptible to phishing. What is the best way to assess this?

Review firewall logs for phishing attempts

Require all employees to change their passwords daily

Install an IDS to detect phishing emails

Block all incoming email attachments

Conduct a simulated phishing attack

7 / 30

An attacker injects malicious SQL code into a web form to access a database. What type of attack is this?

Cross-site scripting (XSS)

SQL injection

Buffer overflow

Privilege escalation

Denial-of-service (DoS)

8 / 30

A company's security team is implementing network segmentation. What is the primary benefit of this approach?

Increases overall network speed

Prevents all cyberattacks

Reduces the impact of security breaches by limiting lateral movement

Eliminates the need for antivirus software

Makes all network traffic invisible to attackers

9 / 30

A user reports receiving an email from their bank stating that their account has been locked and requesting immediate login to restore access. What type of attack is this?

Whaling

Phishing

Ransomware

Social engineering

Spoofing

10 / 30

A security administrator notices an unusual amount of outbound network traffic late at night from a server that should not be in use. What is the most likely explanation?

A legitimate system update is occurring

The server is backing up data to the cloud

An attacker has installed a backdoor and is exfiltrating data

An administrator is performing routine maintenance

The firewall is misconfigured and allowing unauthorized traffic

11 / 30

A company requires employees to use unique login credentials and keycards for building access. What security principle does this support?

Defense in depth

Role-based access control

Principle of least privilege

Need-to-know

Zero trust

12 / 30

An attacker gains access to a corporate network by disguising themselves as an employee. What type of attack is this?

SQL injection

Ransomware attack

DNS spoofing

Social engineering

Brute force attack

13 / 30

A hacker exploits a software vulnerability before a patch is released. What is this type of attack called?

Zero-day attack

Rootkit attack

Phishing attack

Insider threat

Supply chain attack

14 / 30

What security concept ensures that users cannot deny their actions within a system?

Encryption

Authentication

Non-repudiation

Availability

Confidentiality

15 / 30

A user reports that their device is running slowly and displaying unexpected pop-ups. What is the most likely cause?

Malware infection

Insufficient RAM

Hardware failure

Corrupt operating system

Outdated drivers

16 / 30

A security team implements an air-gapped system for storing highly sensitive information. What does this mean?

The system is connected only to a VPN.

The system has restricted internet access.

The system is isolated from all networks.

The system is backed up to the cloud.

The system is protected by biometric authentication.

17 / 30

A company wants to prevent employees from accessing certain high-risk websites. What security measure should they implement?

IDS

Firewall

VPN

Endpoint encryption

DNS filtering

18 / 30

Which of the following is an example of multi-factor authentication (MFA)?

Username and password

Password and security question

Password and fingerprint scan

Security question and email verification

Security question and username

19 / 30

A hacker attempts to gain access to a system by using a list of common passwords. What is this attack method called?

Brute force attack

Credential stuffing

Keylogging

Dictionary attack

Man-in-the-middle attack

20 / 30

What cybersecurity measure ensures that data is not altered during transmission?

Confidentiality

Integrity

Availability

Authentication

Non-repudiation

21 / 30

A hacker intercepts communication between two users and modifies the transmitted data. What type of attack is this?

Ransomware attack

Man-in-the-middle (MITM) attack

SQL injection attack

Denial-of-service (DoS) attack

Password spraying attack

22 / 30

A network administrator wants to detect unauthorized access attempts in real time. Which security solution should they use?

Firewall

VPN

Network Access Control (NAC)

Intrusion Detection System (IDS)

DNS filtering

23 / 30

An attacker sends a fake login page to an employee, tricking them into entering their credentials. What type of attack is this?

Spoofing

Social engineering

Phishing

Credential stuffing

DNS poisoning

24 / 30

A company's security policy states that employees should only access files necessary for their job roles. What security principle does this follow?

Least privilege

Separation of duties

Defense in depth

Zero trust

Need-to-know

25 / 30

A security engineer wants to test the company's defenses by simulating a cyberattack. What type of assessment should they conduct?

Vulnerability assessment

Risk analysis

Compliance audit

Incident response drill

Penetration test

26 / 30

An employee accidentally installs a malicious application that starts encrypting files on their computer. What type of malware is this?

Worm

Trojan

Ransomware

Spyware

Adware

27 / 30

A security analyst notices that sensitive customer data has been accessed from an unknown foreign IP address. What is the most appropriate response?

Reset the affected user accounts.

Conduct a forensic investigation and notify the cybersecurity team.

Block all foreign IP addresses from network access.

Shut down the network to prevent further attacks.

Implement a company-wide password reset.

28 / 30

A company wants to ensure that all emails are encrypted when sent between employees. Which protocol should they implement?

HTTPS

FTP

TLS

SNMP

ICMP

29 / 30

A user reports receiving an email from their company's HR department asking for their login credentials to verify employment details. What type of attack is this?

Ransomware

DDoS attack

SQL injection

Phishing

Man-in-the-middle attack

30 / 30

A network administrator notices that multiple failed login attempts are coming from an unfamiliar IP address. What is the best immediate action?

Change all user passwords immediately.

Block the IP address at the firewall.

Increase password complexity requirements.

Notify all users about a potential data breach.

Review logs and monitor for further activity before taking action.

Your score is

The average score is 0%