Certiport Cybersecurity Certification
Exam Questions and Answers (Solved
Papers)
Diamond Model of Intrusion Analysis - Correct Answers ✅A
framework for analyzing cybersecurity incidents and
intrusions by exploring the relationships between four core
features: adversary, capability, infrastructure, and victim
Adversary - Correct Answers ✅Cybercriminals
Capabilites - Correct Answers ✅-Brute-force attacks and
exploits in servers
-Spreading infected links through ads
-Evasive techniques
-Spam campaign in multiple languages
Infrastructure - Correct Answers ✅-Pastebin(to distribute
Powershell scripts)
-Malware distribution network
-Remote Services(VPN's and RDP's)
Victims - Correct Answers ✅Targeted Sectors include:
-Aviation
-Finance
-Government
-Healthcare
,Certiport Cybersecurity Certification
Exam Questions and Answers (Solved
Papers)
-Manufacturing
WEP (Wired Equivalent Privacy) - Correct Answers ✅A key
encryption technique for wireless networks that uses keys
both to authenticate network clients and to encrypt data in
transit.
WPS (Wi-Fi Protected Setup) - Correct Answers ✅A user-
friendly—but not very secure—security setting available on
some consumer-grade APs. Part of the security involves
requiring a PIN in order to access the AP's settings or to
associate a new device with the network. The PIN can be
easily cracked through a brute force attack, so this PIN
feature should be disabled if possible.
WPA(Wireless Protected Access) - Correct Answers ✅is a
security standard for computing devices equipped with
wireless internet connections.
WPA2(Wireless Protected Access 2) - Correct Answers
✅Wireless network encryption system.
AES(Advanced Encryption Standard) is a symmetric block
cipher chosen by the U.S. government to protect classified
information. - Correct Answers ✅-is a symmetric block
,Certiport Cybersecurity Certification
Exam Questions and Answers (Solved
Papers)
cipher chosen by the U.S. government to protect classified
information.
-used in WPA2 encryption
BYOD (bring your own device) - Correct Answers ✅The
practice of allowing users to use their own personal devices
to connect to an organizational network.
COPE(Corporate Owned, Personally Enabled) - Correct
Answers ✅Employees chose from a selection of company
approved devices
CYOD (Choose Your Own Device) - Correct Answers ✅A
mobile device deployment model. Employees can connect
their personally owned device to the network as long as the
device is on a preapproved list.
VDI (Virtual Desktop Infrastructure) - Correct Answers ✅A
virtualization implementation that separates the personal
computing environment from a user's physical computer.
CVE(Common Vulnerabilities and Exposures) - Correct
Answers ✅a tool that determines vulnerabilities in an
operating systems and application software
, Certiport Cybersecurity Certification
Exam Questions and Answers (Solved
Papers)
SIEM (Security Information and Event Management) - Correct
Answers ✅Software that collects and analyzes security
alerts, logs and other real time and historical data from
security devices on the network
SOAR(Security Orchestration, Automation and Response) -
Correct Answers ✅a tool designed to help security teams
manage and respond to the very high number of security
warnings and alarms by combining comprehensive data
gathering and analytics in order to automate incident
responses.
NIST (National Institute of Standards and Technology) -
Correct Answers ✅The NIST Cybersecurity Framework
helps businesses of all sizes better understand, manage, and
reduce their cybersecurity risk and protect their networks and
data.
threat actor - Correct Answers ✅A person or element that
has the power to carry out a threat.
black hat attackers - Correct Answers ✅persons or
organizations that take advantage of any vulnerability for
illegal personal, financial, or political gain
Exam Questions and Answers (Solved
Papers)
Diamond Model of Intrusion Analysis - Correct Answers ✅A
framework for analyzing cybersecurity incidents and
intrusions by exploring the relationships between four core
features: adversary, capability, infrastructure, and victim
Adversary - Correct Answers ✅Cybercriminals
Capabilites - Correct Answers ✅-Brute-force attacks and
exploits in servers
-Spreading infected links through ads
-Evasive techniques
-Spam campaign in multiple languages
Infrastructure - Correct Answers ✅-Pastebin(to distribute
Powershell scripts)
-Malware distribution network
-Remote Services(VPN's and RDP's)
Victims - Correct Answers ✅Targeted Sectors include:
-Aviation
-Finance
-Government
-Healthcare
,Certiport Cybersecurity Certification
Exam Questions and Answers (Solved
Papers)
-Manufacturing
WEP (Wired Equivalent Privacy) - Correct Answers ✅A key
encryption technique for wireless networks that uses keys
both to authenticate network clients and to encrypt data in
transit.
WPS (Wi-Fi Protected Setup) - Correct Answers ✅A user-
friendly—but not very secure—security setting available on
some consumer-grade APs. Part of the security involves
requiring a PIN in order to access the AP's settings or to
associate a new device with the network. The PIN can be
easily cracked through a brute force attack, so this PIN
feature should be disabled if possible.
WPA(Wireless Protected Access) - Correct Answers ✅is a
security standard for computing devices equipped with
wireless internet connections.
WPA2(Wireless Protected Access 2) - Correct Answers
✅Wireless network encryption system.
AES(Advanced Encryption Standard) is a symmetric block
cipher chosen by the U.S. government to protect classified
information. - Correct Answers ✅-is a symmetric block
,Certiport Cybersecurity Certification
Exam Questions and Answers (Solved
Papers)
cipher chosen by the U.S. government to protect classified
information.
-used in WPA2 encryption
BYOD (bring your own device) - Correct Answers ✅The
practice of allowing users to use their own personal devices
to connect to an organizational network.
COPE(Corporate Owned, Personally Enabled) - Correct
Answers ✅Employees chose from a selection of company
approved devices
CYOD (Choose Your Own Device) - Correct Answers ✅A
mobile device deployment model. Employees can connect
their personally owned device to the network as long as the
device is on a preapproved list.
VDI (Virtual Desktop Infrastructure) - Correct Answers ✅A
virtualization implementation that separates the personal
computing environment from a user's physical computer.
CVE(Common Vulnerabilities and Exposures) - Correct
Answers ✅a tool that determines vulnerabilities in an
operating systems and application software
, Certiport Cybersecurity Certification
Exam Questions and Answers (Solved
Papers)
SIEM (Security Information and Event Management) - Correct
Answers ✅Software that collects and analyzes security
alerts, logs and other real time and historical data from
security devices on the network
SOAR(Security Orchestration, Automation and Response) -
Correct Answers ✅a tool designed to help security teams
manage and respond to the very high number of security
warnings and alarms by combining comprehensive data
gathering and analytics in order to automate incident
responses.
NIST (National Institute of Standards and Technology) -
Correct Answers ✅The NIST Cybersecurity Framework
helps businesses of all sizes better understand, manage, and
reduce their cybersecurity risk and protect their networks and
data.
threat actor - Correct Answers ✅A person or element that
has the power to carry out a threat.
black hat attackers - Correct Answers ✅persons or
organizations that take advantage of any vulnerability for
illegal personal, financial, or political gain
