FEDVTE CISCO CCNA SECURITY SELF-STUDY
PREP 2026 EXAM PREP SCRIPT FULL QUESTION
SET APPROVED
◉ What is a benefit to an organization of using SOAR as part of the
SIEM system? Answer: SOAR automates incident investigation and
responds to workflows based on playbooks.
◉ The term cyber operations analyst refers to which group of
personnel in a SOC? Answer: Tier 1 personnel
◉ What is a benefit to an organization of using SOAR as part of the
SIEM system? Answer: SOC Manager
Incident Reporter
Threat Hunter
Alert Analyst
Navigation Bar
◉ An SOC is searching for a professional to fill a job opening. The
employee must have expert-level skills in networking, endpoint,
threat intelligence, and malware reverse engineering in order to
search for cyber threats hidden within the network. Which job
,within an SOC requires a professional with those skills? Answer:
Threat Hunter
◉ Which three are major categories of elements in a security
operations center? (Choose three.) Answer: technologies
people
processes
◉ Which three technologies should be included in a SOC security
information and event management system? (Choose three.)
Answer: security monitoring
threat intelligence
log management
◉ Which KPI metric does SOAR use to measure the time required to
stop the spread of malware in the network? Answer: Time to Control
◉ How does a security information and event management system
(SIEM) in a SOC help the personnel fight against security threats?
Answer: by combining data from multiple technologies
◉ Which organization is an international nonprofit organization that
offers the CISSP certification? Answer: (ISC) 2
,◉ Which example illustrates how malware might be concealed?
Answer: An email is sent to the employees of an organization with
an attachment that looks like an antivirus update, but the
attachment actually consists of spyware
◉ A group of users on the same network are all complaining about
their computers running slowly. After investigating, the technician
determines that these computers are part of a zombie network.
Which type of malware is used to control these computers? Answer:
spyware
◉ Which regulatory law regulates the identification, storage, and
transmission of patient personal healthcare information? Answer:
HIPAA
◉ When a user turns on the PC on Wednesday, the PC displays a
message indicating that all of the user files have been locked. In
order to get the files unencrypted, the user is supposed to send an
email and include a specific ID in the email title. The message also
includes ways to buy and submit bitcoins as payment for the file
decryption. After inspecting the message, the technician suspects a
security breach occurred. What type of malware could be
responsible? Answer: ransomware
◉ What are two examples of personally identifiable information
(PII)? (Choose two.) Answer: street address
, credit card number
◉ What is the dark web? Answer: It is part of the internet that can
only be accessed with special software.
◉ Which statement describes cyberwarfare? Answer: It is Internet-
based conflict that involves the penetration of information systems
of other nations.
◉ What is the main purpose of cyberwarfare? Answer: to gain
advantage over adversaries
◉ What job would require verification that an alert represents a true
security incident or a false positive? Answer: Alert Analyst
◉ Why do IoT devices pose a greater risk than other computing
devices on a network? Answer: Most IoT devices do not receive
frequent firmware updates.
◉ A worker in the records department of a hospital accidentally
sends a medical record of a patient to a printer in another
department. When the worker arrives at the printer, the patient
record printout is missing. What breach of confidentiality does this
situation describe? Answer: PHI
PREP 2026 EXAM PREP SCRIPT FULL QUESTION
SET APPROVED
◉ What is a benefit to an organization of using SOAR as part of the
SIEM system? Answer: SOAR automates incident investigation and
responds to workflows based on playbooks.
◉ The term cyber operations analyst refers to which group of
personnel in a SOC? Answer: Tier 1 personnel
◉ What is a benefit to an organization of using SOAR as part of the
SIEM system? Answer: SOC Manager
Incident Reporter
Threat Hunter
Alert Analyst
Navigation Bar
◉ An SOC is searching for a professional to fill a job opening. The
employee must have expert-level skills in networking, endpoint,
threat intelligence, and malware reverse engineering in order to
search for cyber threats hidden within the network. Which job
,within an SOC requires a professional with those skills? Answer:
Threat Hunter
◉ Which three are major categories of elements in a security
operations center? (Choose three.) Answer: technologies
people
processes
◉ Which three technologies should be included in a SOC security
information and event management system? (Choose three.)
Answer: security monitoring
threat intelligence
log management
◉ Which KPI metric does SOAR use to measure the time required to
stop the spread of malware in the network? Answer: Time to Control
◉ How does a security information and event management system
(SIEM) in a SOC help the personnel fight against security threats?
Answer: by combining data from multiple technologies
◉ Which organization is an international nonprofit organization that
offers the CISSP certification? Answer: (ISC) 2
,◉ Which example illustrates how malware might be concealed?
Answer: An email is sent to the employees of an organization with
an attachment that looks like an antivirus update, but the
attachment actually consists of spyware
◉ A group of users on the same network are all complaining about
their computers running slowly. After investigating, the technician
determines that these computers are part of a zombie network.
Which type of malware is used to control these computers? Answer:
spyware
◉ Which regulatory law regulates the identification, storage, and
transmission of patient personal healthcare information? Answer:
HIPAA
◉ When a user turns on the PC on Wednesday, the PC displays a
message indicating that all of the user files have been locked. In
order to get the files unencrypted, the user is supposed to send an
email and include a specific ID in the email title. The message also
includes ways to buy and submit bitcoins as payment for the file
decryption. After inspecting the message, the technician suspects a
security breach occurred. What type of malware could be
responsible? Answer: ransomware
◉ What are two examples of personally identifiable information
(PII)? (Choose two.) Answer: street address
, credit card number
◉ What is the dark web? Answer: It is part of the internet that can
only be accessed with special software.
◉ Which statement describes cyberwarfare? Answer: It is Internet-
based conflict that involves the penetration of information systems
of other nations.
◉ What is the main purpose of cyberwarfare? Answer: to gain
advantage over adversaries
◉ What job would require verification that an alert represents a true
security incident or a false positive? Answer: Alert Analyst
◉ Why do IoT devices pose a greater risk than other computing
devices on a network? Answer: Most IoT devices do not receive
frequent firmware updates.
◉ A worker in the records department of a hospital accidentally
sends a medical record of a patient to a printer in another
department. When the worker arrives at the printer, the patient
record printout is missing. What breach of confidentiality does this
situation describe? Answer: PHI
