Cisco 100-160 Cisco Certified Support Technician (CCST) Cybersecurity Exam Practice Test

TheCCST Cybersecurity Study Guideexplains thatWPA3is the most current and secure Wi-Fi Protected Access protocol, offering stronger encryption and better protection against brute-force attacks compared to earlier versions.

"WPA3 improves wireless security by using more robust encryption methods and protections against offline password guessing, making it the recommended protocol for securing modern Wi-Fi networks."

(CCST Cybersecurity,Basic Network Security Concepts, Wireless Security Protocols section, Cisco Networking Academy)

TheCCST Cybersecurity Study Guideexplains thatCVSS (Common Vulnerability Scoring System)is a standardized method for rating the severity of software vulnerabilities. It considers exploitability, impact, and environmental factors.

"The Common Vulnerability Scoring System (CVSS) provides a numerical score that reflects the severity of a vulnerability, enabling prioritization of remediation efforts."

(CCST Cybersecurity,Vulnerability Assessment and Risk Management, Vulnerability Scoring section, Cisco Networking Academy)

TheCCST Cybersecurity Study Guideexplains that aBYOD policy(Bring Your Own Device) should outline security requirements for personally owned devices connecting to the corporate network. Common requirements include:

Device encryptionfor stored sensitive corporate data.

Strong password or PINconfiguration for device access.

Restriction to secure and approved applicationsto reduce malware risk.

"BYOD policies typically mandate strong authentication, encryption of sensitive corporate data on personal devices, and installation of secure or approved applications. The goal is to protect corporate information while respecting personal ownership of the device."

(CCST Cybersecurity,Endpoint Security Concepts, BYOD Security section, Cisco Networking Academy)

Ais incorrect: BYOD policies do not require deletion of personal data unless wiping after separation.

Bis not a common requirement due to privacy and technical limitations.

E(upgrading data plans) is unrelated to security.

TheCCST Cybersecurity Study Guideoutlines worm mitigation as a four-step process:

Containment–

"Limit the spread of the worm by segmenting the network and restricting traffic from infected areas."

Inoculation–

"Apply patches or updates to uninfected systems to prevent them from being compromised."

Quarantine–

"Remove or block infected systems from the network to stop further infection."

Treatment–

"Clean and patch infected systems to remove the worm and fix vulnerabilities."

(CCST Cybersecurity,Incident Handling, Malware Mitigation Strategies section, Cisco Networking Academy)

TheCCST Cybersecuritycourse explains that MAC address filtering is a network access control method that allows only approved device hardware addresses to connect. While not foolproof against spoofing, it can block a specific device from reconnecting to a small home network.

"MAC address filtering restricts network access to devices whose unique hardware addresses are explicitly allowed. This can be used to block known unauthorized devices from reconnecting."

(CCST Cybersecurity,Basic Network Security Concepts, Wireless Security Controls section, Cisco Networking Academy)

Ais incorrect: IP ACLs are better for controlling traffic types, not blocking specific devices at the router level.

Bis correct: It prevents the device’s hardware address from reconnecting.

Cis temporary since the host can get a new IP via DHCP.

Dmay hide the network but will not stop a determined attacker who can still detect it.

TheCCST Cybersecurity Study Guidespecifies that bothWiresharkandtcpdumpare packet capture tools that can record network traffic to a file for later analysis.

"Wireshark provides a graphical interface for packet capture and analysis. Tcpdump is a command-line tool that captures packets for detailed offline review."

(CCST Cybersecurity,Incident Handling, Network Traffic Analysis section, Cisco Networking Academy)

Ais correct: Wireshark is widely used for packet capture and analysis.

Bis correct: tcpdump is a CLI-based packet capture tool.

C(Nmap) is for network scanning, not packet capture.

D(netstat) displays network connections and ports but does not capture packets.

TheCCST Cybersecurity Study Guidestates that vulnerability scanning is an automated process used to identify known security weaknesses in systems, software, and network devices. These scans compare system configurations and software versions against databases of known vulnerabilities, such as the Common Vulnerabilities and Exposures (CVE) list.

"A vulnerability scan is an automated test that checks systems and networks for known weaknesses by matching them against a database of vulnerabilities such as CVEs. This allows administrators to identify exploitable conditions before they are leveraged by attackers."

(CCST Cybersecurity,Vulnerability Assessment and Risk Management, Vulnerability Scanning section, Cisco Networking Academy)

Ais asset discovery, not vulnerability scanning.

Bmay be part of remediation planning but is not the primary purpose.

Cis correct: Scans detect if systems have vulnerabilities associated with CVEs.

Ddescribes SIEM (Security Information and Event Management) log correlation, not vulnerability scanning.

TheCCST Cybersecuritymaterial describes that the first step after receiving a new CVE notification is toreview its details—such as affected systems, severity, and exploitability—to determine if it is relevant to your organization.

"Upon learning of a new CVE, security teams should analyze the vulnerability description, affected products, and CVSS score to determine applicability and urgency of mitigation."

(CCST Cybersecurity,Vulnerability Assessment and Risk Management, Vulnerability Prioritization section, Cisco Networking Academy)

Ais correct: Confirming applicability avoids unnecessary remediation for irrelevant vulnerabilities.

Bis done after confirming applicability.

C(disaster recovery plan) is unrelated to immediate CVE handling.

D(adding to firewall rules) is premature without confirming impact.