Cisco Certified Support Technician (CCST) Cybersecurity 100-160 CCST Cybersecurity Exam Questions

Answer : C, D, F

The CCST Cybersecurity Study Guide explains that a BYOD policy (Bring Your Own Device) should outline security requirements for personally owned devices connecting to the corporate network. Common requirements include:

Device encryption for stored sensitive corporate data.

Strong password or PIN configuration for device access.

Restriction to secure and approved applications to reduce malware risk.

'BYOD policies typically mandate strong authentication, encryption of sensitive corporate data on personal devices, and installation of secure or approved applications. The goal is to protect corporate information while respecting personal ownership of the device.'

(CCST Cybersecurity, Endpoint Security Concepts, BYOD Security section, Cisco Networking Academy)

A is incorrect: BYOD policies do not require deletion of personal data unless wiping after separation.

B is not a common requirement due to privacy and technical limitations.

E (upgrading data plans) is unrelated to security.

Answer : C

The CCST Cybersecurity Study Guide specifies that AES (Advanced Encryption Standard) is the encryption method used in modern WiFi security protocols like WPA2 and WPA3.

'WPA2 and WPA3 use the Advanced Encryption Standard (AES) for securing wireless traffic. AES provides strong symmetric encryption, replacing outdated methods like WEP and TKIP.'

(CCST Cybersecurity, Basic Network Security Concepts, Wireless Security section, Cisco Networking Academy)

A (DES) is outdated and insecure.

B (Triple DES) is older and slower, rarely used in WiFi.

C is correct: AES is the industry standard for WiFi security.

D (RSA) is asymmetric encryption used in key exchange, not bulk WiFi encryption.

Answer : A, B

The CCST Cybersecurity Study Guide specifies that both Wireshark and tcpdump are packet capture tools that can record network traffic to a file for later analysis.

'Wireshark provides a graphical interface for packet capture and analysis. Tcpdump is a command-line tool that captures packets for detailed offline review.'

(CCST Cybersecurity, Incident Handling, Network Traffic Analysis section, Cisco Networking Academy)

A is correct: Wireshark is widely used for packet capture and analysis.

B is correct: tcpdump is a CLI-based packet capture tool.

C (Nmap) is for network scanning, not packet capture.

D (netstat) displays network connections and ports but does not capture packets.

Answer : B

In the CCST Cybersecurity course, Windows Event Viewer Error events in the Application log indicate a severe problem that caused an application or component to fail. This usually requires investigation or repair.

'Error events indicate a significant problem such as a loss of functionality in an application or system component. Errors are often critical and need immediate attention.'

(CCST Cybersecurity, Incident Handling, Event Logging and Analysis section, Cisco Networking Academy)

A is incorrect: Performance slowness would usually generate warnings, not errors.

B is correct: An 'Error' level in Event Viewer means the application failed in some way.

C is incorrect: That describes an 'Information' event, not an error.

D is incorrect: That also corresponds to an 'Information' event.

Answer : D

The CCST Cybersecurity Study Guide explains that hard disk encryption is a method used to protect data stored on a physical device from unauthorized access.

'Data at rest refers to data stored on a device, such as files on a hard drive, SSD, or removable media. Hard disk encryption protects data at rest by converting it into an unreadable format unless accessed with the correct decryption key.'

(CCST Cybersecurity, Essential Security Principles, Data States and Protection Methods section, Cisco Networking Academy)

Data in process refers to data actively being handled by applications in memory (RAM), which is not the primary target of disk encryption.

Data in transit is protected via encryption methods such as TLS, not disk encryption.

Data in use is accessed and manipulated by programs in real-time, also not the primary scope of disk encryption.

Data at rest is the correct answer, as hard disk encryption directly safeguards stored files.

Answer : A

The CCST Cybersecurity course identifies Windows PowerShell as both a command-line interface (CLI) and a robust scripting environment. It is used by system administrators for automation, configuration, and task scheduling.

'PowerShell is a Windows command-line shell and scripting language built on the .NET framework. It allows administrators to automate administrative tasks, manage system configurations, and execute complex scripts for system management.'

(CCST Cybersecurity, Endpoint Security Concepts, System Administration Tools section, Cisco Networking Academy)

A is correct: PowerShell provides both interactive command execution and scripting capabilities.

B (MMC) is a GUI-based management console, not a CLI.

C (Vim) is a text editor, not a Windows-native CLI.

D (MS-DOS) is a legacy command shell with no advanced scripting features comparable to PowerShell.

Answer : D

The CCST Cybersecurity Study Guide explains that CVSS (Common Vulnerability Scoring System) is a standardized method for rating the severity of software vulnerabilities. It considers exploitability, impact, and environmental factors.

'The Common Vulnerability Scoring System (CVSS) provides a numerical score that reflects the severity of a vulnerability, enabling prioritization of remediation efforts.'

(CCST Cybersecurity, Vulnerability Assessment and Risk Management, Vulnerability Scoring section, Cisco Networking Academy)