Page | 1
CREST CPSA UPDATED EXAM WITH
VERIFIED SOLUTIONS.
HTTP Web Methods - correct answer -*Risky Methods are
marked with a star
GET
HEAD (similar to GET)
POST
PUT*
DELETE*
CONNECT*
OPTIONS
TRACE*
PATCH
LDAP Injection - correct answer -An attack that allows for the
construction of LDAP statements based on user input statements,
which can then be used to access the LDAP database or modify
the database's information
, Page | 2
Base64 Encoding - correct answer -An encoding scheme which
represents any binary data using only printable ASCII characters.
Usually used for encoding email attachments over SMTP
OSSTMM - correct answer -Open Source Security Testing
Methodology Manual
ISECOM - correct answer -Institute for Security and Open
Methodologies
OWASP - correct answer -Open Web Application Security Project
PTES - correct answer -Pen Testing Execution Standard
CPNI - correct answer -Centre for the Protection of National
Infrastructure (UK best practices)
Police and Justice Act 2006 - correct answer -Defines police
limitations of searching tech
, Page | 3
Computer Fraud and Abuse Act of 1986 - correct answer -This act
defines cybercrime as any illegal act for which knowledge of
computer technology is essential for its perpetration, investigation,
or prosecution; currently being evaluated for revision because
much of its language was developed before the Internet boom
HIPAA - correct answer -Health Insurance Portability and
Accountability Act
FISMA - correct answer -Federal Information Security
Management Act
GLBA - correct answer -Gramm-Leach-Bliley Act
TCP - correct answer -Transmission Control Protocol
UDP - correct answer -User Datagram Protocol
, Page | 4
Port 21 - correct answer -FTP
FTP - correct answer -File Transfer Protocol
Port 22 - correct answer -SSH
SSH - correct answer -Secure Shell
Port 23 - correct answer -Telnet
Port 25 - correct answer -SMTP
SMTP - correct answer -Simple Mail Transfer Protocol
Port 49 - correct answer -TACACS
CREST CPSA UPDATED EXAM WITH
VERIFIED SOLUTIONS.
HTTP Web Methods - correct answer -*Risky Methods are
marked with a star
GET
HEAD (similar to GET)
POST
PUT*
DELETE*
CONNECT*
OPTIONS
TRACE*
PATCH
LDAP Injection - correct answer -An attack that allows for the
construction of LDAP statements based on user input statements,
which can then be used to access the LDAP database or modify
the database's information
, Page | 2
Base64 Encoding - correct answer -An encoding scheme which
represents any binary data using only printable ASCII characters.
Usually used for encoding email attachments over SMTP
OSSTMM - correct answer -Open Source Security Testing
Methodology Manual
ISECOM - correct answer -Institute for Security and Open
Methodologies
OWASP - correct answer -Open Web Application Security Project
PTES - correct answer -Pen Testing Execution Standard
CPNI - correct answer -Centre for the Protection of National
Infrastructure (UK best practices)
Police and Justice Act 2006 - correct answer -Defines police
limitations of searching tech
, Page | 3
Computer Fraud and Abuse Act of 1986 - correct answer -This act
defines cybercrime as any illegal act for which knowledge of
computer technology is essential for its perpetration, investigation,
or prosecution; currently being evaluated for revision because
much of its language was developed before the Internet boom
HIPAA - correct answer -Health Insurance Portability and
Accountability Act
FISMA - correct answer -Federal Information Security
Management Act
GLBA - correct answer -Gramm-Leach-Bliley Act
TCP - correct answer -Transmission Control Protocol
UDP - correct answer -User Datagram Protocol
, Page | 4
Port 21 - correct answer -FTP
FTP - correct answer -File Transfer Protocol
Port 22 - correct answer -SSH
SSH - correct answer -Secure Shell
Port 23 - correct answer -Telnet
Port 25 - correct answer -SMTP
SMTP - correct answer -Simple Mail Transfer Protocol
Port 49 - correct answer -TACACS
