CYBER SECURITY CERT TEST ACTUAL PAPER
2026 QUESTIONS SOLUTIONS GRADED A+
◉ Which of the following is an example of a technical control?
Answer: Antivirus
◉ Which of the following is not an example of protecting data-in-
transit? Answer: Database Encryption
◉ A data center technician needs to securely dispose of several hard
drives for systems that are being decommissioned. What technique
is not sufficient to ensue the data is not recoverable? Answer:
Erasure
◉ A security engineer is trying to decide on the best course of action
to take to block internet traffic from specific IP addresses at the
perimeter of the company network. which of the following controls
would allow the security engineer to configure such rules? Answer:
Network Firewall
◉ Which access control is common used in military and government
environments to protect classified information? Answer: Mandatory
Access Control (MAC)
, ◉ Which method of authentication provides the strongest security?
Answer: Dual-Factor
◉ Mary is conducting a risk analysis for her organization. Her boss,
the CISO, feels strongly that the organization's biggest risk is from
hackers trying to steal intellectual property from their engineering
database server so that is where their defensive focus should lie. this
is an example of what kind of analysis? Answer: Qualitative Risk
Analysis
◉ Which of the following best represents the process for security
risk management? Answer: Risk Identification, assessment,
treatment
◉ Of the job titles listed, which is most likely to be responsible for
risk management if the organization does not have a CISOL or Risk
Officer? Answer: Chief Financial Officer
◉ Which of the following terms describes the output of information
that is run through a hash function? Answer: Message Digest
◉ Which cloud service model gives customers access to platforms
where they can develop, test, and run code for applications in
various programming languages? Answer: Platform as a Service
(PaaS)
2026 QUESTIONS SOLUTIONS GRADED A+
◉ Which of the following is an example of a technical control?
Answer: Antivirus
◉ Which of the following is not an example of protecting data-in-
transit? Answer: Database Encryption
◉ A data center technician needs to securely dispose of several hard
drives for systems that are being decommissioned. What technique
is not sufficient to ensue the data is not recoverable? Answer:
Erasure
◉ A security engineer is trying to decide on the best course of action
to take to block internet traffic from specific IP addresses at the
perimeter of the company network. which of the following controls
would allow the security engineer to configure such rules? Answer:
Network Firewall
◉ Which access control is common used in military and government
environments to protect classified information? Answer: Mandatory
Access Control (MAC)
, ◉ Which method of authentication provides the strongest security?
Answer: Dual-Factor
◉ Mary is conducting a risk analysis for her organization. Her boss,
the CISO, feels strongly that the organization's biggest risk is from
hackers trying to steal intellectual property from their engineering
database server so that is where their defensive focus should lie. this
is an example of what kind of analysis? Answer: Qualitative Risk
Analysis
◉ Which of the following best represents the process for security
risk management? Answer: Risk Identification, assessment,
treatment
◉ Of the job titles listed, which is most likely to be responsible for
risk management if the organization does not have a CISOL or Risk
Officer? Answer: Chief Financial Officer
◉ Which of the following terms describes the output of information
that is run through a hash function? Answer: Message Digest
◉ Which cloud service model gives customers access to platforms
where they can develop, test, and run code for applications in
various programming languages? Answer: Platform as a Service
(PaaS)
