IBM CYBERSECURITY ANALYST
PROFESSIONAL CERTIFICATE. EXAM
UPDATED QUESTIONS AND CORRECT
ANSWERS.
Full-disk encryption - ANS A security technique that encrypts every file and piece of data on
the drive, rendering the contents of the entire disk inaccessible without the password or
decryption key. Full-disk encryption protects sensitive data if a laptop or external drive is lost or
stolen.
Hardcoded credentials - ANS Sensitive pieces of information, such as usernames, passwords,
or API keys, that are sometimes embedded directly into the source code of an application.
HTTP - ANS A foundational application protocol that facilitates communication between web
browsers and web servers.
Incident response - ANS A structured approach that promptly addresses and manages
security incidents, breaches, or cyberattacks.
Ingress filtering - ANS A type of packet filtering that establishes a critical network security
measure where traffic is inspected and managed at the point of entry to the network. The
primary goal of ingress filtering is to allow only authentic and legitimate traffic and block access
to unauthorized or potentially harmful data packets.
1 @COPYRIGHT 2025/2026 ALLRIGHTS RESERVED
, Injection attack - ANS A type of cybersecurity attack that involves a hacker injecting
malicious code into a query, web application, or system, triggering remote commands that
manipulate data on a website or modify a database.
Input validation - ANS A programming technique that ensures data entered into an
application is correct, safe, and in the expected format before processing.
Interactive application security testing (IAST) - ANS A type of application security testing that
combines static and dynamic testing principles, examining the application's code in real-time
while testers interact with the live application.
Intrusion detection and prevention system (IDPS) - ANS A security solution situated just
beyond the firewall that scrutinizes incoming network traffic to identify and manage potential
security threats.
Intrusion detection system (IDS) - ANS A security mechanism that identifies unusual activities
and alerts security administrators or system operators for further analysis.
IP packet - ANS A fundamental unit of data exchanged over the internet or any IP-based
network.
IP spoofing - ANS A technique that involves manipulating packet headers to alter the source
address, concealing the sender's actual origin, or pretending to be another host.
Man-in-the-middle attack - ANS A type of cybersecurity attack that involves intercepting
communication between two systems, modifying the packets, and then forwarding them
without detection by the authentic communicator or recipient.
National Institute of Standards and Technology (NIST) - ANS A physical science laboratory,
currently part of the US Department of Commerce, renowned for establishing industry
standards.
2 @COPYRIGHT 2025/2026 ALLRIGHTS RESERVED
PROFESSIONAL CERTIFICATE. EXAM
UPDATED QUESTIONS AND CORRECT
ANSWERS.
Full-disk encryption - ANS A security technique that encrypts every file and piece of data on
the drive, rendering the contents of the entire disk inaccessible without the password or
decryption key. Full-disk encryption protects sensitive data if a laptop or external drive is lost or
stolen.
Hardcoded credentials - ANS Sensitive pieces of information, such as usernames, passwords,
or API keys, that are sometimes embedded directly into the source code of an application.
HTTP - ANS A foundational application protocol that facilitates communication between web
browsers and web servers.
Incident response - ANS A structured approach that promptly addresses and manages
security incidents, breaches, or cyberattacks.
Ingress filtering - ANS A type of packet filtering that establishes a critical network security
measure where traffic is inspected and managed at the point of entry to the network. The
primary goal of ingress filtering is to allow only authentic and legitimate traffic and block access
to unauthorized or potentially harmful data packets.
1 @COPYRIGHT 2025/2026 ALLRIGHTS RESERVED
, Injection attack - ANS A type of cybersecurity attack that involves a hacker injecting
malicious code into a query, web application, or system, triggering remote commands that
manipulate data on a website or modify a database.
Input validation - ANS A programming technique that ensures data entered into an
application is correct, safe, and in the expected format before processing.
Interactive application security testing (IAST) - ANS A type of application security testing that
combines static and dynamic testing principles, examining the application's code in real-time
while testers interact with the live application.
Intrusion detection and prevention system (IDPS) - ANS A security solution situated just
beyond the firewall that scrutinizes incoming network traffic to identify and manage potential
security threats.
Intrusion detection system (IDS) - ANS A security mechanism that identifies unusual activities
and alerts security administrators or system operators for further analysis.
IP packet - ANS A fundamental unit of data exchanged over the internet or any IP-based
network.
IP spoofing - ANS A technique that involves manipulating packet headers to alter the source
address, concealing the sender's actual origin, or pretending to be another host.
Man-in-the-middle attack - ANS A type of cybersecurity attack that involves intercepting
communication between two systems, modifying the packets, and then forwarding them
without detection by the authentic communicator or recipient.
National Institute of Standards and Technology (NIST) - ANS A physical science laboratory,
currently part of the US Department of Commerce, renowned for establishing industry
standards.
2 @COPYRIGHT 2025/2026 ALLRIGHTS RESERVED
