New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtick70

212-82 Certified Cybersecurity Technician (CCT) Questions and Answers

Questions 4

A threat intelligence feed data file has been acquired and stored in the Documents folder of Attacker Machine-1 (File Name: Threatfeed.txt). You are a cybersecurity technician working for an ABC organization. Your organization has assigned you a task to analyze the data and submit a report on the threat landscape. Select the IP address linked with http://securityabc.s21sec.com.

Options:

A.

5.9.200.200

B.

5.9.200.150

C.

5.9.110.120

D.

5.9.188.148

Buy Now
Questions 5

GlobalTech, a multinational corporation with over 10.000employees, has seen a surge in mobile device usage among its workforce. The IT department Is tasked with deploying a robust mobile security management solution that caters not only to the security of data but also provides flexibility in device choices and keeps administrative overhead low. Which of the following would be the best solution for GlobalTech?

Options:

A.

Mobile Application Management (MAM)

B.

Mobile Device Management (MDM)

C.

Unified Endpoint Management (UEM)

D.

Containerization Solutions

Buy Now
Questions 6

Mark, a security analyst, was tasked with performing threat hunting to detect imminent threats in an organization's network. He generated a hypothesis based on the observations in the initial step and started the threat-hunting process using existing data collected from DNS and proxy logs.

Identify the type of threat-hunting method employed by Mark in the above scenario.

Options:

A.

Entity-driven hunting

B.

TTP-driven hunting

C.

Data-driven hunting

D.

Hybrid hunting

Buy Now
Questions 7

Karter, a security professional, deployed a honeypot on the organization's network for luring attackers who attempt to breach the network. For this purpose, he configured a type of honeypot that simulates a real OS as well as the applications and services of a target network. Furthermore, the honeypot deployed by Karter only responds to pre-configured commands.

Identify the type of Honeypot deployed by Karter in the above scenario.

Options:

A.

Low-interaction honeypot

B.

Pure honeypot

C.

Medium-interaction honeypot

D.

High-interaction honeypot

Buy Now
Questions 8

Initiate an SSH Connection to a machine that has SSH enabled in the network. After connecting to the machine find the file flag.txt and choose the content hidden in the file. Credentials for SSH login are provided below:

Hint:

Username: sam

Password: admin@l23

Options:

A.

sam@bob

B.

bob2@sam

C.

bob@sam

D.

sam2@bob

Buy Now
Questions 9

As a cybersecurity technician, you were assigned to analyze the file system of a Linux image captured from a device that has been attacked recently. Study the forensic image'Evidenced.img" in the Documents folder of the "Attacker Machine-1" and identify a user from the image file. (Practical Question)

Options:

A.

smith

B.

attacker

C.

roger

D.

john

Buy Now
Questions 10

Mark, a security analyst, was tasked with performing threat hunting to detect imminent threats in an organization's network. He generated a hypothesis based on the observations in the initial step and started the threat-hunting process using existing data collected from DNS and proxy logs.

Identify the type of threat-hunting method employed by Mark in the above scenario.

Options:

A.

Entity-driven hunting

B.

TTP-driven hunting

C.

Data-driven hunting

D.

Hybrid hunting

Buy Now
Questions 11

Myles, a security professional at an organization, provided laptops for all the employees to carry out the business processes from remote locations. While installing necessary applications required for the business, Myles has also installed antivirus software on each laptop following the company's policy to detect and protect the machines from external malicious events over the Internet.

Identify the PCI-DSS requirement followed by Myles in the above scenario.

Options:

A.

PCI-DSS requirement no 1.3.2

B.

PCI-DSS requirement no 1.3.5

C.

PCI-DSS requirement no 5.1

D.

PCI-DSS requirement no 1.3.1

Buy Now
Questions 12

A web application, www.moviescope.com, was found to be prone to SQL injection attacks. You are tasked to exploit the web application and fetch the user data. Identify the contact number (Contact) of a user, Steve, in the moviescope database. Note: You already have an account on the web application, and your credentials are sam/test. (Practical Question)

Options:

A.

1-202-509-7316

B.

1-202-509-7432

C.

01-202-509-7364

D.

1-202-509-8421

Buy Now
Questions 13

Matias, a network security administrator at an organization, was tasked with the implementation of secure wireless network encryption for their network. For this purpose, Matias employed a security solution that uses 256-bit Galois/Counter Mode Protocol (GCMP-256) to maintain the authenticity and confidentiality of data.

Identify the type of wireless encryption used by the security solution employed by Matias in the above scenario.

Options:

A.

WPA2 encryption

B.

WPA3 encryption

C.

WEP encryption

D.

WPA encryption

Buy Now
Questions 14

A pfSense firewall has been configured to block a web application www.abchacker.com. Perform an analysis on the rules set by the admin and select the protocol which has been used to apply the rule.

Hint: Firewall login credentials are given below:

Username: admin

Password: admin@l23

Options:

A.

POP3

B.

TCP/UDP

C.

FTP

D.

ARP

Buy Now
Questions 15

Riley sent a secret message to Louis. Before sending the message, Riley digitally signed the message using his private key. Louis received the message, verified the digital signature using the corresponding key to ensure that the message was not tampered during transit.

Which of the following keys did Louis use to verify the digital signature in the above scenario?

Options:

A.

Riley's public key

B.

Louis's public key

C.

Riley's private key

D.

Louis's private key

Buy Now
Questions 16

A web application www.movieabc.com was found to be prone to SQL injection attack. You are given a task to exploit the web application and fetch the user credentials. Select the UID which is mapped to user john in the database table.

Note:

Username: sam

Pass: test

Options:

A.

5

B.

3

C.

2

D.

4

Buy Now
Questions 17

An IoT device that has been placed in a hospital for safety measures, it has sent an alert command to the server. The network traffic has been captured and stored in the Documents folder of the Attacker Machine-1. Analyze the loTdeviceTraffic.pcapng file and select the appropriate command that was sent by the IoT device over the network.

Options:

A.

Tempe_Low

B.

Low_Tempe

C.

Temp_High

D.

High_Tempe

Buy Now
Questions 18

FinTech Corp, a financial services software provider, handles millions of transactions daily. To address recent breaches In other organizations. It Is reevaluating Its data security controls. It specifically needs a control that will not only provide real-time protection against threats but also assist in achieving compliance with global financial regulations. The company's primary goal is to safeguard sensitive transactional data without impeding system performance. Which of the following controls would be the most suitable for FinTech Corp's objectives?

Options:

A.

Switching to disk-level encryption for all transactional databases

B.

Implementing DLP (Data Loss Prevention) systems

C.

Adopting anomaly-based intrusion detection systems

D.

Enforcing Two-Factor Authentication for all database access

Buy Now
Questions 19

An organization hired a network operations center (NOC) team to protect its IT infrastructure from external attacks. The organization utilized a type of threat intelligence to protect its resources from evolving threats. The threat intelligence helped the NOC team understand how attackers are expected to perform an attack on the organization, identify the information leakage, and determine the attack goals as well as attack vectors.

Identify the type of threat intelligence consumed by the organization in the above scenario.

Options:

A.

Operational threat intelligence

B.

Strategic threat intelligence

C.

Technical threat intelligence

D.

Tactical threat intelligence

Buy Now
Questions 20

You are investigating a data leakage incident where an insider is suspected of using image steganography to send sensitive information to a competitor. You have also recovered a VeraCrypt volume file S3cr3t from the suspect. The VeraCrypt volume file is available In the Pictures folder of the Attacker Machined. Your task Is to mount the VeraCrypt volume, find an image file, and recover the secret code concealed in the file. Enter the code as the answer. Hint: If required, use sniffer@123 as the password to mount the VeraCrypt volume file.(Practical Question)

Options:

A.

L76D2E8CBA1K

B.

H364F9F4FD3H

C.

J782C8C2EH6J

D.

G85E2C7AB1R6

Buy Now
Questions 21

Hayes, a security professional, was tasked with the implementation of security controls for an industrial network at the Purdue level 3.5 (IDMZ). Hayes verified all the possible attack vectors on the IDMZ level and deployed a security control that fortifies the IDMZ against cyber-attacks.

Identify the security control implemented by Hayes in the above scenario.

Options:

A.

Point-to-po int communication

B.

MAC authentication

C.

Anti-DoS solution

D.

Use of authorized RTU and PLC commands

Buy Now
Questions 22

You are a penetration tester working to test the user awareness of the employees of the client xyz. You harvested two employees' emails from some public sources and are creating a client-side backdoor to send it to the employees via email. Which stage of the cyber kill chain are you at?

Options:

A.

Reconnaissance

B.

Command and control

C.

Weaponization

D.

Exploitation

Buy Now
Questions 23

As the IT security manager for a burgeoning e-commerce company, you're keen on implementing a formal risk management framework to proactively tackle security risks associated with the company's rapid online expansion. Given your focus one-commerce and the need for scalability, which risk management framework is likely the most relevant?

Options:

A.

ISO 27001 - Provides a comprehensive information security management system (ISMS).

B.

NIST Cybersecurity Framework (CSF) - Offers a general, customizable approach.

C.

PCI DSS (Payment Card Industry Data Security Standard) - Targets credit card data security specifically.

D.

COBIT (Control Objectives for Information and Related Technology) - Focuses on IT governance and control processes.

Buy Now
Questions 24

Elliott, a security professional, was appointed to test a newly developed application deployed over an organizational network using a Bastion host. Elliott initiated the process by configuring the nonreusable bastion host. He then tested the newly developed application to identify the presence of security flaws that were not yet known; further, he executed services that were not secure. identify the type of bastion host configured by Elliott in the above scenario.

Options:

A.

External services hosts

B.

Victim machines

C.

One-box firewalls

D.

Non-routing dual-homed hosts

Buy Now
Questions 25

As the director of cybersecurity for a prominent financial Institution, you oversee the security protocols for a vast array of digital operations. The institution recently transitioned to a new core banking platform that integrates an artificial intelligence (Al)-based fraud detection system. This system monitors real-time transactions, leveraging pattern recognition and behavioral analytics.

A week post-transition, you are alerted to abnormal behavior patterns in the Al system. On closer examination, the system is mistakenly flagging genuine transactions as fraudulent, causing a surge in false positives. This not only disrupts the customers' banking experience but also strains the manual review team. Preliminary investigations suggest subtle data poisoning attacks aiming to compromise the Al's training data, skewing its decision-making ability. To safeguard the Al-based fraud detection system and maintain the integrity of your financial data, which of the following steps should be your primary focus?

Options:

A.

Collaborate with the Al development team to retrain the model using only verified transaction data and implement real time monitoring to detect data poisoning attempts.

B.

Migrate back to the legacy banking platform until the new system is thoroughly vetted and all potential vulnerabilities are addressed.

C.

Liaise with third-party cybersecurity firms to conduct an exhaustive penetration test on the entire core banking platform, focusing on potential data breach points.

D.

Engage in extensive customer outreach programs, urging them to report any discrepancies in their transaction records, and manually verifying flagged transactions.

Buy Now
Questions 26

Leilani, a network specialist at an organization, employed Wireshark for observing network traffic. Leilani navigated to the Wireshark menu icon that contains items to manipulate, display and apply filters, enable, or disable the dissection of protocols, and configure user-specified decodes.

Identify the Wireshark menu Leilani has navigated in the above scenario.

Options:

A.

Statistics

B.

Capture

C.

Main toolbar

D.

Analyze

Buy Now
Questions 27

A disgruntled employee transferred highly confidential tender data of upcoming projects as an encoded text. You are assigned to decode the text file snitch.txt located in the Downloads folder of the Attacker Machined and determine the value of the greenfarm project in dollars. Hint 1: All the cryptography tools are located at "Z:\CCT-Tools\CCT Module 14 Cryptography". Hint 2: If required, you can use sniffer@123 as the password to decode the file. (Practical Question)

Options:

A.

9S000

B.

36000

C.

80000

D.

75000

Buy Now
Questions 28

Rickson, a security professional at an organization, was instructed to establish short-range communication between devices within a range of 10 cm. For this purpose, he used a mobile connection method that employs electromagnetic induction to enable communication between devices. The mobile connection method selected by Rickson can also read RFID tags and establish Bluetooth connections with nearby devices to exchange information such as images and contact lists.

Which of the following mobile connection methods has Rickson used in above scenario?

Options:

A.

NFC

B.

Satcom

C.

Cellular communication

D.

ANT

Buy Now
Questions 29

Jase. a security team member at an organization, was tasked with ensuring uninterrupted business operations under hazardous conditions. Thus, Jase implemented a deterrent control strategy to minimize the occurrence of threats, protect critical business areas, and mitigate the impact of threats. Which of the following business continuity and disaster recovery activities did Jase perform in this scenario?

Options:

A.

Prevention

B.

Response

C.

Restoration

D.

Recovery

Buy Now
Questions 30

Bob was recently hired by a medical company after it experienced a major cyber security breach. Many patients are complaining that their personal medical records are fully exposed on the Internet and someone can find them with a simple Google search. Bob's boss is very worried because of regulations that protect those data. Which of the following regulations is mostly violated?

Options:

A.

HIPPA/PHl

B.

Pll

C.

PCIDSS

D.

ISO 2002

Buy Now
Questions 31

You are Harris working for a web development company. You have been assigned to perform a task for vulnerability assessment on the given IP address 20.20.10.26. Select the vulnerability that may affect the website according to the severity factor.

Hint: Greenbone web credentials: admin/password

Options:

A.

TCP timestamps

B.

Anonymous FTP Login Reporting

C.

FTP Unencrypted Cleartext Login

D.

UDP timestamps

Buy Now
Questions 32

Zion belongs to a category of employees who are responsible for implementing and managing the physical security equipment installed around the facility. He was instructed by the management to check the functionality of equipment related to physical security. Identify the designation of Zion.

Options:

A.

Supervisor

B.

Chief information security officer

C.

Guard

D.

Safety officer

Buy Now
Questions 33

An organization divided its IT infrastructure into multiple departments to ensure secure connections for data access. To provide high-speed data access, the administrator implemented a PAID level that broke data into sections and stored them across multiple drives. The storage capacity of this RAID level was equal to the sum of disk capacities in the set. which of the following RAID levels was implemented by the administrator in the above scenario?

Options:

A.

RAID Level 0

B.

RAID Level 3

C.

RAID Level 5

D.

RAID Level 1

Buy Now
Questions 34

Finley, a security professional at an organization, was tasked with monitoring the organizational network behavior through the SIEM dashboard. While monitoring, Finley noticed suspicious activities in the network; thus, he captured and analyzed a single network packet to determine whether the signature included malicious patterns. Identify the attack signature analysis technique employed by Finley in this scenario.

Options:

A.

Context-based signature analysis

B.

Atomic-signature-based analysis

C.

Composite signature-based analysis

D.

Content-based signature analysis

Buy Now
Questions 35

Steve, a network engineer, was tasked with troubleshooting a network issue that is causing unexpected packet drops. For this purpose, he employed a network troubleshooting utility to capture the ICMP echo request packets sent to the server. He identified that certain packets are dropped at the gateway due to poor network connection.

Identify the network troubleshooting utility employed by Steve in the above scenario.

Options:

A.

dnsenurn

B.

arp

C.

traceroute

D.

ipconfig

Buy Now
Questions 36

Rickson, a security professional at an organization, was instructed to establish short-range communication between devices within a range of 10 cm. For this purpose, he used a mobile connection method that employs electromagnetic induction to enable communication between devices. The mobile connection method selected by Rickson can also read RFID tags and establish Bluetooth connections with nearby devices to exchange information such as images and contact lists.

Which of the following mobile connection methods has Rickson used in above scenario?

Options:

A.

NFC

B.

Satcom

C.

Cellular communication

D.

ANT

Buy Now
Questions 37

Anderson, a security engineer, was Instructed to monitor all incoming and outgoing traffic on the organization's network to identify any suspicious traffic. For this purpose, he employed an analysis technique using which he analyzed packet header fields such as IP options, IP protocols, IP fragmentation flags, offset, and identification to check whether any fields are altered in transit.

Identify the type of attack signature analysis performed by Anderson in the above scenario.

Options:

A.

Context-based signature analysis

B.

Atomic-signature-based analysis

C.

Composite-signature-based analysis

D.

Content-based signature analysis

Buy Now
Questions 38

TechTonic, a leading software solution provider, is incorporating stringent cybersecurity measures for their Windows-based server farm. Recently, it noticed a series of unauthorized activities within its systems but could not trace back tot he origins. The company Intends to bolster Its monitoring capabilities by comprehensively analyzing Windows system logs. Which strategy should TechTonic prioritize to gain an insightful and effective analysis of its Windows logs, aiming to trace potential intrusions?

Options:

A.

Implement a centralized logging server and analyze logs using pattern-detection algorithms.

B.

Set up monitoring only for Windows Event Log IDs commonly associated with security breaches.

C.

Routinely back up logs every week and conduct a monthly manual review to detect anomalies.

D.

Focus solely on logs from critical servers, assuming other logs are less consequential.

Buy Now
Questions 39

Andre, a security professional, was tasked with segregating the employees' names, phone numbers, and credit card numbers before sharing the database with clients. For this purpose, he implemented a deidentification technique that can replace the critical information in database fields with special characters such as asterisks (*) and hashes (#).

Which of the following techniques was employed by Andre in the above scenario?

Options:

A.

Tokenization

B.

Masking

C.

Hashing

D.

Bucketing

Buy Now
Questions 40

Alex, a certified security professional, works for both aggressor and defender teams. His team's main responsibility involves enhancing protection and boosting the security standards of the organization. Identify Alex's team in this scenario.

Options:

A.

White team

B.

Purple learn

C.

Blue team

D.

Red team

Buy Now
Questions 41

An attacker with malicious intent used SYN flooding technique to disrupt the network and gain advantage over the network to bypass the Firewall. You are working with a security architect to design security standards and plan for your organization. The network traffic was captured by the SOC team and was provided to you to perform a detailed analysis. Study the Synflood.pcapng file and determine the source IP address.

Note: Synflood.pcapng file is present in the Documents folder of Attacker-1 machine.

Options:

A.

20.20.10.180

B.

20.20.10.19

C.

20.20.10.60

D.

20.20.10.59

Buy Now
Questions 42

Matias, a network security administrator at an organization, was tasked with the implementation of secure wireless network encryption for their network. For this purpose, Matias employed a security solution that uses 256-bit Galois/Counter Mode Protocol (GCMP-256) to maintain the authenticity and confidentiality of data.

Identify the type of wireless encryption used by the security solution employed by Matias in the above scenario.

Options:

A.

WPA2 encryption

B.

WPA3 encryption

C.

WEP encryption

D.

WPA encryption

Buy Now
Questions 43

Richard, a professional hacker, was hired by a marketer to gather sensitive data and information about the offline activities of users from location data. Richard employed a technique to determine the proximity of a user's mobile device to an exact location using CPS features. Using this technique. Richard placed a virtual barrier positioned at a static location to interact with mobile users crossing the barrier, identify the technique employed by Richard in this scenario.

Options:

A.

Containerization

B.

Over-the-air (OTA) updates

C.

Full device encryption

D.

Ceofencing

Buy Now
Questions 44

RAT has been setup in one of the machines connected to the network to steal the important Sensitive corporate docs located on Desktop of the server, further investigation revealed the IP address of the server 20.20.10.26. Initiate a remote connection using thief client and determine the number of files present in the folder.

Hint: Thief folder is located at: Z:\CCT-Tools\CCT Module 01 Information Security Threats and Vulnerabilities\Remote Access Trojans (RAT)\Thief of Attacker Machine-1.

Options:

A.

2

B.

4

C.

3

D.

5

Buy Now
Questions 45

Nancy, a security specialist, was instructed to identify issues related to unexpected shutdown and restarts on a Linux machine. To identify the incident cause, Nancy navigated to a directory on the Linux system and accessed a log file to troubleshoot problems related to improper shutdowns and unplanned restarts.

Identify the Linux log file accessed by Nancy in the above scenario.

Options:

A.

/var/log/secure

B.

/var/log/kern.log

C.

/var/log/boot.log

D.

/var/log/lighttpd/

Buy Now
Questions 46

Dany, a member of a forensic team, was actively involved in an online crime investigation process. Dany's main responsibilities included providing legal advice on conducting the investigation and addressing legal issues involved in the forensic investigation process. Identify the role played by Dany in the above scenario.

Options:

A.

Attorney

B.

Incident analyzer

C.

Expert witness

D.

Incident responder

Buy Now
Questions 47

At CyberGuard Corp, an industry-leading cybersecurity consulting firm, you are the Principal Incident Responder known for your expertise in dealing with high-profile cyber breaches. Your team primarily serves global corporations, diplomatic entities, and agencies with sensitive national importance.

One day. you receive an encrypted, anonymous email Indicating a potential breach at WorldBank Inc., a renowned international banking consortium, and one of your prime clients. The email contains hashed files, vaguely hinting at financial transactions of high-net-worth individuals. Initial assessments indicate this might be an advanced persistent threat (APT),likely a state-sponsored actor, given the nature and precision of the data extracted.

While preliminary indications point towards a potential zero-day exploit, your team must dive deep into forensics to ascertain the breach's origin, assess the magnitude, and promptly respond. Given the highly sophisticated nature of this attack and potential geopolitical ramifications, what advanced methodology should you prioritize to dissect this cyber intrusion meticulously?

Options:

A.

Utilize advanced sandboxing techniques to safely examine the behavior of potential zero-day exploits in the hashed files, gauging any unusual system interactions and network communications.

B.

Apply heuristics-based analysis coupled with threat-hunting tools to trace anomalous patterns.

behaviors, and inconsistencies across WorldBank's vast digital infrastructure.

C.

Consult with global cybersecurity alliances and partnerships to gather intelligence on similar attack patterns and potentially attribute the breach to known APT groups.

D.

Perform deep dive log analysis from critical servers and network devices, focusing on a timeline based approach to reconstruct the events leading to the breach.

Buy Now
Questions 48

Grace, an online shopping freak, has purchased a smart TV using her debit card. During online payment, Grace's browser redirected her from ecommerce website to a third-party payment gateway, where she provided her debit card details and OTP received on her registered mobile phone. After completing the transaction, Grace navigated to her online bank account and verified the current balance in her savings account.

Identify the state of data when it is being processed between the ecommerce website and the payment gateway in the above scenario.

Options:

A.

Data at rest

B.

Data in inactive

C.

Data in transit

D.

Data in use

Buy Now
Exam Code: 212-82
Exam Name: Certified Cybersecurity Technician (CCT)
Last Update: Dec 25, 2024
Questions: 161
212-82 pdf

212-82 PDF

$25.5  $84.99
212-82 Engine

212-82 Testing Engine

$30  $99.99
212-82 PDF + Engine

212-82 PDF + Testing Engine

$40.5  $134.99