TheCCST Cybersecurity Study Guidecovers major privacy and security frameworks:

GDPR (General Data Protection Regulation)–

"EU regulation that protects personal data and privacy for individuals within the European Union."

HIPAA (Health Insurance Portability and Accountability Act)–

"US law that protects sensitive patient health information from being disclosed without the patient’s consent or knowledge."

PCI-DSS (Payment Card Industry Data Security Standard)–

"Security standard to protect credit card data and reduce fraud."

FERPA (Family Educational Rights and Privacy Act)–

"US law that protects the privacy of student education records."

FISMA (Federal Information Security Management Act)–

"US law that requires federal agencies to protect information and information systems."

(CCST Cybersecurity,Essential Security Principles, Regulatory Compliance section, Cisco Networking Academy)

TheCCST Cybersecuritycourse defines a strong password as one that:

Is at least 8–12 characters long

Uses a mix of uppercase, lowercase, numbers, and symbols

Avoids dictionary words, personal information, and predictable patterns

"Strong passwords combine length, complexity, and unpredictability, making them resistant to brute force and dictionary attacks."

(CCST Cybersecurity,Essential Security Principles, Authentication and Access Control section, Cisco Networking Academy)

Ais correct: It’s long, mixed case, includes numbers and symbols, and is not easily guessable.

Bis incorrect: It’s based on a date, which is predictable.

Cis incorrect: Short and based on a dictionary word.

Dis correct: Uses complexity and length with leetspeak for added unpredictability.

TheCCST Cybersecuritycourse describes that risk scoring for vulnerabilities often involveslikelihoodandimpact— similar to the CVSS (Common Vulnerability Scoring System) model.

"When prioritizing vulnerabilities, assess both the likelihood of exploitation and the potential impact to the organization. Likelihood measures how easy or probable it is for an adversary to exploit the weakness, while impact measures the consequences to confidentiality, integrity, and availability if exploitation occurs."

(CCST Cybersecurity,Vulnerability Assessment and Risk Management, Risk Assessment and Prioritization section, Cisco Networking Academy)

Ais correct: Likelihood is a fundamental part of severity assessment.

Bis correct: Impact determines how damaging an exploit would be.

Cis incorrect: Time to choose replacement software is an operational consideration, not a severity metric.

Dis incorrect: Hardware age may influence performance but does not directly define vulnerability severity.

TheCCST Cybersecurity Study Guideemphasizes that backups should be stored off-site or in the cloud to ensure recovery even if the primary location is damaged or compromised.

"A comprehensive disaster recovery plan includes performing regular backups and ensuring copies are stored in locations not subject to the same physical risks as the primary site. Off-site storage and cloud-based backups provide resilience against local disasters."

(CCST Cybersecurity,Essential Security Principles, Backup and Disaster Recovery section, Cisco Networking Academy)

Ais correct: Off-site removable media ensures recovery even if the main site is destroyed.

Bis incorrect: Local-only backups are vulnerable to the same risks as production systems.

Cis correct: Cloud services provide geographically separate storage with automated redundancy.

Dis incorrect: RAID is for hardware fault tolerance, not a complete backup solution.

According to theCCST Cybersecuritycourse, Windows Event Viewer’sSecurity logsrecord authentication-related events that can help identify password-guessing attempts (also known as brute force attacks).

"The Account logon failure event indicates that an authentication attempt has failed, which may suggest incorrect credentials were used. Multiple such events in a short time frame can indicate a brute-force attack. The Account lockout success event confirms that an account has been locked due to repeated failed logon attempts, which further supports the suspicion of password-guessing attacks."

(CCST Cybersecurity,Incident Handling, Monitoring and Analyzing Security Events section, Cisco Networking Academy)

Object access failurerelates to unauthorized attempts to open or modify files, not login attempts.

Account logon failure (B)shows failed login attempts due to invalid credentials.

Account lockout success (C)confirms that repeated login failures have triggered a lockout.

Account logoff successis a normal event and does not indicate malicious activity.

TheCCST Cybersecurity Study Guidedefines common attacker types:

Cyber criminal–

"An individual or group engaging in illegal activities for financial gain, such as selling stolen data or running spam campaigns."

State-sponsored attacker–

"Operates with the support or direction of a nation-state, often for espionage or political objectives."

Insider threat–

"A person within the organization, such as an employee or contractor, who misuses access to cause harm or steal data."

Hacktivist–

"Uses hacking techniques to promote political, social, or ideological causes."

(CCST Cybersecurity,Essential Security Principles, Threat Actor Types section, Cisco Networking Academy)