Pass the Cisco CCST 100-160 Questions and answers with CertsForce

TheCCST Cybersecurity Study Guidenotes that HIPAA (Health Insurance Portability and Accountability Act) requires that ePHI be protected both in storage and when devices are decommissioned or repurposed. This includes implementingdata removal policiesfor mobile devices.

"HIPAA requires procedures for the removal of electronic protected health information (ePHI) from devices before disposal, reuse, or reassignment."

(CCST Cybersecurity,Essential Security Principles, Regulatory Compliance section, Cisco Networking Academy)

TheCCST Cybersecurity Study Guidestates that vulnerability scanning is an automated process used to identify known security weaknesses in systems, software, and network devices. These scans compare system configurations and software versions against databases of known vulnerabilities, such as the Common Vulnerabilities and Exposures (CVE) list.

"A vulnerability scan is an automated test that checks systems and networks for known weaknesses by matching them against a database of vulnerabilities such as CVEs. This allows administrators to identify exploitable conditions before they are leveraged by attackers."

(CCST Cybersecurity,Vulnerability Assessment and Risk Management, Vulnerability Scanning section, Cisco Networking Academy)

Ais asset discovery, not vulnerability scanning.

Bmay be part of remediation planning but is not the primary purpose.

Cis correct: Scans detect if systems have vulnerabilities associated with CVEs.

Ddescribes SIEM (Security Information and Event Management) log correlation, not vulnerability scanning.

TheCCST Cybersecuritystudy material definesInformation Assurance (IA)as the practice of managing information-related risks to ensure data availability, integrity, confidentiality, authentication, and non-repudiation. It specifically applies to sensitive information like PII (Personally Identifiable Information).

"Information assurance involves the protection and validation of data so that it remains accurate, confidential, and available only to authorized users. IA ensures the trustworthiness of information, particularly when handling sensitive or regulated data such as PII."

(CCST Cybersecurity,Vulnerability Assessment and Risk Management, Information Assurance section, Cisco Networking Academy)

A(Risk framing) is part of risk management planning but does not verify data integrity and confidentiality directly.

B(Cyber Kill Chain) is an attack lifecycle model.

C(Workflow management) is about process efficiency, not data protection.

Dis correct: Information Assurance addresses the availability, accuracy, and confidentiality of sensitive data.

TheCCST Cybersecurity Study Guideexplains that disabling SSID broadcast hides the network from casual scanning, adding a layer of obscurity. While not a complete security measure, when combined with WPA2/WPA3 encryption and strong passwords, it can help protect private wireless networks, especially in environments with separate employee and guest access.

"Disabling SSID broadcast can reduce the visibility of a wireless network, making it less likely to be detected by casual attackers. This should be combined with strong encryption and authentication."

(CCST Cybersecurity,Basic Network Security Concepts, Wireless Security section, Cisco Networking Academy)

A(IP filtering) provides limited protection and is harder to manage for employee devices.

Bis correct: Disabling SSID broadcast adds an extra layer of obscurity for the employee network.

Cwould make the network easier to access from outside the premises, which is less secure.

Dwould cause network conflicts and make segmentation impossible.

TheCCST Cybersecurity Study Guidehighlights thatSSH (Secure Shell)provides encrypted communication for secure remote access and file transfer (using SCP or SFTP) over unsecured networks. This ensures confidentiality and integrity of the files in transit.

"SSH encrypts all data exchanged between client and server, protecting credentials and file contents from interception. It is the preferred protocol for secure device management and file transfers across untrusted networks."

(CCST Cybersecurity,Basic Network Security Concepts, Secure Remote Management section, Cisco Networking Academy)

A(Telnet) transmits data in plaintext.

B(HTTP) is unencrypted web traffic.

C(TFTP) is a simple, insecure file transfer protocol without encryption.

Dis correct: SSH secures configuration file transfers across insecure networks.