1. Grace, an online shopping freak, has purchased a smart TV using her debit card.

During online
payment, Grace's browser redirected her from ecommerce website to a third-party payment
gateway, where she provided her debit card details and OTP received on her registered mobile
phone. After completing the transaction, Grace navigated to her online bank account and verified the
current balance in her savings account.

Identify the state of data when it is being processed between the ecommerce website and the
payment gateway in the above scenario.
A. Data at rest
B. Data in inactive
C. Data in transit
D. Data in use
2. Arabella, a forensic officer, documented all the evidence related to the case in a standard forensic
investigation report template. She filled different sections of the report covering all the details of the
crime along with the daily progress of the investigation process.

In which of the following sections of the forensic investigation report did Arabella record the "nature
of the claim and information provided to the officers"?
A. Investigation process
B. Investigation objectives
C. Evidence information
D. Evaluation and analysis process
3. Thomas, an employee of an organization, is restricted to access specific websites from his office
system. He is trying to obtain admin credentials to remove the restrictions. While waiting for an
opportunity, he sniffed communication between the administrator and an application server to
retrieve the admin credentials. Identify the type of attack performed by Thomas in the above
scenario.
A. Vishing
B. Eavesdropping
C. Phishing
D. Dumpster diving
4. Myles, a security professional at an organization, provided laptops for all the employees to carry
out the business processes from remote locations. While installing necessary applications required
for the business, Myles has also installed antivirus software on each laptop following the company's
policy to detect and protect the machines from external malicious events over the Internet.

Identify the PCI-DSS requirement followed by Myles in the above scenario.

A. PCI-DSS requirement no 1.3.2
B. PCI-DSS requirement no 1.3.5
C. PCI-DSS requirement no 5.1
D. PCI-DSS requirement no 1.3.1
5. Nancy, a security specialist, was instructed to identify issues related to unexpected shutdown and
restarts on a Linux machine. To identify the incident cause, Nancy navigated to a directory on the
Linux system and accessed a log file to troubleshoot problems related to improper shutdowns and
unplanned restarts.

Identify the Linux log file accessed by Nancy in the above scenario.
A. /var/log/secure
 B. /var/log/kern.log
C. /var/log/boot.log
D. /var/log/lighttpd/
6. Henry Is a cyber security specialist hired by BlackEye - Cyber security solutions. He was tasked
with discovering the operating system (OS) of a host. He used the Unkornscan tool to discover the
OS of the target system. As a result, he obtained a TTL value, which Indicates that the target system
is running a Windows OS. Identify the TTL value Henry obtained, which indicates that the target OS
is Windows.
A. 64
B. 128
C. 255
D. 138
7. In an organization, all the servers and database systems are guarded in a sealed room with a
single entry point. The entrance is protected with a physical lock system that requires typing a
sequence of numbers and letters by using a rotating dial that intermingles with several other rotating
discs.

Which of the following types of physical locks is used by the organization in the above scenario?
A. Digital locks
B. Combination locks
C. Mechanical locks
D. Electromagnetic locks
8. An MNC hired Brandon, a network defender, to establish secured VPN communication between
the company's remote offices. For this purpose, Brandon employed a VPN topology where all the
remote offices communicate with the corporate office but communication between the remote offices
is denied.

Identify the VPN topology employed by Brandon in the above scenario.

A. Point-to-Point VPN topology
B. Star topology
C. Hub-and-Spoke VPN topology
D. Full-mesh VPN topology
9. RAT has been setup in one of the machines connected to the network to steal the important
Sensitive corporate docs located on Desktop of the server, further investigation revealed the IP
address of the server 20.20.10.26. Initiate a remote connection using thief client and determine the
number of files present in the folder.

Hint: Thief folder is located at: Z:CCT-ToolsCCT Module 01 Information Security Threats and
VulnerabilitiesRemote Access Trojans (RAT)Thief of Attacker Machine-1.
A. 2
B. 4
C. 3
D. 5
10. Paul, a computer user, has shared information with his colleague using an online application.
The online application used by Paul has been incorporated with the latest encryption mechanism.
This mechanism encrypts data by using a sequence of photons that have a spinning trait while
traveling from one end to another, and these photons keep changing their shapes during their
course through filters: vertical, horizontal, forward slash, and backslash.
Identify the encryption mechanism demonstrated in the above scenario.
A. Quantum cryptography
B. Homomorphic encryption
C. Rivest Shamir Adleman encryption
D. Elliptic curve cryptography
11. Tenda, a network specialist at an organization, was examining logged data using Windows Event
Viewer to identify attempted or successful unauthorized activities. The logs analyzed by Tenda
include events related to Windows security; specifically, log-on/log-off activities, resource access,
and also information based on Windows system's audit policies.

Identify the type of event logs analyzed by Tenda in the above scenario.
A. Application event log
B. Setup event log
C. Security event log
D. System event log
12. A web application www.movieabc.com was found to be prone to SQL injection attack. You are
given a task to exploit the web application and fetch the user credentials. Select the UID which is
mapped to user john in the database table.

Note:

Username: sam

Pass: test
A. 5
B. 3
C. 2
D. 4
13. Tristan, a professional penetration tester, was recruited by an organization to test its network
infrastructure. The organization wanted to understand its current security posture and its strength in
defending against external threats. For this purpose, the organization didnot provide any information
about their IT infrastructure to Tristan. Thus, Tristan initiated zero-knowledge attacks, with no
information or assistance from the organization.

Which of the following types of penetration testing has Tristan initiated in the above scenario?
A. Black-box testing
B. White-box testing
C. Gray-box testing
D. Translucent-box testing
14. Johnson, an attacker, performed online research for the contact details of reputed cybersecurity
firms. He found the contact number of sibertech.org and dialed the number, claiming himself to
represent a technical support team from a vendor. He warned that a specific server is about to be
compromised and requested sibertech.org to follow the provided instructions. Consequently, he
prompted the victim to execute unusual commands and install malicious files, which were then used
to collect and pass critical Information to Johnson's machine.

What is the social engineering technique Steve employed in the above scenario?
 A. Quid pro quo
B. Diversion theft
C. Elicitation
D. Phishing
15. Stephen, a security professional at an organization, was instructed to implement security
measures that prevent corporate data leakage on employees' mobile devices. For this purpose, he
employed a technique using which all personal and corporate data are isolated on an employee's
mobile device. Using this technique, corporate applications do not have any control of or
communication with the private applications or data of the employees.

Which of the following techniques has Stephen implemented in the above scenario?
A. Full device encryption
B. Geofencing
C. Containerization
D. OTA updates
16. Kevin, a professional hacker, wants to penetrate CyberTech Inc.’s network. He employed a
technique, using which he encoded packets with Unicode characters. The company’s IDS cannot
recognize the packet, but the target web server can decode them.

What is the technique used by Kevin to evade the IDS system?

A. Desynchronization
B. Obfuscating
C. Session splicing
D. Urgency flag
17. Rickson, a security professional at an organization, was instructed to establish short-range
communication between devices within a range of 10 cm. For this purpose, he used a mobile
connection method that employs electromagnetic induction to enable communication between
devices. The mobile connection method selected by Rickson can also read RFID tags and establish
Bluetooth connections with nearby devices to exchange information such as images and contact
lists.

Which of the following mobile connection methods has Rickson used in above scenario?
A. NFC
B. Satcom
C. Cellular communication
D. ANT
18. Riley sent a secret message to Louis. Before sending the message, Riley digitally signed the
message using his private key. Louis received the message, verified the digital signature using the
corresponding key to ensure that the message was not tampered during transit.

Which of the following keys did Louis use to verify the digital signature in the above scenario?
A. Riley's public key
B. Louis's public key
C. Riley's private key
D. Louis's private key
19. Jaden, a network administrator at an organization, used the ping command to check the status of
a system connected to the organization's network. He received an ICMP error message stating that
the IP header field contains invalid information. Jaden examined the ICMP packet and identified that
it is an IP parameter problem.

Identify the type of ICMP error message received by Jaden in the above scenario.
A. Type =12
B. Type = 8
C. Type = 5
D. Type = 3
20. Cassius, a security professional, works for the risk management team in an organization. The
team is responsible for performing various activities involved in the risk management process. In this
process, Cassius was instructed to select and implement appropriate controls on the identified risks
in order to address the risks based on their severity level.

Which of the following risk management phases was Cassius instructed to perform in the above
scenario?
A. Risk analysis
B. Risk treatment
C. Risk prioritization
D. Risk identification