Exclusive Discount Offer for Limited Time | 50% OFF - Ends In 0d 00h 00m 00s Coupon code: SAVE50

Master Cisco 100-160 Exam with Reliable Practice Questions

Page: 1 out of Viewing questions 1-5 out of 50 questions
Last exam update: Aug 31,2025
Upgrade to Premium
Question 1

What is the primary purpose of running a vulnerability scan on your network?


Correct : C

The CCST Cybersecurity Study Guide states that vulnerability scanning is an automated process used to identify known security weaknesses in systems, software, and network devices. These scans compare system configurations and software versions against databases of known vulnerabilities, such as the Common Vulnerabilities and Exposures (CVE) list.

'A vulnerability scan is an automated test that checks systems and networks for known weaknesses by matching them against a database of vulnerabilities such as CVEs. This allows administrators to identify exploitable conditions before they are leveraged by attackers.'

(CCST Cybersecurity, Vulnerability Assessment and Risk Management, Vulnerability Scanning section, Cisco Networking Academy)

A is asset discovery, not vulnerability scanning.

B may be part of remediation planning but is not the primary purpose.

C is correct: Scans detect if systems have vulnerabilities associated with CVEs.

D describes SIEM (Security Information and Event Management) log correlation, not vulnerability scanning.


Options Selected by Other Users:
Mark Question:

Start a Discussions

Submit Your Answer:
0 / 1500
Question 2

Which security measure can prevent unauthorized devices from automatically connecting to a corporate network through unused switch ports?


Correct : A

The CCST Cybersecurity Study Guide explains that port security on switches can be configured to limit the number of MAC addresses allowed on a port, or to restrict it to specific devices.

'Port security can prevent unauthorized access by limiting or specifying the MAC addresses allowed to connect through a given switch port. This mitigates risks from rogue devices connecting to the network.'

(CCST Cybersecurity, Basic Network Security Concepts, Switch Security section, Cisco Networking Academy)


Options Selected by Other Users:
Mark Question:

Start a Discussions

Submit Your Answer:
0 / 1500
Question 3

An employee accidentally sends an email containing sensitive corporate information to an external email address.

Which type of threat does this scenario describe?


Correct : D

The CCST Cybersecurity Study Guide explains that an insider threat is any threat to an organization that comes from people within the organization---employees, contractors, or business partners---who have inside information concerning the organization's security practices, data, and systems. Insider threats may be intentional or unintentional.

'An insider threat can be malicious or accidental. Employees may unintentionally cause data breaches by mishandling sensitive information, such as sending it to the wrong recipient.'

(CCST Cybersecurity, Essential Security Principles, Threat Actor Types section, Cisco Networking Academy)

A (Logic bomb) is malicious code triggered by conditions.

B (Malware) is malicious software, unrelated to accidental email leaks.

C (Phishing) is an external social engineering attack.

D is correct: This is an unintentional insider threat.


Options Selected by Other Users:
Mark Question:

Start a Discussions

Submit Your Answer:
0 / 1500
Question 4

You need a software solution that performs the following tasks:

Compiles network data

Logs information from many sources

Provides orchestration in the form of case management

Automates incident response workflows

What product should you use?


Correct : B

The CCST Cybersecurity Study Guide explains that SOAR (Security Orchestration, Automation, and Response) platforms integrate data from multiple tools and sources, support case management, and automate security workflows for faster incident response.

'SOAR solutions provide orchestration, automation, and response capabilities. They collect security data from multiple systems, enable analysts to manage incidents, and automate repetitive tasks in the response process.'

(CCST Cybersecurity, Incident Handling, Security Automation Tools section, Cisco Networking Academy)

A (SIEM) collects and correlates security logs but lacks full orchestration and automated response capabilities.

B is correct: SOAR adds orchestration, case management, and automated incident response.

C (NextGen IPS) focuses on intrusion prevention, not orchestration.

D (Snort) is an open-source intrusion detection/prevention tool, not an orchestration platform.


Options Selected by Other Users:
Mark Question:

Start a Discussions

Submit Your Answer:
0 / 1500
Question 5

Which macOS security feature encrypts the entire macOS volume?


Correct : A

The CCST Cybersecurity Study Guide highlights FileVault as the macOS full-disk encryption tool.

'FileVault is macOS's built-in full-disk encryption feature. It encrypts the contents of the entire startup disk to help prevent unauthorized access to the information stored on the drive, even if the device is lost or stolen.'

(CCST Cybersecurity, Endpoint Security Concepts, Disk Encryption section, Cisco Networking Academy)

A is correct: FileVault provides complete volume encryption.

B (Gatekeeper) controls app installation by verifying code signatures.

C (System Integrity Protection) protects system files from modification.

D (XProtect) is macOS's built-in malware detection system.


Options Selected by Other Users:
Mark Question:

Start a Discussions

Submit Your Answer:
0 / 1500