
















Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
ALBERTA CYBERSECURITY ANALYST EXAM| QUESTIONS AND CORRECT ANSWERS (VERIFIED ANSWERS) PLUS RATIONALES 2026 Q&A | INSTANT DOWNLOADPDF
Typology: Exams
1 / 24
This page cannot be seen from the preview
Don't miss anything!

















1. What is the primary goal of cybersecurity? A. Increase system speed B. Protect confidentiality, integrity, and availability of data C. Improve UI design D. Reduce storage usage Correct Answer: B Rationale: Cybersecurity focuses on protecting the CIA triad: confidentiality, integrity, and availability of systems and data. 2. What does the CIA triad represent in cybersecurity? A. Control, Internet, Access B. Confidentiality, Integrity, Availability C. Cryptography, Internet, Authentication D. Cloud, Infrastructure, Applications Correct Answer: B Rationale: The CIA triad defines the core security principles for protecting information systems. 3. What is a firewall primarily used for? A. Encrypting files B. Filtering network traffic based on rules C. Storing passwords D. Running applications Correct Answer: B Rationale: Firewalls control incoming and outgoing network traffic based on security rules.
4. What is phishing? A. A database attack B. Fraudulent attempt to obtain sensitive information via deception C. A firewall configuration D. A secure authentication method Correct Answer: B Rationale: Phishing tricks users into revealing credentials or sensitive data. 5. What is malware? A. Secure software update B. Software designed to harm systems or steal data C. Encryption protocol D. Network monitoring tool Correct Answer: B Rationale: Malware includes viruses, worms, ransomware, and spyware. 6. What is ransomware? A. Data backup system B. Malware that encrypts files and demands payment C. Firewall system D. Authentication protocol Correct Answer: B Rationale: Ransomware locks data and demands ransom for decryption. 7. What is the purpose of encryption? A. Speed up processing B. Convert data into unreadable format without a key C. Delete data D. Improve UI design Correct Answer: B Rationale: Encryption protects data confidentiality by making it unreadable without a decryption key.
Correct Answer: B Rationale: Brute force attacks systematically try all password combinations.
12. What is SQL injection? A. Firewall rule B. Injecting malicious SQL into input fields C. Encryption method D. Backup strategy Correct Answer: B Rationale: SQL injection manipulates database queries through malicious input. 13. What is a DDoS attack? A. Data encryption method B. Overwhelming a system with traffic from multiple sources C. Password hashing technique D. Secure login process Correct Answer: B Rationale: Distributed Denial of Service attacks flood systems with traffic to cause downtime. 14. What is multi-factor authentication (MFA)? A. Single password login B. Multiple verification methods for identity C. No authentication D. Firewall configuration Correct Answer: B Rationale: MFA requires two or more verification factors for access. 15. What is a zero-day vulnerability? A. Fixed security flaw B. Unknown vulnerability exploited before patching
C. Backup system D. Firewall rule Correct Answer: B Rationale: Zero-day vulnerabilities are exploited before developers can fix them.
16. What is social engineering in cybersecurity? A. Code optimization B. Manipulating people to gain access to systems C. Database encryption D. Network routing Correct Answer: B Rationale: Social engineering exploits human psychology rather than technical flaws. 17. What is the purpose of intrusion detection systems (IDS)? A. Block websites B. Detect suspicious network activity C. Encrypt data D. Store logs only Correct Answer: B Rationale: IDS monitors systems for malicious activity and alerts administrators. 18. What is the difference between IDS and IPS? A. IDS blocks attacks B. IPS blocks attacks, IDS only detects C. Both are identical D. IDS encrypts traffic Correct Answer: B Rationale: IPS actively prevents attacks, while IDS only detects and alerts.
23. What is the principle of least privilege? A. Give all access B. Give only required access C. Remove authentication D. Share admin accounts Correct Answer: B Rationale: Users should only have the minimum permissions needed. 24. What is patch management? A. UI design B. Updating systems to fix vulnerabilities C. Data deletion D. Network routing Correct Answer: B Rationale: Patch management ensures systems are updated against known vulnerabilities. 25. What is endpoint security? A. Server-only protection B. Protection of user devices like laptops and phones C. Database encryption D. Network routing Correct Answer: B Rationale: Endpoint security protects devices connected to a network. 26. What is a security audit? A. Software update B. System evaluation for vulnerabilities C. Network upgrade D. UI redesign Correct Answer: B Rationale: Security audits assess system weaknesses and compliance.
27. What is log monitoring used for? A. UI design B. Detecting suspicious system behavior C. Increasing storage D. Encrypting files Correct Answer: B Rationale: Logs help identify anomalies and security incidents. 28. What is network segmentation? A. Combining all networks B. Dividing networks into isolated zones C. Removing firewalls D. Increasing bandwidth Correct Answer: B Rationale: Segmentation limits attack spread within networks. 29. What is a botnet? A. Security tool B. Network of compromised devices controlled by attacker C. Firewall system D. Encryption algorithm Correct Answer: B Rationale: Botnets are used for coordinated cyberattacks like DDoS. 30. What is the primary goal of incident response? A. Prevent all attacks B. Detect, contain, and recover from security incidents C. Increase storage D. Improve UI Correct Answer: B Rationale: Incident response focuses on managing and recovering from
Correct Answer: B Rationale: Threat hunting involves actively searching for undetected malicious activity.
35. What is a false positive in cybersecurity monitoring? A. Real attack detected B. Benign activity flagged as malicious C. System failure D. Encrypted traffic Correct Answer: B Rationale: A false positive occurs when legitimate activity is incorrectly flagged as a threat. 36. What is a false negative in cybersecurity detection? A. Attack correctly detected B. Attack not detected by security system C. System upgrade D. Firewall rule Correct Answer: B Rationale: A false negative occurs when a real attack goes undetected. 37. What is endpoint detection and response (EDR)? A. Database tool B. Security system monitoring endpoint devices for threats C. DNS system D. Cloud storage Correct Answer: B Rationale: EDR tools detect and respond to malicious activity on endpoints. 38. What is a honeypot in cybersecurity? A. Production server B. Decoy system designed to attract attackers
C. Encryption tool D. Backup system Correct Answer: B Rationale: Honeypots lure attackers to study their behavior and techniques.
39. What is the main purpose of log correlation in SIEM systems? A. Reduce storage B. Identify patterns across multiple data sources C. Encrypt logs D. Increase latency Correct Answer: B Rationale: Log correlation connects events across systems to detect complex attacks. 40. What is a security event? A. System reboot B. Any observable occurrence in a system or network C. Firewall update D. CPU upgrade Correct Answer: B Rationale: A security event is any action or change observed in a system. 41. What is an incident in cybersecurity? A. Normal system activity B. A confirmed security breach or violation C. Software update D. Backup process Correct Answer: B Rationale: An incident is a confirmed security event requiring response.
46. What is dynamic malware analysis? A. Code review only B. Observing malware during execution C. Firewall configuration D. Data compression Correct Answer: B Rationale: Dynamic analysis studies malware behavior while it runs. 47. What is privilege escalation? A. Reducing permissions B. Gaining higher access rights than intended C. Encrypting data D. Network segmentation Correct Answer: B Rationale: Privilege escalation allows attackers to gain admin-level access. 48. What is lateral movement in cyber attacks? A. Vertical scaling B. Moving through network after initial compromise C. Data encryption D. Firewall setup Correct Answer: B Rationale: Attackers move laterally to access more systems after initial breach. 49. What is a zero trust security model? A. Trust internal users automatically B. Verify every request explicitly C. Disable authentication D. Remove encryption
Correct Answer: B Rationale: Zero trust assumes no implicit trust and verifies every access request.
50. What is multi-factor authentication (MFA)? A. Single password login B. Multiple verification methods for identity C. No authentication D. Firewall bypass Correct Answer: B Rationale: MFA requires multiple factors like password + OTP for authentication. 51. What is phishing simulation used for? A. System backup B. Testing user awareness against phishing attacks C. Database scaling D. Network routing Correct Answer: B Rationale: Phishing simulations train users to recognize attacks. 52. What is a brute force attack? A. Firewall bypass B. Trying all possible password combinations C. Encryption method D. Load balancing Correct Answer: B Rationale: Brute force attacks attempt all possible credentials. 53. What is credential stuffing? A. Password encryption B. Using leaked credentials across multiple sites
B. Fixing security vulnerabilities through updates C. Increasing latency D. Disabling firewalls Correct Answer: B Rationale: Patch management applies updates to fix known vulnerabilities.
58. What is security logging used for? A. UI design B. Tracking system activity for analysis C. Increasing storage D. Reducing CPU usage Correct Answer: B Rationale: Security logs help detect and investigate incidents. 59. What is anomaly detection in cybersecurity? A. Normal behavior filtering B. Identifying unusual system activity C. Data encryption D. Load balancing Correct Answer: B Rationale: Anomaly detection identifies deviations from normal behavior. 60. What is the main goal of incident containment? A. Prevent future updates B. Stop the spread of an active security breach C. Increase system load D. Delete logs Correct Answer: B Rationale: Containment limits damage by isolating affected systems. 61. A cloud environment shows unusual API calls originating from a previously inactive service account. What is the most likely scenario?
A. Normal system update B. Compromised service account credentials C. DNS configuration change D. Storage optimization process Correct Answer: B Rationale: Unexpected activity from inactive service accounts often indicates credential compromise or unauthorized access.
62. What is an Advanced Persistent Threat (APT)? A. Short-term malware attack B. Long-term targeted cyber intrusion campaign C. Firewall configuration error D. Automated backup process Correct Answer: B Rationale: APTs are prolonged, stealthy attacks often conducted by well- resourced threat actors. 63. What is the primary objective of an APT actor? A. Immediate system shutdown B. Long-term data exfiltration and stealthy access C. UI disruption D. Random malware distribution Correct Answer: B Rationale: APTs focus on persistence, stealth, and long-term intelligence gathering. 64. A SOC detects slow, low-volume data exfiltration over weeks. What attack technique is this? A. DDoS attack B. Data siphoning (low-and-slow exfiltration) C. Brute force attack D. SQL injection
B. Secure communication over networks C. Load balancing D. Storage replication Correct Answer: B Rationale: TLS encrypts data in transit to secure communications.
69. What is certificate pinning used for? A. DNS resolution B. Preventing fake certificates in secure connections C. Increasing bandwidth D. Database optimization Correct Answer: B Rationale: Certificate pinning ensures a client trusts only a specific certificate. 70. What is cryptographic hashing vulnerable to if not properly designed? A. UI bugs B. Collision attacks C. Network latency D. Load imbalance Correct Answer: B Rationale: Weak hashing algorithms can produce collisions, allowing data manipulation. 71. What is a rainbow table attack? A. Network flooding B. Precomputed hash cracking method C. Firewall bypass D. DNS spoofing Correct Answer: B Rationale: Rainbow tables use precomputed hashes to reverse weak password hashes.
72. What is salting in password security? A. Encrypting traffic B. Adding random data before hashing passwords C. Removing encryption D. Increasing CPU speed Correct Answer: B Rationale: Salting prevents precomputed hash attacks like rainbow tables. 73. What is privilege escalation in cloud environments? A. Reducing permissions B. Gaining unauthorized higher-level access C. Encrypting data D. Network segmentation Correct Answer: B Rationale: Privilege escalation allows attackers to obtain elevated privileges. 74. What is lateral movement in a breached system? A. Cloud migration B. Expanding access across internal systems after initial compromise C. UI change D. Backup restoration Correct Answer: B Rationale: Attackers move through internal systems after gaining initial access. 75. What is the main purpose of threat intelligence feeds? A. Increase CPU usage B. Provide real-time attacker and vulnerability data C. Store logs D. Replace firewalls