Python Institute Certified Entry-Level Security Specialist with Python Latest Version: 6, Exams of Cybercrime, Cybersecurity and Data Privacy

Python Institute Certified Entry-Level Security Specialist with Python Latest Version: 6.0 Practice Exam 2026

Typology: Exams

2025/2026

Available from 02/12/2026

proflean
proflean ๐Ÿ‡บ๐Ÿ‡ธ

3.1

(7)

2.3K documents

1 / 25

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19

Partial preview of the text

Download Python Institute Certified Entry-Level Security Specialist with Python Latest Version: 6 and more Exams Cybercrime, Cybersecurity and Data Privacy in PDF only on Docsity!

Python Institute

PCES

Python Institute Certified Entry-Level Security Specialist

with Python Latest Version: 6.0 Practice Exam 2026

Question: 1

To ensure file access events are logged, where must audit logging be enabled? A. At the storage domain level B. On each Cohesity View C. At the protection policy level D. At the cluster hardware level Answer: B Question: 2 Why might an organization choose archival rather than replication for file services disaster recovery? A. Archival supports long-term retention at lower cost B. Archival provides faster failover C. Replication is unsupported for file data D. Archival eliminates recovery testing

Answer: A Question: 3 Before antivirus protection can be enforced on a Cohesity View, which step must be completed? A. Enable WORM compliance B. Assign a protection policy C. Create a NAS tiering job D. Configure an antivirus server Answer: D Question: 4 When planning file services disaster recovery, which objective is most directly influenced by archival configuration? A. Recovery Time Objective (RTO) B. Network throughput C. Recovery Point Objective (RPO) D. Client authentication Answer: C Question: 5 How can an administrator validate that a NAS tiering job completed successfully? A. Check job status and data accessibility B. Review QoS policies C. Review protection policy assignment

C. The View inherits a system-wide quota D. Writes are read-only by default Answer: B Question: 9 Which statement best summarizes security and compliance for Cohesity SmartFiles? A. Multiple layered controls protect file data and access B. Security is automatic and requires no configuration C. Compliance is achieved only through backups D. Security applies only to SMB Answer: A Question: 10 During a site outage, administrators want users to continue accessing file data from a secondary location. Which Cohesity File Services capability supports this scenario? A. View quotas B. File Services failover options C. Snapshot scheduling D. Antivirus scanning Answer: B

  1. What is symmetric encryption? A. One key encrypts and decrypts B. Two public keys C. No key required D. Only decryption key Answer: A Rationale: Symmetric encryption uses the same key for encryption and decryption.
  2. What is asymmetric encryption? A. Same key B. Public and private key pair C. No encryption D. Hashing method Answer: B Rationale: Asymmetric encryption uses a public key to encrypt and a private key to decrypt.
  3. Which Python library is commonly used for cryptographic operations? A. cryptography B. pygame C. tkinter D. numpy Answer: A Rationale: The cryptography library provides high-level cryptographic recipes and primitives.
  4. What does SHA stand for? A. Secure Hash Algorithm B. System Host Access C. Security Host Algorithm D. Safe Hash Access
  1. What is the output size of SHA-256? A. 128 bits B. 160 bits C. 256 bits D. 512 bits Answer: C Rationale: SHA-256 produces a 256-bit hash value.
  2. What is key exchange in cryptography? A. Deleting keys B. Securely sharing encryption keys C. Changing passwords D. Storing private keys publicly Answer: B Rationale: Key exchange allows parties to securely share cryptographic keys.
  3. What is the purpose of HMAC? A. Compress data B. Combine hash with secret key C. Encrypt database D. Replace SSL Answer: B Rationale: HMAC combines a cryptographic hash function with a secret key for message authentication. โœ… Questions 21โ€“30: Python Security Coding
  4. What is input validation? Answer: Checking user input to ensure it is safe and expected. Rationale: Input validation prevents injection attacks and malicious data entry.
  1. What attack exploits unsanitized database input? A. XSS B. SQL Injection C. DoS D. Phishing Answer: B Rationale: SQL injection occurs when attackers inject malicious SQL via unsanitized input.
  2. Which Python parameterized query prevents SQL injection? A. f-strings B. String concatenation C. Prepared statements D. print() Answer: C Rationale: Prepared statements safely bind parameters to SQL queries.
  3. What does escaping input do? Answer: Neutralizes special characters in input. Rationale: Escaping prevents execution of malicious code.
  4. Which module handles secure password input? A. getpass B. input C. print D. sys Answer: A Rationale: getpass hides user input in the terminal.

Rationale: 600 allows read/write only to the owner. โœ… Questions 31โ€“40: Networking & Security

  1. What is a firewall? Answer: A system that monitors and controls incoming/outgoing traffic. Rationale: Firewalls enforce security rules.
  2. What is port scanning? Answer: Scanning ports to identify open services. Rationale: Attackers use port scanning to find vulnerabilities.
  3. Which Python library performs HTTP requests? A. requests B. math C. os D. hashlib Answer: A Rationale: requests simplifies sending HTTP requests.
  4. What is phishing? Answer: Fraudulent attempt to obtain sensitive information. Rationale: Phishing deceives users via fake emails or websites.
  5. What does VPN provide? A. Compression B. Secure encrypted tunnel C. Virus scanning D. Database access Answer: B

Rationale: VPN encrypts traffic between user and server.

  1. What is malware? Answer: Malicious software designed to harm systems. Rationale: Includes viruses, worms, ransomware.
  2. What is ransomware? Answer: Malware that encrypts files and demands payment. Rationale: Victims must pay ransom to regain access.
  3. What is brute force attack? Answer: Trying many password combinations. Rationale: Automated guessing of credentials.
  4. Which Python module handles SSL? A. ssl B. sys C. base6 4 D. json Answer: A Rationale: ssl module supports TLS/SSL encrypted sockets.
  5. What is IDS? Answer: Intrusion Detection System. Rationale: Monitors network/system for malicious activity. โœ… Questions 41โ€“50: Secure Development & Best Practices
  1. What is environment variable used for in security? Answer: Storing sensitive data like API keys securely. Rationale: Avoids hardcoding secrets in source code.
  2. What is dependency vulnerability? Answer: Security flaw in third-party library. Rationale: Dependencies can introduce risks.
  3. What tool checks Python dependencies for vulnerabilities? A. pip B. safety C. print D. socket Answer: B Rationale: Safety scans Python dependencies for known vulnerabilities.
  4. What is principle of defense in depth? Answer: Using multiple layers of security controls. Rationale: If one layer fails, others still protect the system.
  1. Which Python module should you use to securely compare two hashes? A. == operator B. hashlib.compare() C. hmac.compare_digest() D. os.compare() Answer: C Rationale: hmac.compare_digest() prevents timing attacks by performing constant-time comparison.
  1. What is forward secrecy? A. Reusing encryption keys B. Encrypting passwords twice C. Generating session keys that are not derived from long-term keys D. Public key storage Answer: C Rationale: Forward secrecy ensures past communications remain secure even if private key is compromised.
  2. Which Python library helps manage JSON Web Tokens (JWT)? A. jwt B. json C. pickle D. ssl Answer: A Rationale: The PyJWT library handles encoding and decoding JWT tokens.
  3. What risk does pickle pose in Python? Answer: Arbitrary code execution during deserialization. Rationale: Untrusted pickle data can execute malicious code.
  4. What is the safest way to store API keys? A. Hardcode in script B. Store in GitHub C. Environment variables or secure vault D. Plain text file Answer: C Rationale: Environment variables or secret managers prevent exposure in source code.

โœ… Questions 61โ€“70: Web Application Security

  1. What header prevents clickjacking? A. X-Frame-Options B. Content-Type C. Accept D. Host Answer: A Rationale: X-Frame-Options prevents a site from being embedded in frames.
  2. What does CSP stand for? Answer: Content Security Policy Rationale: CSP restricts sources of executable scripts to prevent XSS.
  3. What Python framework includes built-in CSRF protection? A. Flask (basic) B. Django C. NumPy D. Pandas Answer: B Rationale: Django includes CSRF middleware by default.
  4. What is session hijacking? Answer: Stealing a userโ€™s session ID to impersonate them. Rationale: Attackers gain unauthorized access by capturing session tokens.

Answer: B Rationale: XSS inserts malicious scripts into web pages.

  1. What is secure session management? Answer: Protecting session IDs through encryption and expiration controls. Rationale: Prevents unauthorized access via stolen sessions. โœ… Questions 71โ€“80: Network & System Security
  2. What is ARP spoofing? Answer: Sending fake ARP messages to intercept traffic. Rationale: Used in Man-in-the-Middle attacks.
  3. What is packet sniffing? Answer: Capturing and analyzing network traffic. Rationale: Can be used for monitoring or malicious interception.
  4. Which tool scans Python packages for known vulnerabilities? A. pip B. safety C. ssl D. json Answer: B Rationale: Safety checks dependencies against vulnerability databases.
  5. What is a sandbox? Answer: Isolated environment for testing code safely.

Rationale: Prevents malicious code from affecting host system.

  1. What is privilege escalation? Answer: Gaining higher access rights than authorized. Rationale: Attackers exploit vulnerabilities to gain admin access.
  2. Which command checks open ports on a Linux system? A. ls B. netstat C. echo D. pwd Answer: B Rationale: netstat shows active connections and open ports.
  3. What is a honeypot? Answer: A decoy system designed to attract attackers. Rationale: Used to study attack behavior.
  4. What is encryption at rest? Answer: Encrypting stored data. Rationale: Protects data if storage device is compromised.
  5. What is encryption in transit? Answer: Encrypting data during transmission. Rationale: Prevents interception during communication.