Eccouncil 212 82 Certified Cybersecurity Technician Practice Test - Set 1
Test your knowledge with this Eccouncil 212 82 Certified Cybersecurity Technician mock exam. Get real-world IT questions and prepare for certification success.
212-82: Certified Cybersecurity Technician (C|CT) - Exam Information
1. Which security control type is used to prevent unauthorized access to a system?
Preventive
Detective
Corrective
Compensating
✅ Correct Answer: Preventive
2. What is the primary purpose of encryption in cybersecurity?
To protect data confidentiality
To monitor network traffic
To block unauthorized access
To detect malware
✅ Correct Answer: To protect data confidentiality
3. Which type of malware encrypts files and demands a ransom?
Ransomware
Trojan
Worm
Spyware
✅ Correct Answer: Ransomware
4. What is the main function of an Intrusion Detection System (IDS)?
To detect suspicious activity
To block unauthorized access
To encrypt sensitive data
To monitor network traffic
✅ Correct Answer: To detect suspicious activity
5. Which protocol is used for secure communication over a computer network?
HTTPS
HTTP
FTP
SMTP
✅ Correct Answer: HTTPS
6. What is the purpose of a security policy in an organization?
To define security guidelines and procedures
To monitor network traffic
To block unauthorized access
To detect malware
✅ Correct Answer: To define security guidelines and procedures
7. Which type of attack involves overwhelming a system with traffic?
Denial of Service (DoS)
Phishing
SQL Injection
MITM
✅ Correct Answer: Denial of Service (DoS)
8. What is the primary goal of a firewall in network security?
To block unauthorized access
To monitor network traffic
To encrypt sensitive data
To detect malware
✅ Correct Answer: To block unauthorized access
9. Which tool is used for monitoring and analyzing network traffic?
Wireshark
Metasploit
Nmap
Hydra
✅ Correct Answer: Wireshark
10. What is the purpose of multi-factor authentication (MFA)?
To enhance security by requiring multiple forms of verification
To monitor network traffic
To block unauthorized access
To detect malware
✅ Correct Answer: To enhance security by requiring multiple forms of verification
11. Which type of attack involves tricking users into revealing sensitive information?
Phishing
SQL Injection
MITM
DoS
✅ Correct Answer: Phishing
12. What is the primary function of a Virtual Private Network (VPN)?
To secure communication over public networks
To monitor network traffic
To block unauthorized access
To detect malware
✅ Correct Answer: To secure communication over public networks
13. Which security control is used to detect and respond to security incidents?
Detective
Preventive
Corrective
Compensating
✅ Correct Answer: Detective
14. What is the purpose of a vulnerability assessment?
To identify security weaknesses
To exploit vulnerabilities
To monitor network traffic
To block unauthorized access
✅ Correct Answer: To identify security weaknesses
15. Which type of attack involves exploiting human psychology?
Social Engineering
Phishing
SQL Injection
MITM
✅ Correct Answer: Social Engineering
16. What is the primary goal of patch management in cybersecurity?
To fix vulnerabilities in software
To monitor network traffic
To block unauthorized access
To detect malware
✅ Correct Answer: To fix vulnerabilities in software
17. Which tool is used for detecting and removing malware?
Antivirus software
Wireshark
Nmap
Metasploit
✅ Correct Answer: Antivirus software
18. What is the purpose of a security audit?
To evaluate the effectiveness of security controls
To monitor network traffic
To block unauthorized access
To detect malware
✅ Correct Answer: To evaluate the effectiveness of security controls
19. Which type of attack involves exploiting software vulnerabilities?
Exploit
Phishing
MITM
DoS
✅ Correct Answer: Exploit
20. What is the primary function of a Security Information and Event Management (SIEM) system?
To collect and analyze security data
To block unauthorized access
To monitor network traffic
To detect malware
✅ Correct Answer: To collect and analyze security data
21. Which security concept ensures systems are available when needed?
Availability
Confidentiality
Integrity
Non-repudiation
✅ Correct Answer: Availability
22. What does SIEM stand for in cybersecurity?
Security Information and Event Management
System Integrity and Encryption Module
Secure Internet Email Messaging
Standard Incident Evaluation Metric
✅ Correct Answer: Security Information and Event Management
23. Which protocol provides secure remote access to systems?
SSH
HTTP
FTP
SMTP
✅ Correct Answer: SSH
24. What is the purpose of a DMZ in network security?
To isolate publicly accessible services
To encrypt all network traffic
To block all inbound connections
To monitor internal user activity
✅ Correct Answer: To isolate publicly accessible services
25. Which type of security control is biometric authentication?
Physical
Technical
Administrative
Compensating
✅ Correct Answer: Physical
26. What does DLP stand for in data security?
Data Loss Prevention
Digital License Protection
Direct Login Protocol
Dynamic Layer Protection
✅ Correct Answer: Data Loss Prevention
27. Which attack vector exploits human trust?
Social Engineering
Buffer Overflow
SQL Injection
DDoS
✅ Correct Answer: Social Engineering
28. What is the primary purpose of NAC?
To control network access
To encrypt data at rest
To scan for vulnerabilities
To monitor cloud services
✅ Correct Answer: To control network access
29. Which tool is used for password cracking?
John the Ripper
Wireshark
Nmap
Metasploit
✅ Correct Answer: John the Ripper
30. What does BYOD stand for in mobile security?
Bring Your Own Device
Backup Your Organizational Data
Block Youthful Online Danger
Biometric Yearly Operational Directive
✅ Correct Answer: Bring Your Own Device
31. Which security framework focuses on payment systems?
PCI DSS
HIPAA
GDPR
SOX
✅ Correct Answer: PCI DSS
32. What is the purpose of hashing in cybersecurity?
To verify data integrity
To encrypt communications
To authenticate users
To filter network traffic
✅ Correct Answer: To verify data integrity
33. Which type of malware replicates itself?
Worm
Trojan
Ransomware
Spyware
✅ Correct Answer: Worm
34. What does PII stand for in data protection?
Personally Identifiable Information
Protected Internet Infrastructure
Public Institutional Identifier
Private Internal Investigation
✅ Correct Answer: Personally Identifiable Information
35. Which security control prevents tailgating?
Mantrap
Firewall
Antivirus
VPN
✅ Correct Answer: Mantrap
36. What is the primary risk of default credentials?
Unauthorized access
Data corruption
Network slowdown
Encryption failure
✅ Correct Answer: Unauthorized access
37. Which protocol is vulnerable to sniffing attacks?
HTTP
HTTPS
SSH
SFTP
✅ Correct Answer: HTTP
38. What is the purpose of a honeypot?
To detect and study attacks
To block malicious traffic
To encrypt sensitive data
To authenticate users
✅ Correct Answer: To detect and study attacks
39. Which security principle ensures data accuracy?
Integrity
Confidentiality
Availability
Accountability
✅ Correct Answer: Integrity
40. What does RBAC stand for in access control?
Role-Based Access Control
Rule-Based Authentication Check
Remote Backup and Configuration
Risk-Based Assessment Criteria
✅ Correct Answer: Role-Based Access Control
41. Which attack involves injecting database queries?
SQL Injection
XSS
CSRF
MITM
✅ Correct Answer: SQL Injection
42. What is the purpose of a security baseline?
To establish minimum security standards
To detect intrusions
To encrypt communications
To authenticate devices
✅ Correct Answer: To establish minimum security standards
43. Which tool is used for vulnerability scanning?
Nessus
Metasploit
Wireshark
Burp Suite
✅ Correct Answer: Nessus
44. What is the primary purpose of a proxy server?
To mediate network requests
To encrypt data
To block all malware
To authenticate users
✅ Correct Answer: To mediate network requests
45. Which security control is an example of deterrent?
Warning signs
Firewall
Encryption
Backup
✅ Correct Answer: Warning signs
46. What does CSRF stand for?
Cross-Site Request Forgery
Critical Security Risk Factor
Cyber Security Response Framework
Common System Recovery File
✅ Correct Answer: Cross-Site Request Forgery
47. Which type of encryption uses the same key?
Symmetric
Asymmetric
Hashing
Steganography
✅ Correct Answer: Symmetric
48. What is the primary risk of open Wi-Fi networks?
Eavesdropping
Data corruption
System crashes
Encryption failure
✅ Correct Answer: Eavesdropping
49. Which security framework focuses on healthcare?
HIPAA
PCI DSS
GDPR
SOX
✅ Correct Answer: HIPAA
50. What is the purpose of a chain of custody?
To document evidence handling
To encrypt communications
To authenticate users
To filter network traffic
✅ Correct Answer: To document evidence handling
51. Which attack involves malicious scripts in web pages?
XSS
SQL Injection
MITM
DDoS
✅ Correct Answer: XSS
52. What is the primary purpose of a WAF?
To protect web applications
To encrypt emails
To scan for viruses
To authenticate devices
✅ Correct Answer: To protect web applications
53. Which security control is administrative?
Security policy
Firewall
Biometric scanner
Encryption
✅ Correct Answer: Security policy
54. What does BIA stand for in risk management?
Business Impact Analysis
Basic Internet Authentication
Backup Integrity Assessment
Biometric Identification Algorithm
✅ Correct Answer: Business Impact Analysis
55. Which protocol is used for secure email?
S/MIME
HTTP
FTP
SNMP
✅ Correct Answer: S/MIME
56. What is the primary purpose of a TPM?
Hardware-based security
Network monitoring
Email encryption
Vulnerability scanning
✅ Correct Answer: Hardware-based security
57. Which security principle prevents user denial of actions?
Non-repudiation
Confidentiality
Integrity
Availability
✅ Correct Answer: Non-repudiation
58. What does RTO stand for in disaster recovery?
Recovery Time Objective
Risk Tolerance Overview
Real-Time Operation
Remote Technical Office
✅ Correct Answer: Recovery Time Objective
59. Which attack involves IP address spoofing?
DDoS
Phishing
SQL Injection
XSS
✅ Correct Answer: DDoS
60. What is the purpose of a security awareness program?
To educate users
To encrypt data
To block attacks
To monitor networks
✅ Correct Answer: To educate users
61. Which security framework focuses on financial reporting?
SOX
HIPAA
PCI DSS
GDPR
✅ Correct Answer: SOX
62. What is the primary purpose of a VLAN?
To segment network traffic
To encrypt communications
To authenticate users
To block malware
✅ Correct Answer: To segment network traffic
63. Which security control is technical?
Firewall
Security policy
Background checks
Warning signs
✅ Correct Answer: Firewall
64. What does EDR stand for in endpoint security?
Endpoint Detection and Response
Encrypted Data Recovery
Enterprise Defense Resolution
External Device Recognition
✅ Correct Answer: Endpoint Detection and Response
65. Which protocol is used for network device management?
SNMP
HTTP
FTP
SMTP
✅ Correct Answer: SNMP
66. What is the primary risk of shadow IT?
Unmanaged security risks
Network slowdown
Data corruption
Encryption failure
✅ Correct Answer: Unmanaged security risks
67. Which security framework focuses on privacy?
GDPR
PCI DSS
HIPAA
SOX
✅ Correct Answer: GDPR
68. What is the purpose of a security token?
To authenticate users
To encrypt data
To scan networks
To block attacks
✅ Correct Answer: To authenticate users
69. Which attack involves session token theft?
Session Hijacking
Phishing
SQL Injection
DDoS
✅ Correct Answer: Session Hijacking
70. What does RPO stand for in disaster recovery?
Recovery Point Objective
Risk Probability Overview
Real-time Protection Order
Remote Procedure Operation
✅ Correct Answer: Recovery Point Objective
71. Which security control is physical?
Security guards
Firewall
Encryption
Access control lists
✅ Correct Answer: Security guards
72. What is the purpose of a security assessment?
To evaluate security posture
To block attacks
To encrypt data
To authenticate users
✅ Correct Answer: To evaluate security posture
73. Which protocol is used for secure file transfer?
SFTP
HTTP
FTP
SMTP
✅ Correct Answer: SFTP
74. What does IAM stand for in security?
Identity and Access Management
Internet Authentication Module
Intrusion Alert Mechanism
Internal Audit Management
✅ Correct Answer: Identity and Access Management
75. Which attack involves bypassing authentication?
Credential Stuffing
XSS
CSRF
MITM
✅ Correct Answer: Credential Stuffing
76. What is the purpose of a security operations center?
To monitor security events
To develop software
To manage HR policies
To conduct marketing
✅ Correct Answer: To monitor security events
77. Which security framework focuses on industrial systems?
NIST SP 800-82
PCI DSS
HIPAA
GDPR
✅ Correct Answer: NIST SP 800-82
78. What does DDoS stand for?
Distributed Denial of Service
Data Deletion on System
Direct Disk Overwrite
Digital Document Security
✅ Correct Answer: Distributed Denial of Service
79. Which security control is compensating?
Manual monitoring
Firewall
Encryption
Biometrics
✅ Correct Answer: Manual monitoring
80. What is the purpose of a security questionnaire?
To assess vendor security
To encrypt data
To block attacks
To authenticate users
✅ Correct Answer: To assess vendor security
81. Which protocol is used for secure DNS?
DNSSEC
HTTP
FTP
SMTP
✅ Correct Answer: DNSSEC
82. What does APT stand for in cybersecurity?
Advanced Persistent Threat
Automated Penetration Test
Application Protection Technology
Authorized Personnel Tracker
✅ Correct Answer: Advanced Persistent Threat
83. Which attack involves forced browsing?
Directory Traversal
XSS
CSRF
MITM
✅ Correct Answer: Directory Traversal
84. What is the purpose of a security baseline?
To establish minimum security standards
To detect intrusions
To encrypt communications
To authenticate devices
✅ Correct Answer: To establish minimum security standards
85. Which security framework focuses on cloud computing?
CSA STAR
PCI DSS
HIPAA
SOX
✅ Correct Answer: CSA STAR
86. What does NAC stand for in network security?
Network Access Control
Network Authentication Certificate
New Application Configuration
Node Authorization Check
✅ Correct Answer: Network Access Control
87. Which attack involves cookie manipulation?
Session Fixation
Phishing
SQL Injection
DDoS
✅ Correct Answer: Session Fixation
88. What is the purpose of a security audit log?
To record security events
To encrypt data
To block attacks
To authenticate users
✅ Correct Answer: To record security events
89. Which security framework focuses on US federal systems?
FISMA
PCI DSS
HIPAA
GDPR
✅ Correct Answer: FISMA
90. What does CVE stand for in vulnerability management?
Common Vulnerabilities and Exposures
Critical Vulnerability Evaluation
Computer Virus Encyclopedia
Cybersecurity Verification Engine
✅ Correct Answer: Common Vulnerabilities and Exposures
91. Which attack involves LDAP injection?
Directory Traversal
XSS
CSRF
MITM
✅ Correct Answer: Directory Traversal
92. What is the purpose of a security policy exception?
To allow temporary deviations
To encrypt data
To block all access
To authenticate devices
✅ Correct Answer: To allow temporary deviations
93. Which security framework focuses on critical infrastructure?
NIST CSF
PCI DSS
HIPAA
GDPR
✅ Correct Answer: NIST CSF
94. What does BYOD stand for in mobile security?
Bring Your Own Device
Backup Your Organizational Data
Block Youthful Online Danger
Biometric Yearly Operational Directive
✅ Correct Answer: Bring Your Own Device
95. Which attack involves XML injection?
XXE
XSS
CSRF
MITM
✅ Correct Answer: XXE
96. What is the purpose of a security awareness training?
To educate users
To encrypt data
To block attacks
To monitor networks
✅ Correct Answer: To educate users
97. Which security framework focuses on risk management?
ISO 27005
PCI DSS
HIPAA
GDPR
✅ Correct Answer: ISO 27005
98. What does PII stand for in data protection?
Personally Identifiable Information
Protected Internet Infrastructure
Public Institutional Identifier
Private Internal Investigation
✅ Correct Answer: Personally Identifiable Information
99. Which attack involves HTTP header manipulation?
HTTP Response Splitting
XSS
CSRF
MITM
✅ Correct Answer: HTTP Response Splitting
100. What is the purpose of a security assessment?
To evaluate security posture
To block attacks
To encrypt data
To authenticate users
✅ Correct Answer: To evaluate security posture
101. Which security framework focuses on payment systems?
PCI DSS
HIPAA
GDPR
SOX
✅ Correct Answer: PCI DSS
102. What does RTO stand for in disaster recovery?
Recovery Time Objective
Risk Tolerance Overview
Real-Time Operation
Remote Technical Office
✅ Correct Answer: Recovery Time Objective
103. Which attack involves malicious macros?
Macro Virus
XSS
CSRF
MITM
✅ Correct Answer: Macro Virus
104. What is the purpose of a security baseline?
To establish minimum security standards
To detect intrusions
To encrypt communications
To authenticate devices
✅ Correct Answer: To establish minimum security standards
105. Which security framework focuses on healthcare?
HIPAA
PCI DSS
GDPR
SOX
✅ Correct Answer: HIPAA
106. What does DLP stand for in data security?
Data Loss Prevention
Digital License Protection
Direct Login Protocol
Dynamic Layer Protection
✅ Correct Answer: Data Loss Prevention
107. Which attack involves malicious USB devices?
BadUSB
XSS
CSRF
MITM
✅ Correct Answer: BadUSB
108. What is the purpose of a security operations center?
To monitor security events
To develop software
To manage HR policies
To conduct marketing
✅ Correct Answer: To monitor security events
109. Which security framework focuses on financial reporting?
SOX
HIPAA
PCI DSS
GDPR
✅ Correct Answer: SOX
110. What does BYOD stand for in mobile security?
Bring Your Own Device
Backup Your Organizational Data
Block Youthful Online Danger
Biometric Yearly Operational Directive
✅ Correct Answer: Bring Your Own Device
The Eccouncil 212 82 Certified Cybersecurity Technician certification is a globally recognized credential for IT professionals.
This practice test helps you prepare by covering key topics like hardware, networking, troubleshooting, and security.
Want more practice? Check out our other mock exams: