ALISON Cheat Sheet 2026
The 30 highest-yield ALISON facts, distilled from real exam questions. Print it, save it as a PDF, or study it here — free, no sign-up.
120 questions
150 min time limit
80.00% to pass
- Which best describes the scope of Operating Systems & Platforms in professional practice? → A comprehensive area covering both theoretical foundations and practical applications
- What common challenge do professionals face when applying Operating Systems & Platforms principles? → Balancing theoretical best practices with practical constraints and real-world conditions
- What type of file system artifact allows forensic investigators to recover deleted files on NTFS volumes? → Master File Table ($MFT)
- Starting with Android 6.0 (Marshmallow), how were app permissions changed to improve security? → Dangerous permissions must be requested and granted individually at runtime
- What distinguishes inherent risk from residual risk? → Inherent risk exists before controls; residual risk remains after controls are applied
- What is the recommended approach to staying current in Cloud Computing & Virtualization? → Regular professional development, industry publications, and peer collaboration
- Which concept in cybercrime investigation refers to determining what happened, when, who did it, and how during an incident? → Forensic timeline reconstruction
- What is the primary purpose of industry regulations in this field? → To protect the public and ensure consistent professional standards
- What common challenge do professionals face when applying Cryptography & Data Protection principles? → Balancing theoretical best practices with practical constraints and real-world conditions
- What is network segmentation and why is it important? → Dividing a network into smaller segments to contain breaches and control access
- Which term describes a highly targeted phishing attack aimed at a specific individual or organization? → Spear phishing
- What is the most important competency assessed in Access Control & Identity Management for professionals in this field? → Applied knowledge and practical problem-solving ability
- What is the security purpose of certificate pinning in mobile applications? → To ensure the app only trusts specific certificates, preventing MITM attacks via rogue CAs
- What is the purpose of intrusion detection systems (IDS)? → To monitor network traffic for suspicious activity and known threats
- Which best describes the scope of Application Security & Development in professional practice? → A comprehensive area covering both theoretical foundations and practical applications
- What is a DMZ (Demilitarized Zone) in network architecture? → A network segment between internal and external networks that hosts public-facing services
- What is the role of a 'write blocker' in digital forensics? → To prevent any writes to the evidence drive during imaging, preserving its original state
- What is the recommended approach to staying current in Database Management & Security? → Regular professional development, industry publications, and peer collaboration
- Which log file in Linux systems is most useful for tracking user authentication events during a forensic investigation? → /var/log/auth.log
- What is the first step in the risk management process? → Risk identification — recognizing potential threats and vulnerabilities
- Which attack technique involves following an authorized person through a secured door without using credentials? → Tailgating
- What is the most important competency assessed in Cloud Computing & Virtualization for professionals in this field? → Applied knowledge and practical problem-solving ability
- What is the most important competency assessed in Cryptography & Data Protection for professionals in this field? → Applied knowledge and practical problem-solving ability
- Which best describes the scope of Access Control & Identity Management in professional practice? → A comprehensive area covering both theoretical foundations and practical applications
- What is a rogue access point in network security? → An unauthorized wireless access point installed on a network without admin approval
- What is the consequence of non-compliance with mandatory regulations? → Penalties including fines, license revocation, and potential legal action
- What does a VPN provide in terms of network security? → Encrypted communication tunnels over public networks
- What is 'network forensics' focused on? → Capturing and analyzing network traffic to reconstruct events and identify attackers
- What is the recommended approach to staying current in Threat Detection & Incident Response? → Regular professional development, industry publications, and peer collaboration
- What primary security risk does a BYOD (Bring Your Own Device) policy introduce in an enterprise environment? → Loss of organizational control over device security posture and data handling
Turn these facts into recall: