CBSE Cheat Sheet 2026
The 30 highest-yield CBSE facts, distilled from real exam questions. Print it, save it as a PDF, or study it here — free, no sign-up.
80 questions
90 min time limit
70.00% to pass
- Which metric should a security analyst monitor to detect abnormal DeFi protocol behavior indicative of an ongoing exploit? → Total Value Locked (TVL) drop of >20% in a single block or transaction
- When auditing an enterprise blockchain for supply chain integrity, which attack vector targets off-chain oracle data feeds? → Oracle manipulation / data feed poisoning
- A CBSE candidate is auditing a cross-chain bridge. Which vulnerability class has caused the largest losses in bridge hacks? → Improper validation of cross-chain message signatures allowing forged mint approvals
- What is the primary purpose of becoming a Certified Blockchain Security Expert? → To secure blockchain-based systems and applications
- What is a typical recommended prerequisite for candidates pursuing the CBSE certification? → Familiarity with blockchain fundamentals and cybersecurity concepts
- Which vulnerability type allows an attacker to repeatedly call a DeFi protocol's withdrawal function before the balance is updated? → Reentrancy
- A candidate who fails the CBSE exam on the first attempt wants to retake it. What is the standard waiting period before a retake? → 14 days
- Which of the following best describes the accreditation body's role in maintaining CBSE exam integrity? → Periodically reviewing and updating the exam question bank to prevent compromise
- Which type of DeFi attack exploits the ordering of transactions within a block for profit? → Maximal Extractable Value (MEV) exploitation
- What network-level threat does the 'MAX_BLOCK_SIZE' parameter help mitigate in Bitcoin nodes? → Resource exhaustion via oversized block propagation
- Which of the following best describes a blockchain security expert? → A specialist in identifying and mitigating risks in blockchain systems
- In the CBSE accreditation framework, what is the significance of the 'exam blueprint'? → It outlines the domain weightings and topic distribution across the exam
- Which security practice best mitigates the risk of a compromised DeFi protocol admin key? → Using a multi-signature wallet with time-locked governance for all admin operations
- A forensics investigator needs to prove a specific transaction occurred at a certain time on a public blockchain. What provides this proof? → The transaction hash, block number, and block timestamp anchored to the immutable chain
- What is the purpose of the RIPEMD-160 hash in Bitcoin address generation? → To shorten the SHA-256 hash of a public key into a 160-bit address
- Slashing conditions in Ethereum's Casper PoS protocol are designed primarily to penalize which behavior? → Equivocation — signing two conflicting blocks at the same height
- Which of the following activities qualifies as a CPE credit for CBSE recertification? → Attending an EC-Council-approved blockchain security seminar
- What does maintaining CBSE certification typically require after the initial award? → Accumulating continuing education credits and renewing the credential periodically
- In a Proof-of-Work blockchain, what condition must an attacker satisfy to execute a 51% attack successfully? → Control more than half of the network's total hash rate
- Which vulnerability exists when a proxy contract's 'implementation' storage slot overlaps with a variable in the implementation contract? → Storage collision between proxy and implementation
- What is the security implication of generating private keys using a weak or predictable random number generator? → Private keys become predictable and vulnerable to enumeration or brute-force attacks
- Which technique in blockchain threat modeling specifically evaluates whether smart contract state transitions can lead to unintended final states? → Formal verification using model checkers
- Hybrid consensus models that combine PoW and PoS (such as early Decred) are designed to raise the cost of which specific attack? → 51% attacks, by requiring an adversary to dominate both hash rate and stake simultaneously
- In which industries is blockchain security expertise especially in demand? → Healthcare, Financial Services, and Supply Chain
- What forensic artifact should be preserved immediately after discovering a compromised validator node? → Memory dump, disk image, and network logs before shutdown
- What does the BIP-44 derivation path m/44'/0'/0'/0/0 define in an HD wallet? → A specific child key derived following the BIP-44 hierarchical structure
- What does 'transaction malleability' allow an attacker to do at the network level before a transaction is confirmed? → Alter the transaction ID (txid) by modifying the scriptSig without changing its validity
- In a cross-chain bridge architecture, which attack surface is introduced specifically by the relay/validator set responsible for verifying source-chain events? → Collusion or compromise of the bridge validator set to forge transfer proofs
- Which organization administers the CBSE (Certified Blockchain Security Expert) certification? → Blockchain Training Alliance
- A security architect must ensure non-repudiation for enterprise blockchain transactions. Which mechanism directly achieves this? → Requiring each transaction to carry a digital signature from the submitter's private key
Turn these facts into recall: