CSX Cheat Sheet 2026
The 30 highest-yield CSX facts, distilled from real exam questions. Print it, save it as a PDF, or study it here — free, no sign-up.
75 questions
120 min time limit
65.00% to pass
- What should be regularly tested to ensure operational resilience after an incident? → Disaster recovery plan
- Which term refers to limiting user access to only what is necessary for their job? → Least privilege
- What does the Fourth Amendment protect against in CSX operations? → Unreasonable searches and seizures by requiring probable cause or warrants
- Which port number is associated with HTTPS traffic by default? → 443
- What does CPTED stand for in CSX security planning? → Crime Prevention Through Environmental Design
- What does SIEM stand for in cybersecurity? → Security Information and Event Management
- What does the Fourth Amendment protect against in CSX operations? → Unreasonable searches and seizures by requiring probable cause or warrants
- Which metric indicates how quickly systems must be restored after a disruption? → Recovery Time Objective
- Why is asset classification important in threat assessment? → It identifies critical systems to secure first
- What does CPTED stand for in CSX security planning? → Crime Prevention Through Environmental Design
- What is a 'false positive' in the context of SOC alert management? → An alert triggered by legitimate activity that is mistakenly identified as malicious
- Which hashing algorithm is currently recommended by NIST for producing a 256-bit digest? → SHA-256
- Which metrics are most commonly used to measure SOC effectiveness in detecting and resolving incidents? → Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR)
- What is a major benefit of system redundancy in recovery planning? → Ensures high availability
- Which tool is commonly used for network threat detection? → IDS
- What does CPTED stand for in CSX security planning? → Crime Prevention Through Environmental Design
- What is the purpose of a digital certificate in public key infrastructure (PKI)? → To bind a public key to an identity, verified by a Certificate Authority
- What is the purpose of a Security Information and Event Management (SIEM) system? → Aggregate and analyze security logs
- What does CPTED stand for in CSX security planning? → Crime Prevention Through Environmental Design
- What does a vulnerability assessment primarily aim to identify? → System weaknesses and exposures
- Which action is taken during the recovery phase of incident response? → Restore and validate system functionality
- What is a rainbow table attack and which control best mitigates it? → A precomputed hash lookup attack mitigated by password salting
- Which technology is essential for protecting data in transit? → Encryption
- Which ISACA CSX domain emphasizes the ability to continuously monitor networks for anomalous behavior? → Detect
- What does the Fourth Amendment protect against in CSX operations? → Unreasonable searches and seizures by requiring probable cause or warrants
- Which of the following is the most common initial step in a cyberattack? → Phishing attack
- Which cryptographic concept ensures that even if one session key is compromised, past session keys remain secure? → Perfect Forward Secrecy (PFS)
- What does IOC stand for in the context of threat intelligence and SIEM analysis? → Indicator of Compromise
- What does CPTED stand for in CSX security planning? → Crime Prevention Through Environmental Design
- What is a common method to confirm a detected security incident? → Log correlation and validation
Turn these facts into recall: