CSX Cheat Sheet 2026

The 30 highest-yield CSX facts, distilled from real exam questions. Print it, save it as a PDF, or study it here — free, no sign-up.

75 questions
120 min time limit
65.00% to pass
  1. What should be regularly tested to ensure operational resilience after an incident? Disaster recovery plan
  2. Which term refers to limiting user access to only what is necessary for their job? Least privilege
  3. What does the Fourth Amendment protect against in CSX operations? Unreasonable searches and seizures by requiring probable cause or warrants
  4. Which port number is associated with HTTPS traffic by default? 443
  5. What does CPTED stand for in CSX security planning? Crime Prevention Through Environmental Design
  6. What does SIEM stand for in cybersecurity? Security Information and Event Management
  7. What does the Fourth Amendment protect against in CSX operations? Unreasonable searches and seizures by requiring probable cause or warrants
  8. Which metric indicates how quickly systems must be restored after a disruption? Recovery Time Objective
  9. Why is asset classification important in threat assessment? It identifies critical systems to secure first
  10. What does CPTED stand for in CSX security planning? Crime Prevention Through Environmental Design
  11. What is a 'false positive' in the context of SOC alert management? An alert triggered by legitimate activity that is mistakenly identified as malicious
  12. Which hashing algorithm is currently recommended by NIST for producing a 256-bit digest? SHA-256
  13. Which metrics are most commonly used to measure SOC effectiveness in detecting and resolving incidents? Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR)
  14. What is a major benefit of system redundancy in recovery planning? Ensures high availability
  15. Which tool is commonly used for network threat detection? IDS
  16. What does CPTED stand for in CSX security planning? Crime Prevention Through Environmental Design
  17. What is the purpose of a digital certificate in public key infrastructure (PKI)? To bind a public key to an identity, verified by a Certificate Authority
  18. What is the purpose of a Security Information and Event Management (SIEM) system? Aggregate and analyze security logs
  19. What does CPTED stand for in CSX security planning? Crime Prevention Through Environmental Design
  20. What does a vulnerability assessment primarily aim to identify? System weaknesses and exposures
  21. Which action is taken during the recovery phase of incident response? Restore and validate system functionality
  22. What is a rainbow table attack and which control best mitigates it? A precomputed hash lookup attack mitigated by password salting
  23. Which technology is essential for protecting data in transit? Encryption
  24. Which ISACA CSX domain emphasizes the ability to continuously monitor networks for anomalous behavior? Detect
  25. What does the Fourth Amendment protect against in CSX operations? Unreasonable searches and seizures by requiring probable cause or warrants
  26. Which of the following is the most common initial step in a cyberattack? Phishing attack
  27. Which cryptographic concept ensures that even if one session key is compromised, past session keys remain secure? Perfect Forward Secrecy (PFS)
  28. What does IOC stand for in the context of threat intelligence and SIEM analysis? Indicator of Compromise
  29. What does CPTED stand for in CSX security planning? Crime Prevention Through Environmental Design
  30. What is a common method to confirm a detected security incident? Log correlation and validation
Turn these facts into recall: