CVA Cheat Sheet 2026

The 30 highest-yield CVA facts, distilled from real exam questions. Print it, save it as a PDF, or study it here — free, no sign-up.

100 questions
120 min time limit
70.00% to pass
  1. Which tool is specifically designed to perform automated scanning of web application vulnerabilities including SQLi, XSS, and LFI? Nikto
  2. Which tool is commonly used during wireless assessments to capture WPA/WPA2 handshakes for offline password cracking? Aircrack-ng suite (airodump-ng)
  3. Which tool is commonly used for network vulnerability scanning? Nessus
  4. What can an open port on a network indicate? Potential security risk
  5. Which method identifies vulnerabilities without disrupting services? Non-intrusive scanning
  6. What is a risk mitigation strategy? Take steps to reduce risks
  7. Which compliance regulation protects consumer financial information? GLBA
  8. Which burp suite feature is most useful for identifying hidden parameters and endpoints during a web application assessment? Burp Crawl and Audit (Scanner)
  9. What is patch management's role in vulnerability assessment? Fix vulnerabilities by applying software updates
  10. Which attack exploits the multi-tenancy nature of cloud platforms to infer information about other tenants through shared hardware resources? Side-channel attack (e.g., Spectre/Meltdown)
  11. What is the primary purpose of Address Space Layout Randomization (ASLR)? To randomize memory addresses of key data areas, making exploitation harder
  12. What is the purpose of Windows User Account Control (UAC)? To require explicit elevation approval before allowing administrative actions
  13. What is privilege escalation in the context of operating system security? Gaining higher-level permissions than originally granted to a user or process
  14. Which factor is critical for evaluating risk impact? Potential damage to assets
  15. What is network sniffing? Capturing and analyzing network traffic
  16. What is the purpose of network segmentation? Enhance security by isolating segments
  17. What helps prioritize risks during analysis? Risk matrixes
  18. What is the first phase in a vulnerability assessment process? Planning and scoping
  19. Which vulnerability can arise from outdated firmware? Exploitable vulnerabilities
  20. What is a key attribute of an effective security report? Clear and understandable language
  21. What is the role of a firewall in network infrastructure? Block unauthorized access while permitting legitimate communication
  22. Which physical security control is specifically designed to prevent tailgating by allowing only one person to enter per authentication event? Mantrap (airlock)
  23. Which attack involves sending fraudulent text messages to trick recipients into clicking malicious links or providing sensitive information? Smishing
  24. What is a common weakness found in wireless networks? Weak or default passwords
  25. What does DLL injection involve in the context of Windows host-based attacks? Forcing a running process to load a malicious dynamic link library into its address space
  26. What is the Windows Security Accounts Manager (SAM) database used for? Storing local user account credentials and password hashes
  27. What does kernel exploitation typically aim to achieve? Obtaining ring-0 (kernel-level) privileges to fully control the operating system
  28. What does 'container image scanning' accomplish in a cloud security assessment? Identifies known CVEs and misconfigurations within container images before deployment
  29. What defines a zero-day vulnerability from a host security assessment perspective? A previously unknown flaw with no available patch at the time of discovery or exploitation
  30. Which physical access control provides the strongest resistance to unauthorized entry for a high-security server room? Multi-factor physical authentication combining biometrics, PIN, and access card
Turn these facts into recall: