CyberVista Test Cheat Sheet 2026
The 30 highest-yield CyberVista Test facts, distilled from real exam questions. Print it, save it as a PDF, or study it here — free, no sign-up.
90 questions
90 min time limit
75.00% to pass
- What term describes the practice of spreading data and workloads across multiple cloud providers to avoid vendor lock-in and increase resilience? → Multi-cloud strategy
- Which type of backup site is fully equipped and operational, allowing near-immediate failover during a disaster? → Hot site
- What does a packet sniffer do? → Captures and analyzes network traffic
- The California Consumer Privacy Act (CCPA) grants California residents the right to: → Know what personal information is collected and request its deletion
- A Data Loss Prevention (DLP) solution is BEST described as a tool that: → Monitors, detects, and blocks sensitive data exfiltration
- Which key management practice is MOST critical for maintaining long-term data confidentiality? → Regularly rotating encryption keys and securely storing them separately from the data
- What is an Intrusion Detection System (IDS)? → A system that detects unauthorized activity
- Under GDPR, organizations are required to report a personal data breach to the supervisory authority within: → 72 hours of discovery
- Which environmental threat to data center hardware is best mitigated by maintaining relative humidity between 40% and 60%? → Electrostatic discharge (ESD)
- What is the purpose of a risk matrix? → To assess the probability and severity of risks
- Which of the following BEST describes the primary security function of Domain Name System Security Extensions (DNSSEC)? → To authenticate the origin of DNS data and verify its integrity.
- What does VPN stand for? → Virtual Private Network
- What physical security control uses a small enclosed space with two sets of interlocking doors to prevent tailgating? → Mantrap (airlock)
- What is the first phase of the incident response lifecycle? → Preparation
- What does data sovereignty mean in the context of cloud security? → Ensuring data is subject to the laws of the country where it is stored or processed
- What is encryption used for in cybersecurity? → To protect data confidentiality during transmission or storage
- What is the purpose of a security policy? → To define security protocols and guidelines
- What is a key function of antivirus software? → Detect and eliminate malware threats
- What is the primary purpose of security guards performing rounds at irregular intervals rather than fixed schedules? → To make patrol timing unpredictable and harder for attackers to exploit
- What is the primary risk of using public APIs without authentication in a cloud-hosted application? → Unauthorized parties can query, modify, or delete application data
- Which cloud security control helps detect unauthorized changes to cloud resource configurations in near real time? → Cloud Security Posture Management (CSPM)
- Which type of disaster recovery test actually shifts production workloads to the backup site to validate the entire failover process? → Full interruption test
- Which cloud service model gives customers the most control over the operating system, middleware, and runtime environment? → IaaS
- What is the purpose of a Faraday cage in physical security? → To block electromagnetic signals from entering or leaving a shielded space
- What is the first step in a risk assessment? → Identifying assets and their value
- Data sovereignty refers to the concept that: → Data is subject to the laws of the country in which it is stored or processed
- Which attack exploits misconfigured cloud storage buckets to access sensitive data without authentication? → Cloud storage enumeration
- Which of the following is a key security concern unique to containerized environments such as Docker or Kubernetes? → Container escape leading to host compromise
- Which encryption approach is MOST appropriate for protecting data at rest stored in a database? → Transparent Data Encryption (TDE)
- What is the role of a network scanner? → To detect devices and assess network security
Turn these facts into recall: