Cisco Updated 100-160 Exam Questions and Answers by hendrix

TheCCST Cybersecuritycourse explains that MAC address filtering is a network access control method that allows only approved device hardware addresses to connect. While not foolproof against spoofing, it can block a specific device from reconnecting to a small home network.

"MAC address filtering restricts network access to devices whose unique hardware addresses are explicitly allowed. This can be used to block known unauthorized devices from reconnecting."

(CCST Cybersecurity,Basic Network Security Concepts, Wireless Security Controls section, Cisco Networking Academy)

Ais incorrect: IP ACLs are better for controlling traffic types, not blocking specific devices at the router level.

Bis correct: It prevents the device’s hardware address from reconnecting.

Cis temporary since the host can get a new IP via DHCP.

Dmay hide the network but will not stop a determined attacker who can still detect it.

TheCCST Cybersecurity Study Guidestates that vulnerability scanning is an automated process used to identify known security weaknesses in systems, software, and network devices. These scans compare system configurations and software versions against databases of known vulnerabilities, such as the Common Vulnerabilities and Exposures (CVE) list.

"A vulnerability scan is an automated test that checks systems and networks for known weaknesses by matching them against a database of vulnerabilities such as CVEs. This allows administrators to identify exploitable conditions before they are leveraged by attackers."

(CCST Cybersecurity,Vulnerability Assessment and Risk Management, Vulnerability Scanning section, Cisco Networking Academy)

Ais asset discovery, not vulnerability scanning.

Bmay be part of remediation planning but is not the primary purpose.

Cis correct: Scans detect if systems have vulnerabilities associated with CVEs.

Ddescribes SIEM (Security Information and Event Management) log correlation, not vulnerability scanning.

TheCCST Cybersecurity Study Guidenotes that HIPAA (Health Insurance Portability and Accountability Act) requires that ePHI be protected both in storage and when devices are decommissioned or repurposed. This includes implementingdata removal policiesfor mobile devices.

"HIPAA requires procedures for the removal of electronic protected health information (ePHI) from devices before disposal, reuse, or reassignment."

(CCST Cybersecurity,Essential Security Principles, Regulatory Compliance section, Cisco Networking Academy)

According to theCCST Cybersecuritycourse, NIST guidelines (SP 800-63B) recommend aminimum password length of 8 charactersfor user-generated passwords, without requiring overly complex composition rules, but encouraging longer passphrases for increased security.

"NIST guidelines specify that user-generated passwords must be at least 8 characters in length, and systems should allow passwords up to at least 64 characters."

(CCST Cybersecurity,Essential Security Principles, Authentication Best Practices section, Cisco Networking Academy)