Prepare CREST-CPSA Exam with Using CREST-CPSA Dump Questions

Category:

Comments:

0 Comments

Post Date:

September 18, 2025

If you are serious about passing your CREST CREST-CPSA certification exam, practicing with CREST-CPSA dumps questions is an essential step in your preparation process. These CREST-CPSA dumps will help you assess your knowledge, identify your strengths and weaknesses, and improve your chances of passing the exam on the first try. So why wait? Start practicing today and give yourself the best possible chance of success! Test free CREST-CPSA exam dumps questions below.

Page 1 of 5

1. Which of the following best describes the purpose of the HTML tag?

It adds styles to a webpage

It defines input fields for user interaction and data submission

It embeds JavaScript

It renders images on the server

2. In which part of a web application is DOM-based XSS typically executed?

Within client-side JavaScript execution

In the HTML meta tags

In the server-side script

Inside CSS stylesheets

3. Which of the following cryptographic algorithms is symmetric?

RSA

DSA

AES

ECC

4. Which of the following wireless encryption protocols is considered secure for enterprise use?

WEP

WPA

WPA2-Enterprise

WPA2-Personal with TKIP

5. What command-line tool is commonly used to test SMTP servers for open relay vulnerabilities?

Telnet

Curl

Dig

Arp-scan

6. Which protocol operates at the transport layer and is commonly used for time-sensitive data like video or VoIP?

TCP

UDP

ICMP

ARP

7. Why is hardcoding database credentials into application source code a security risk?

It increases query speed

It can cause application crashes during updates

If source code is leaked, credentials can be easily extracted and misused

It prevents session timeouts

8. What defense is most effective against injection attacks in SQL-based applications?

Regular expressions

Parameterized queries (prepared statements)

JavaScript filtering

Client-side input trimming

9. Which Unix command can enumerate RPC services running on a remote host?

iptables

rpcinfo

wget

host

10. Which protocol is commonly used for remote client access in Microsoft Exchange?

IMAP

RDP

MAPI over HTTP

FTP

Page 2 of 5

11. Which of the following practices reduces the risk of SQL injection in web applications connecting to a database?

Allowing dynamic SQL construction

Utilizing parameterized queries and least privilege database users

Using database admin accounts in connection strings

Disabling HTTPS on web applications

12. In HTTPS communication, what role does the TLS handshake play?

Encrypts the application data

Establishes encryption keys and negotiates cipher suites

Authenticates users

Transmits the digital certificate

13. Which tool is best suited for identifying missing Windows patches during an internal security assessment?

Netstat

MBSA

Ncat

Wireshark

14. What is the purpose of the known_hosts file in SSH?

Stores usernames for auto-login

Records login history

Caches remote host public keys to prevent MITM attacks

Encrypts SSH sessions

15. What risk is introduced by an X11 server with no access control enabled (xhost +)?

SSH key exfiltration

Allows remote users to capture keystrokes and screenshots

Prevents GUI rendering

Bypasses sudo authentication

16. What type of response from an SMB login attempt can indicate valid usernames even with incorrect passwords?

Access Denied

No response

Logon Failure: Unknown User

Logon Failure: Account Locked

17. What is the purpose of a rogue access point in a wireless assessment?

To block legitimate traffic

To simulate man-in-the-middle attacks or capture credentials

To create a backup SSID

To scan for malware

18. Which of the following techniques is most effective for discovering unlinked web content?

DNS zone transfer

Directory brute-forcing with a wordlist

Traceroute mapping

SSL certificate inspection

19. Why is it risky to implement custom authentication mechanisms instead of using proven libraries?

They improve performance but increase complexity

They cannot be patched

They require client certificates

They often contain implementation flaws that attackers can exploit

20. Which server-side language is commonly used in legacy web applications and is known for its simplicity and wide adoption?

JavaScript

PHP

CSS

HTML

Page 3 of 5

21. Which IPSec mode encrypts only the data payload and not the original IP header?

Transport Mode

Tunnel Mode

Encapsulation Mode

Secure Mode

22. Which tool is commonly used to enumerate domain trusts in a Windows environment?

PowerView

Netcat

Nmap

Hydra

23. Which of the following session handling flaws allows an attacker to predict valid session IDs?

Cross-site scripting

Insecure Direct Object Reference

Session fixation

Poor session entropy

24. Which of the following is a known flaw in Apache web servers that has been exploited in past attacks?

Slowloris denial of service

Integer overflow in nginx

Arbitrary file upload in IIS

XSS in lighttpd

25. Which UK legislation specifically makes unauthorized access to computer systems a criminal offence?

Data Protection Act 2018

Computer Misuse Act 1990

Regulation of Investigatory Powers Act 2000

Freedom of Information Act 2000

26. What is the primary risk of using out-of-band patching strategies?

Improved vulnerability coverage

Automatic rollback

Potential system instability

Reduced performance

27. Which Nmap option performs aggressive OS detection?

-sT

-A

-O

-sV

28. 1.Which term best describes the likelihood that a threat will exploit a vulnerability causing harm?

Risk

Threat

Exposure

Control

29. Which of the following vulnerabilities is commonly associated with poorly secured REST APIs?

Broken Object Level Authorization (BOLA)

DNS spoofing

Directory traversal via cookies

DLL injection

30. What is the purpose of identifying attack vectors during threat modelling?

To harden the OS kernel

To measure site performance

To determine how an attacker could exploit vulnerabilities

To map DNS records

Page 4 of 5

31. Which site would most likely be used to search historical discussions in public newsgroups?

Google Groups

GitHub

VirusTotal

Shodan

32. Which protocol version is considered insecure and deprecated in modern web encryption?

TLS 1.3

TLS 1.2

SSL 3.0

HTTPS 2.0

33. Which of the following poses a risk when using third-party JavaScript libraries from Content Delivery Networks?

Slow page load time

Violation of HTTP protocol

Higher encryption overhead

Potential for library hijacking or malicious code injection

34. What is the primary function of the ARP protocol?

Resolves domain names to IP addresses

Provides encryption over the network

Resolves IP addresses to MAC addresses

Routes packets between different networks

35. While examining a company’s public website, a penetration tester identifies an administrative login page located at /admin/login.jsp.

What is the best next step?

Attempt a brute-force login

Capture screenshots and log the finding

Exploit the page immediately

Run a DoS attack to test server response

36. Which of the following files on a Unix system can be used by an attacker to enumerate local users?

/etc/shadow

/etc/passwd

/etc/group

/var/log/syslog

37. Which Google Dork query would help a tester find publicly exposed login portals?

inurl:admin login

filetype:sql

intitle:"Index of"

ext:pdf site:target.com

38. Which HTTP status code is often returned with a detailed application error stack trace in misconfigured environments?

302 Found

200 OK

500 Internal Server Error

403 Forbidden

39. Which cryptographic concept ensures that a message has not been altered in transit?

Confidentiality

Availability

Integrity

Non-repudiation

40. Why is exposing the application server’s administrative console to the public internet a security risk?

It improves performance

It bypasses SSL validation

It allows attackers to perform configuration changes or deployments

It disables session timeouts

Page 5 of 5

41. Which of the following techniques is commonly used to prevent parameter tampering in web applications?

Disabling browser autocomplete

Using CAPTCHA

Implementing server-side validation and access control checks

Applying client-side input masks

42. Which type of XSS vulnerability allows the attacker’s payload to be stored permanently on the server?

Reflected XSS

Stored XSS

DOM-based XSS

CSRF

43. Which type of network architecture separates management, control, and data planes to enhance scalability and security?

Flat Network Architecture

Peer-to-Peer Network

Software Defined Networking (SDN)

Ring Topology

44. Your customer tells you they have a Class B network.

How many IP addresses does this network include?

65536

16777216

8192

256

45. Which method is most effective for verifying security configuration compliance on network devices?

Reviewing configuration files or running automated configuration audit tools

Checking routing tables

Port scanning with Nmap

Performing denial-of-service attacks

46. Which SNMP version provides authentication and encryption for secure device management?

SNMPv1

SNMPv3

SNMPv2c

SNMPv2u

47. What is the main purpose of an interim report during an assessment?

To serve as the final report if testing is interrupted

To alert the client to critical issues requiring immediate attention

To summarize tool output before analysis

To document scope changes

TAGS:

CREST-CPSA, CREST-CPSA exam dumps

Notify of

Label

Name*

Email*

Website

Label

Name*

Email*

Website

0 Comments

Oldest

Newest Most Voted

Inline Feedbacks

View all comments

Posts

Get CREST-CPSA Dumps Full Version

Q&As: 154
Versions: PDF and Software Download Now

About Dumpsinfo

Dumpsinfo is a good platform providing the latest exam information and dumps questions for all IT certification exams. You can study all the latest exam dumps questions online.

[email protected]

Mon - Sat 9:00am - 6:00pm

Prepare CREST-CPSA Exam with Using CREST-CPSA Dump Questions

Related

Posts

About Us

EMAIL

Services

Opening Hours