Bash, the Crucial Exams Chat Bot
AI Bot
Access Control, Identity, and Endpoint Security (CCST) Flashcards
Cisco CCST Cybersecurity 100-160 Flashcards
Study our Access Control, Identity, and Endpoint Security (CCST) flashcards for the Cisco CCST Cybersecurity 100-160 exam with 35+ flashcards. View as flashcards, a searchable table, or as a fun matching game.
| Front | Back |
| Compare signature based and behavior based anti malware | Signature based detects known malware by signatures Behavior based detects anomalies and unknown threats |
| Compare TOTP and HOTP | TOTP is time based while HOTP is counter based |
| Define audit logging for access control | Recording authentication authorization and administrative events to support detection and forensics |
| Define authorization model RBAC | Role based access control assigns permissions to roles then roles to users |
| Define disk encryption | Encrypting data at rest on storage devices to protect confidentiality if the device is lost or stolen |
| Define SAML | SAML is an XML based standard for exchanging authentication and authorization data between parties |
| Define single sign on SSO | A method that allows a user to authenticate once and access multiple services without reauthenticating |
| Describe endpoint hardening | Applying controls such as patching configuration management disabling unused services and restricting admin rights |
| Describe multi user device onboarding challenge | Ensuring secure enrollment configuration and continuous compliance for many devices without manual intervention |
| Describe OAuth purpose | Delegated authorization protocol that allows applications to act on a users behalf without sharing credentials |
| Explain 802.1X | Port based network access control using EAP for authenticating devices to a network |
| Explain certificate based authentication | Uses digital certificates to authenticate devices or users with cryptographic proof |
| Explain endpoint detection and response EDR | Technology that monitors endpoints for suspicious activity and enables investigation and response |
| Explain privileged access management PAM | Tools and processes to control monitor and audit elevated accounts and sessions |
| Explain separation of duties | A control that divides critical tasks among multiple people to prevent fraud or error |
| Explain session management controls | Mechanisms like timeouts reauthentication and token revocation to protect active sessions |
| Name the three authentication factors | Knowledge something you know Possession something you have Inherence something you are |
| What is a secure access token purpose | Used to prove authentication and authorization claims between services |
| What is a secure baseline configuration | Standardized system settings implemented to reduce attack surface and ensure consistent security posture |
| What is account lockout policy | Policy that temporarily locks accounts after repeated failed authentication attempts to deter brute force attacks |
| What is application whitelisting | Allowing only approved applications to run on endpoints to prevent unknown malware |
| What is authentication? | Process of verifying that a user or device is who it claims to be |
| What is authorization? | Process of determining what an authenticated user or device is allowed to do |
| What is behavioral biometrics | Using patterns like typing gait or mouse movements for continuous authentication |
| What is device quarantine | Isolating non compliant devices and restricting their network access until remediation |
| What is least privilege | Practice of granting users and processes the minimum access required to perform tasks |
| What is multifactor authentication MFA | Use of two or more different authentication factors to increase assurance |
| What is network access control NAC | Controls that evaluate devices before and during network access to enforce security policies |
| What is OpenID Connect | An identity layer on top of OAuth used for federated authentication |
| What is patch management | Process of identifying testing and deploying software updates to fix vulnerabilities |
| What is phishing resistant MFA | Authentication methods that cannot be bypassed by stolen credentials or phished one time codes such as FIDO2 hardware keys |
| What is posture assessment | Evaluation of device compliance with security policies before granting network access |
| What is risk based or adaptive authentication | Authentication decisions that adjust required assurance based on context risk signals such as device location and behavior |
| What is role mining | Analyzing existing access to derive appropriate roles for RBAC implementation |
| What is zero trust | A security model that requires continuous verification for every access request regardless of network location |
Related Study Materials
About the Flashcards
Flashcards for the Cisco CCST Cybersecurity exam offer a focused review of modern identity and access management concepts tested on the certification. Students can quickly recall definitions of authentication, authorization, and the three authentication factors, then move on to multifactor techniques, single sign-on, zero trust, and secure session controls.
Beyond user identity, the deck drills into network and endpoint safeguards such as 802.1X, posture assessment, EDR, application whitelisting, and patch management. You'll also review authorization models like RBAC and least privilege, token standards including OAuth, OpenID Connect, and SAML, plus critical governance practices like audit logging, privileged access management, and account lockout policies.
Topics covered in this flashcard deck:
- Authentication fundamentals
- Multifactor and adaptive auth
- Authorization & RBAC models
- Network access control
- Endpoint security hardening
- Identity federation protocols