CCOA Cyber Analyst Prep Practice Test Video
Watch the CCOA Cyber Analyst Prep practice test video walkthrough, review the questions, download the free PDF and start an online mock exam.
CCOA Cyber Analyst Prep exam — full Q&A walkthrough
Every question read aloud with the answer explained. Play it on your commute, then test yourself.
Try CCOA Cyber Analyst Prep questions now
Q1Which phase of the Cyber Kill Chain involves an attacker gathering information about the target organization?
Show answer
✓ Correct answer: Reconnaissance
Reconnaissance is the first phase of the Cyber Kill Chain where attackers collect information about their targets through various methods such as scanning networks, social engineering, or open-source intelligence gathering.
Q2What technique do threat actors commonly use to maintain persistence after gaining initial access to a system?
Show answer
✓ Correct answer: Creating backdoors
Creating backdoors is a common persistence technique that allows attackers to maintain access to compromised systems even if their initial access point is discovered and remediated.
Q3Which of the following best describes a watering hole attack?
Show answer
✓ Correct answer: Compromising websites frequently visited by the target to deliver malware
A watering hole attack involves compromising websites that target victims are known to visit, rather than attacking them directly. This allows attackers to infect specific groups of users who trust these legitimate websites.
Q4What is the primary purpose of lateral movement in an attack sequence?
Show answer
✓ Correct answer: To gain access to additional systems within the network after initial compromise
After gaining initial access, attackers use lateral movement to expand their control by moving from one compromised system to others within the network, searching for valuable assets or higher privileges.
Q5Which of the following frameworks categorizes adversary tactics and techniques to help organizations understand attack methodologies?
Show answer
✓ Correct answer: MITRE ATT&CK
MITRE ATT&CK is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations, providing a framework for understanding how threat actors operate.
Q6What type of malware delivery vector involves exploiting vulnerabilities in legitimate websites to infect visitors?
Show answer
✓ Correct answer: Drive-by download
Drive-by downloads occur when users visit compromised websites that contain malicious code that automatically downloads and executes without the user's knowledge or consent by exploiting browser or plugin vulnerabilities.
Full CCOA Cyber Analyst Prep bank + unlimited mocks
Try 30 questions free. Unlock the complete CCOA Cyber Analyst Prep question bank, every explanation, and unlimited timed mock exams. Practice on any device.
Unlock CCOA Cyber Analyst Prep →