CSTM/CSTL Physical Access & Security

Please click on the following tabs to reveal the knowledge depth required for a successful pass of the CSTM or CSTL exam.

You will be given a random selection of questions. Please note exam content is subject to change due to circumstances beyond our control – use this as a guide and email us if you have any queries.

  • Understands how locks can be usedto restrict access to computer hardware.
  • Understands how tamper seals can be usedto deter access to computer hardware.

Understands platform integrity technologies, e.g. TPM.

  • Understands and can demonstrate the remote exploitation ofcommon no-SQL database servers, such as MongoDB.

  • Understands the security implications of unencrypted storage devices, such as hard disks.
  • Can demonstrate how data can be recovered from unencrypted storage devices, and how such data can be manipulated to introduce vulnerabiliites into an operating system.
  • Understands the security attributes of operating systemrecovery functionality, e.g. Windows Recovery Console and Safe Mode.
  • Understands multi-factor authentication systems, such as tokens and SMS.
    • Understands types of biometrics and how they can be applied
    • Understands the concept of one-time pads
    • Understands the use of digital certificates as an authentication mechanism
    • Understands the concept of contactless RFID smart cards.