Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

CompTIA CySA+ Exam Study Guide with Answers, Exams of Cybercrime, Cybersecurity and Data Privacy

A series of questions and answers that cover various topics relevant to the comptia cybersecurity analyst (cysa+) certification exam, including network scanning, vulnerability scanning, incident response, and security controls. It is intended to help students prepare for and pass the cysa+ exam.

Typology: Exams

2023/2024

Available from 03/16/2024

Achieverr
Achieverr 🇺🇸

4.8

(4)

3K documents

1 / 13

Toggle sidebar

Related documents


Partial preview of the text

Download CompTIA CySA+ Exam Study Guide with Answers and more Exams Cybercrime, Cybersecurity and Data Privacy in PDF only on Docsity! CompTIA CySA+ Study Guide questions with answers After running an nmap scan of a system, you receive scan data that indicates the following three ports are open: 22/TCP 443/TCP 1521/TCP What services commonly run on these ports? A. SMTP, NetBIOS, MySQL B. SSH, Microosft DS, WINS C. SSH, HTTPS, Oracle D. FTP, HTTPS, MS-SQL - correct answer; C. SSH, HTTPS, Oracle Which of the following tools is best suited to querying data provided by organizations like the American Registry for Internet Number (ARIN) as part of a footprinting or reconnaissance exercise? A. nmap B. traceroute C. regmon D. whois - correct answer; D. whois What type of system allows attackers to believe they have succeeded with their attack, thus providing defenders with information about their attack methods and tools? A. A honeypot B. A sinkhole C. A crackpot D. A darknet - correct answer; A. A honeypot What cybersecurity objective could be achieved by running your organization's web servers in redundant, geographically separate datacenters? A. Confidentiality B. Integrity C. Immutability D. Availability - correct answer; D. Availability Which of the following vulnerability scanning methods will provide the most accurate detail during a scan? A. Black box B. Authenticated C. Internal view D. External view - correct answer; B. Authenticated In early 2017, a flaw was discovered in the Chakra JavaScript scripting engine in Microsoft's Edge browser that could allow remote execution or denial of service via a specifically crafted website. The CVSS 3.0 score for the reads CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H What is the attack vector and the impact to integrity based on this rating? A. System, 9, 8 B. Browser, High C. Network, High A. She should look at unallocated space, and she is likely to find file fragments from deleted files. B. She should look at unused space where files were deleted, and she is likely to find complete files hidden there by the individual being investigated. C. She should look in the space reserved on the drive for spare blocks, and she is likely to find complete files duplicated there. D. She should look at unused space left when a file is written, and she is likely to find file fragments from deleted files. - correct answer; D. She should look at unused space left when a file is written, and she is likely to find file fragments from deleted files. What type of system is used to contain an attacker to allow them to be monitored? A. A white box B. A sandbox C. A network jail D. A VLAN - correct answer; B. A sandbox Bob's manager has asked him to ensure that a compromised system has been completely purged of the compromise. What is Bob' best course of action? A. Use an antivirus tool to remove any associated malware B. Use an antimalware tool to completely scan and clean the system C. Wipe and rebuild the system D. Restore a recent backup - correct answer; C. Wipe and rebuild the system What level of secure media disposition as defined by NIST SP-800-88 is best suited to a hard drive from a high-security system that will be reused in the same company by an employee of a different level or job type? A. Clear B. Purge C. Destroy D. Reinstall - correct answer; B. Purge Which of the following actions is not a common activity during the recovery phase of an incident response process? A. Reviewing accounts and adding new privileges B. Validating that only authorized user accounts are on the systems C. Verifying that all systems are logging properly D. Performing vulnerability scans of all systems - correct answer; A. Reviewing accounts and adding new privileges A statement like "Windows workstations must have the current security configuration template applied to them before being deployed" is most likely to be part of which document? A. Policies B. Standards C. Procedures D. Guidelines - correct answer; B. Standards Jim is concerned with complying with the U.S. federal law covering student educational records. Which of the following laws is he attempting to comply with? A. HIPAA B. GLBA C. SOX D. FERPA - correct answer; D. FERPA A fire suppression system is an example of what type of control? A. Logical B. Physical C. Administrative D. Operational - correct answer; B. Physical Lauren is concerned that Daniella and Alex are conspiring to use their access to defraud their organization. What personnel control will allow Lauren to review their actions to find any issues? A. Dual control B. Separation of duties C. Background checks D. Cross training - correct answer; B. Separation of duties Joe wants to implement an authentication protocol that is well suited ti untrusted networks. Which of the following options is best suited to his needs in its default state? A. Kerberos B. RADIUS C. LDAP D. TACACS+ - correct answer; A. Kerberos Which software development life cycle model uses linear development concepts in an iterative, four- phase process? A. Waterfall B. Agile C. RAD D. Spiral - correct answer; D. Spiral Which one of the following objectives is not one of the three main objectives that information security professionals must achieve to protect their organizations against cybersecurity threats? C. Risk transference D. Risk acceptance - correct answer; A. Risk mitigation Robert's organization has a Bring Your Own Device (BYOD) policy, and he would like to ensure that devices connected to the network under this policy have current antivirus software. What technology can best assist him with this goal? A. Network firewall B. Network access control C. Network segmentation D. Virtual private network - correct answer; B. Network access control When performing 802.1x authentication, what protocol does the authenticator use to communicate with the authentication server? A. 801.11g B. EAP C. PEAP D. RADIUS - correct answer; D. RADIUS Juan is configuring a new device that will join his organization's wireless network. The wireless network uses 802.1x authentication. What type of agent must be running on the device for it to join this network? A. Supplicant B. Authenticator C. Authentication server D. Command and control - correct answer; A. Supplicant Rick is preparing a firewall rule that will allow network traffic from external systems to a web server running the HTTPS protocol. What TCP port must he allow to pass through the firewall? A. 25 B. 80 C. 143 D. 443 - correct answer; D. 443 What type of firewall provides the greatest degree of contextual information and can include information about users and applications in its decision-making process? A. NGFW B. WAF C. Packet filter D. Stateful inspection - correct answer; A. NGFW Wayne is configuring a jump box server that system administrators will connect to from their laptops. Which one of the following ports should definitely not be open on the jump box? A. 22 B. 23 C. 443 D. 3389 - correct answer; B. 23 Tom would like to deploy consistent security settings to all of his Windows systems simultaneously. What technology can he use to achieve this goal? A. GPO B. HIPS C. IPS D. DNS - correct answer; A. GPO During what phase of a penetration test should the testers obtain written authorization to conduct the test? A. Planning B. Attack C. Discovery D. Reporting - correct answer; A. Planning Which step occurs first during the attack phase of a penetration test? A. Gaining access B. Escalating privileges C. System browsing D. Install additional tools - correct answer; A. Gaining access Barry is participating in a cybersecurity wargame exercise. Hist role is to attempt to break into adversary systems. What team is he on? A. Red team B. Blue team C. White team D. Black team - correct answer; A. Red team Which one of the following techniques might be used to automatically detect and block malicious software that does not match known malware signatures? A. MAC B. Hashing C. Decompiling D. Sandboxing - correct answer; D. Sandboxing