CompTIA Cybersecurity Analyst (CySA+) Certification Exam

Question 1

The developers recently deployed new code to three web servers. A daffy automated external device scan report shows server vulnerabilities that are failure items according to PCI DSS.
If the venerability is not valid, the analyst must take the proper steps to get the scan clean.
If the venerability is valid, the analyst must remediate the finding.
After reviewing the information provided in the network diagram, select the STEP 2 tab to complete the simulation by selecting the correct Validation Result and Remediation Action for each server listed using the drop-down options.
INTRUCTIONS:
The simulation includes 2 steps.
Step1:Review the information provided in the network diagram and then move to the STEP 2 tab.

STEP 2: Given the Scenario, determine which remediation action is required to address the vulnerability.

Correct Answer:

Question 2

Which of the following data exfiltration discoveries would most likely require communicating a breach to regulatory agencies?

A. PHI files

B. CRM data

C. SIEM logs

D. UEBA metrics

Correct Answer: A

Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).

Question 3

An application developer needs help establishing a digital certificate for a new application. Which of the following illustrates a certificate management best practice?

A. Ensure the certificate Is applied to the certificate revocation list.

B. Ensure the certificate is requested from a trusted CA.

C. Ensure the certificate key is less than 1028 bits long.

D. Ensure the developer has self-signed the certificate.

E. Ensure the certificate key algorithm is SHA-1 compliant.

Correct Answer: B

Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).

Question 4

Industry partners from critical infrastructure organizations were victims of attacks on their SCADA devices. The attacker was able to gain access to the SCADA by logging in to an account with weak credentials. Which of the following identity and access management solutions would help to mitigate this risk?

A. Manual access reviews

B. Multifactor authentication

C. Endpoint detection and response

D. Role-based access control

Correct Answer: D

Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).

Question 5

A security analyst is reviewing port scan data that was collected over the course of several months. The following data represents the trends:

Which of the following is the BEST action for the security analyst to take after analyzing the trends?

A. Assume there are new instances of Apache in the environment.

B. Raise a concern to a supervisor regarding possible malicious use Of port 8443.

C. Investigate why the number of open SSH ports varied during the six months.

D. Review the system configurations to determine if port 445 needs to be open.

Correct Answer: C

Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).

Question 6

Legacy medical equipment, which contains sensitive data, cannot be patched. Which of the following is the best solution to improve the equipment's security posture?

A. Implement an air gap for the legacy systems.

B. Implement a VPN between the legacy systems and the local network.

C. Move the legacy systems behind a WAR

D. Place the legacy systems in the perimeter network.

Correct Answer: A

Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).

Question 7

During the forensic analysis of a compromised machine, a security analyst discovers some binaries that are exhibiting abnormal behaviors. After extracting the strings, the analyst finds unexpected content. Which of the following is the next step the analyst should take?

A. Only allow binaries on the approve list to execute.

B. Run an antivirus against the binaries to check for malware.

C. Use file integrity monitoring to validate the digital signature

D. Validate the binaries' hashes from a trusted source.

Correct Answer: D

Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).

Question 8

A company wants to ensure a third party does not take intellectual property and build a competing product. Which of the following is a non-technical data and privacy control that would best protect the company?

A. Purpose limitation

B. Digital rights management

C. Data encryption

D. A non-disclosure agreement

Correct Answer: D

Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).

Question 9

A Chief Information Security Officer has requested a security measure be put in place to redirect certain traffic on the network. Which of the following would best resolve this issue?

A. Geoblocking

B. Sinkholing

C. Blocklisting

D. Sandboxing

Correct Answer: B

Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).

Question 10

A cybersecurity analyst needs to Implement controls that will reduce the attack surface of a web server. Which of the following is the best proactive control?

A. Installing a host-based IDS

B. Sending logs to a remote server

C. Performing vulnerability scans

D. Disabling unused modules

Correct Answer: D

Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).

Question 11

An application has been updated to fix a vulnerability. Which of the following would ensure that previously patched vulnerabilities have not been reintroduced?

A. Stress testing

B. Code review

C. Regression testing

D. Peer review

Correct Answer: C

Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).

Question 12

A security analyst needs to determine the best method for securing access to a top-secret datacenter Along with an access card and PIN code, which of the following additional authentication methods would be BEST to enhance the datacenter's security?

A. Passphrase

B. Fingerprint

C. Physical key

D. Retinal scan

Correct Answer: D

Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).

Question 13

The steering committee for information security management annually reviews the security incident register for the organization to look for trends and systematic issues. The steering committee wants to rank the risks based on past incidents to improve the security program for next year. Below is the incident register for the organization:

Which of the following should the organization consider investing in first due to the potential impact of availability?

A. Build a warm site in case of system outages.

B. Hire a managed service provider to help with vulnerability management.

C. Hire additional staff for the IT department to assist with vulnerability management and log review.

D. Invest in a failover and redundant system, as necessary.

Correct Answer: D

Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).

Question 14

An organization is developing software to match customers' expectations. Before the software goes into production, it must meet the following quality assurance guidelines
* Uncover all the software vulnerabilities.
* Safeguard the interest of the software's end users.
* Reduce the likelihood that a defective program will enter production.
* Preserve the Interests of me software producer
Which of me following should be performed FIRST?

A. Store the source code in a s oftware escrow.

B. Conduct a static analysis of the code.

C. Ensure verification and vacation took place during each phase.

D. Run source code against the latest OWASP vulnerabilities.

E. Document the life-cycle changes that look place.

Correct Answer: B

Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).

CompTIA Cybersecurity Analyst (CySA+) Certification - CS0-002 Exam Practice Test

Latest Update

Useful Links

Contact Us