CySA Practice Exam D Questions and
Answers with Verified Solutions | Latest
Updated 2026
A company is deploying new D. Deploy a scanner sensor on every
vulnerability scanning software to segment and
assess its systems. The current perform credentialed scans
network is highly segmented, and
the
networking team wants to
minimize
the number of unique firewall
rules.
Which of the following scanning
techniques would be most efficient
to achieve the objective?
A. Deploy agents on all systems to
perform the scans
B. Deploy a central scanner and
perform non-credentialed scans
C. Deploy a cloud-based scanner
and perform a network scan
D. Deploy a scanner sensor on
every
segment and perform credentialed
scans
,An organization's email account C. 15 min
was
compromised by a bad actor.
Given
the following information: (Review
Question 122)
Which of the following is the length
of time the team took to detect the
threat?
A. 10 min
B. 5 min
C. 15 min
D. 40 min
A security administrator needs to A. Data masking
import PII data records from the
production environment to the test
environment for testing purposes.
Which of the following would best
protect data confidentiality?
A. Data masking
B. Hashing
C. Watermarking
D. Encoding
, The email system administrator for A. The message fails a DMARC check
an
organization configured DKIM
signing for all email legitimately
sent
by the organization. Which of the
following would most likely indicate
an email is malicious if the
company's
domain name is used as both the
sender and the recipient?
A. The message fails a DMARC
check
B. The sending IP address is the
hosting provider
C. The signature does not meet
corporate standards
D. The sender and reply address
are
different
During an incident involving A. Header analysis
phishing, a security analyst needs
to
find the source of the malicious
email. Which of the following
techniques would provide the
analyst with this information?
A. Header analysis
B. Packet capture
C. SSL inspection
D. Reverse engineering
Answers with Verified Solutions | Latest
Updated 2026
A company is deploying new D. Deploy a scanner sensor on every
vulnerability scanning software to segment and
assess its systems. The current perform credentialed scans
network is highly segmented, and
the
networking team wants to
minimize
the number of unique firewall
rules.
Which of the following scanning
techniques would be most efficient
to achieve the objective?
A. Deploy agents on all systems to
perform the scans
B. Deploy a central scanner and
perform non-credentialed scans
C. Deploy a cloud-based scanner
and perform a network scan
D. Deploy a scanner sensor on
every
segment and perform credentialed
scans
,An organization's email account C. 15 min
was
compromised by a bad actor.
Given
the following information: (Review
Question 122)
Which of the following is the length
of time the team took to detect the
threat?
A. 10 min
B. 5 min
C. 15 min
D. 40 min
A security administrator needs to A. Data masking
import PII data records from the
production environment to the test
environment for testing purposes.
Which of the following would best
protect data confidentiality?
A. Data masking
B. Hashing
C. Watermarking
D. Encoding
, The email system administrator for A. The message fails a DMARC check
an
organization configured DKIM
signing for all email legitimately
sent
by the organization. Which of the
following would most likely indicate
an email is malicious if the
company's
domain name is used as both the
sender and the recipient?
A. The message fails a DMARC
check
B. The sending IP address is the
hosting provider
C. The signature does not meet
corporate standards
D. The sender and reply address
are
different
During an incident involving A. Header analysis
phishing, a security analyst needs
to
find the source of the malicious
email. Which of the following
techniques would provide the
analyst with this information?
A. Header analysis
B. Packet capture
C. SSL inspection
D. Reverse engineering