CYSA+ Test_One
A cybersecurity analyst uses the Common Vulnerability Scoring System (CVSS) to evaluate the
severity of a vulnerability in a company's software. When using the CVSS to evaluate the
severity of a software vulnerability, what specific factors should the analyst consider, and why is
CVSS an important tool for IT teams to use? (Select the two best options.)
A.Type of vulnerability, affected system, and potential impact; to prioritize remediation efforts
B.Severity, number of systems affected, and potential impact; to allocate resources more
effectively
C.Likelihood of exploitation, potential impact, and patch availability; to provide an objective
measure of risk
D.Cost of fixing, number of systems affected, and potential impact; to provide a standardized
method for assessing severity - ANS-A & D ???
he CVSS assigns a score to a vulnerability, including the vulnerability type, affected system, and
potential impact. CVSS is an important tool as it helps IT teams prioritize remediation efforts
based on the objective measure of risk provided by the scoring system. While severity, number
of systems affected, and potential impact are factors considered by CVSS, it is not a complete
list. The scoring system aims to help IT teams allocate resources more effectively, not just to
assess severity. CVSS factors include the likelihood of exploitation, potential impact, and patch
availability. The scoring system objectively measures risk posed by a given vulnerability. Cost of
fixing, number of systems affected, and potential impact are not a complete list. The scoring
system aims to provide a standardized method for assessing the severity of vulnerabilities.
A security analyst wants to use a web application scanner to test the security of a web
application. Which of the following is a feature of Burp Suite that could support the security
analyst's requirements?
A.Testing for vulnerabilities in the application source code
B.Assessing the security of the underlying operating system
C.Detecting malware and viruses on the web server
D.Intercepting and modifying HTTP requests and responses - ANS-Intercepting and modifying
HTTP requests and responses is a feature of Burp Suite. This scanner enables the analyst to
examine and manipulate the communication between the web application and the client.
Though Burp Suite permits testing for specific types of vulnerabilities in the application's source
code, its primary use is for assessing the web application's security, not the source code.
Burp Suite focuses on evaluating the security of web applications and does not assess the
security of the underlying operating system.
Burp Suite is not a malware or virus scanner and does not detect malware or viruses on the web
server.
, A company is planning to deploy its applications and services in a cloud environment, with a
strong emphasis on ensuring security and maintaining control over its data. Considering these
requirements, which cloud deployment model would be most suitable?
A.Public cloud deployment model
B.Private cloud deployment model
C.Hybrid cloud deployment model
D.Multi-cloud deployment model - ANS-The private cloud deployment model is the best one to
address concerns about security and control over data. It provides a dedicated, secure
environment where the organization has complete control over the data, applications, and
resources used.
Public cloud deployment is unsuitable for companies requiring high levels of security and control
over their data, as it involves sharing resources and infrastructure with other organizations.
Hybrid cloud deployment provides a combination of public and private clouds, but this type of
model may not offer the same level of security and control.
Multi-cloud deployment involves using multiple cloud providers to distribute applications and
services, but this type of model may not offer the same level of security and control as a private
cloud deployment model.
A network administrator has noticed a series of unusual network activities that indicate a
possible cyberattack. The administrator analyzes the event using a framework that explores the
relationships among four core features: adversary, capability, infrastructure, and victim. Which of
the following methodologies would the network administrator use for the review?
A.Cyber kill chain
B.Incident response plan
C.Diamond model of intrusion analysis
D.Data breach assessment - ANS-The diamond model of intrusion analysis specifically analyzes
intrusion events by exploring the relationships among four core features: adversary, capability,
infrastructure, and victim.
The cyber kill chain framework provides a good understanding of the steps an attacker may
take, but it does not explore the relationships among the four core features of an intrusion
represented by the diamond model.
Having an incident response plan is essential; however, it is not a methodology for analyzing
intrusion events.
Data breach assessment is a process of identifying, containing, and mitigating the impact of a
data breach, but it is not a methodology for analyzing intrusion events.
A network administrator has detected irregular P2P communication on the network. What could
be the possible cause of this communication?
A.Malware infection or botnet activity
B.Hardware failure of networking devices
C.Lack of network segmentation
D.Weak authentication protocols - ANS-Malware or botnets frequently employ peer-to-peer
(P2P) communication for command and control purposes. Therefore, unusual communication
A cybersecurity analyst uses the Common Vulnerability Scoring System (CVSS) to evaluate the
severity of a vulnerability in a company's software. When using the CVSS to evaluate the
severity of a software vulnerability, what specific factors should the analyst consider, and why is
CVSS an important tool for IT teams to use? (Select the two best options.)
A.Type of vulnerability, affected system, and potential impact; to prioritize remediation efforts
B.Severity, number of systems affected, and potential impact; to allocate resources more
effectively
C.Likelihood of exploitation, potential impact, and patch availability; to provide an objective
measure of risk
D.Cost of fixing, number of systems affected, and potential impact; to provide a standardized
method for assessing severity - ANS-A & D ???
he CVSS assigns a score to a vulnerability, including the vulnerability type, affected system, and
potential impact. CVSS is an important tool as it helps IT teams prioritize remediation efforts
based on the objective measure of risk provided by the scoring system. While severity, number
of systems affected, and potential impact are factors considered by CVSS, it is not a complete
list. The scoring system aims to help IT teams allocate resources more effectively, not just to
assess severity. CVSS factors include the likelihood of exploitation, potential impact, and patch
availability. The scoring system objectively measures risk posed by a given vulnerability. Cost of
fixing, number of systems affected, and potential impact are not a complete list. The scoring
system aims to provide a standardized method for assessing the severity of vulnerabilities.
A security analyst wants to use a web application scanner to test the security of a web
application. Which of the following is a feature of Burp Suite that could support the security
analyst's requirements?
A.Testing for vulnerabilities in the application source code
B.Assessing the security of the underlying operating system
C.Detecting malware and viruses on the web server
D.Intercepting and modifying HTTP requests and responses - ANS-Intercepting and modifying
HTTP requests and responses is a feature of Burp Suite. This scanner enables the analyst to
examine and manipulate the communication between the web application and the client.
Though Burp Suite permits testing for specific types of vulnerabilities in the application's source
code, its primary use is for assessing the web application's security, not the source code.
Burp Suite focuses on evaluating the security of web applications and does not assess the
security of the underlying operating system.
Burp Suite is not a malware or virus scanner and does not detect malware or viruses on the web
server.
, A company is planning to deploy its applications and services in a cloud environment, with a
strong emphasis on ensuring security and maintaining control over its data. Considering these
requirements, which cloud deployment model would be most suitable?
A.Public cloud deployment model
B.Private cloud deployment model
C.Hybrid cloud deployment model
D.Multi-cloud deployment model - ANS-The private cloud deployment model is the best one to
address concerns about security and control over data. It provides a dedicated, secure
environment where the organization has complete control over the data, applications, and
resources used.
Public cloud deployment is unsuitable for companies requiring high levels of security and control
over their data, as it involves sharing resources and infrastructure with other organizations.
Hybrid cloud deployment provides a combination of public and private clouds, but this type of
model may not offer the same level of security and control.
Multi-cloud deployment involves using multiple cloud providers to distribute applications and
services, but this type of model may not offer the same level of security and control as a private
cloud deployment model.
A network administrator has noticed a series of unusual network activities that indicate a
possible cyberattack. The administrator analyzes the event using a framework that explores the
relationships among four core features: adversary, capability, infrastructure, and victim. Which of
the following methodologies would the network administrator use for the review?
A.Cyber kill chain
B.Incident response plan
C.Diamond model of intrusion analysis
D.Data breach assessment - ANS-The diamond model of intrusion analysis specifically analyzes
intrusion events by exploring the relationships among four core features: adversary, capability,
infrastructure, and victim.
The cyber kill chain framework provides a good understanding of the steps an attacker may
take, but it does not explore the relationships among the four core features of an intrusion
represented by the diamond model.
Having an incident response plan is essential; however, it is not a methodology for analyzing
intrusion events.
Data breach assessment is a process of identifying, containing, and mitigating the impact of a
data breach, but it is not a methodology for analyzing intrusion events.
A network administrator has detected irregular P2P communication on the network. What could
be the possible cause of this communication?
A.Malware infection or botnet activity
B.Hardware failure of networking devices
C.Lack of network segmentation
D.Weak authentication protocols - ANS-Malware or botnets frequently employ peer-to-peer
(P2P) communication for command and control purposes. Therefore, unusual communication
