Test Bank For CompTIA Security+ Guide to Network Security Fundamentals - 26th - 2018 All Chapters

CompTIA CySA+ (CS0-003) Practice Exam #1 f f f f f


Studyfonlinefatfhttps://quizlet.com/_e7ugr1
1. Which of the following is a technique used in Secure Disposal? f f f f f f f f f f




Zero-
fill Clearing Def f


gaussing
Erasing: Degaussing f




Secure Disposal involves the physical destruction of media.This can be done by mecha
f f f f f f f f f f f f f


nical shredding, incineration, or degaussing. Degaussing, should be used for media co
f f f f f f f f f f f


ntaining top secret or highly confidential information. Clearing data prevents data from b
f f f f f f f f f f f f


eing retrieved without the use of state of the art laboratory techniques.Clearingofteninv
f f f f f f f f f f f f f f


olvesoverwritingdataoneormoretimeswithrepetitive or randomized data. It is not part of
f f f f f f f f f f f f f f f f


Secure Disposal because the media isn't destroyed. Zero-
f f f f f f f


fill overwrites the media with bits to eliminate information. It allows the media to be reuse
f f f f f f f f f f f f f f f


d. It doesn't destroy the media, so it isn't part of Secure Disposal.
f f f f f f f f f f f f


2. Which of the following is a characteristic of the DeepWeb? f f f f f f f f f f




Contains information not indexed by standard search engines Ac f f f f f f f f




cessible through standard browsers f f f




Only includes encrypted data f f f




Predominantly used for illegal activities: Contains information not indexed by standa f f f f f f f f f f


d search engines
f f




TheDeepWebcontainsinformationthatisnotindexedbystandard search engines, makin
f f f f f f f f f f f f f


g it invisible to conventional searches.The Deep Web does not only include encrypted da
f f f f f f f f f f f f f f


a.It includes all data not indexed bysearch engines, whether encrypt-
f f f f f f f f f f f


ed or not.The Deep Web is not typically accessible through standard browsers. It require
f f f f f f f f f f f f f f f


specificsoftware(likeTor)for access.Whilesome illegal activities dooccur on the Deep W
f f f f f f f f f f f f f f f


b, it is also used for many legitimate purposes.
f f f f f f f f


3. An organization's security team has recently discovered several vulner-
f f f f f f f f


abilities within its systems. Why is it crucial for these vulnerabilities to be thor
f f f f f f f f f f f f f f


oughly reported and communicated within the organization?
f f f f f f




It ensures that the organization maintains compliance with required security stan
f f f f f f f f f f


ards and protocols f f




1f/f50

, CompTIA CySA+ (CS0-003) Practice Exam #1 f f f f f


Studyfonlinefatfhttps://quizlet.com/_e7ugr1


It eliminates the need for regular system audits
f f f f f f f




It guarantees that the organization will not experience a data breach
f f f f f f f f f f




It reduces the need for employee cybersecurity training: It ensures that the organiz
f f f f f f f f f f f f


ion maintains compliance with required security standards and protocols
f f f f f f f f




Detailed reporting and communication about vulnerabilities help the organization rema
f f f f f f f f f


in in line with required compliance standards by demonstrating proactive risk managem
f f f f f f f f f f f


ent. Various regulations mandate vulnerability management reporting, and these requi
f f f f f f f f f


rements may vary based on factors such as organization location, industry, and size. Co
f f f f f f f f f f f f f


mmon regulations include the Payment Card Industry Data Security Standard (PCI DS
f f f f f f f f f f f


S), which mandates reporting vulnerabilities to the PCI Security Standards Council.Th
f f f f f f f f f f f


e Health Insurance Portability and Accountability Act (HIPAA) requires healthcare orga
f f f f f f f f f f


nizations to report security breaches to the Department of Health and Human Services.
f f f f f f f f f f f f f


Additionally, the Sarbanes- f f


Oxley Act (SOX) mandates public companies to report vulnerabilities to the Securities a
f f f f f f f f f f f f


nd Exchange Commission, while the National Institute of Standards and Technology (N
f f f f f f f f f f f


IST) Special Publication 800-53 stipulates reporting vulnerabilities to the appro-
f f f f f f f f f


priate authorities. Organizations should consult their legal team for guidance on applic
f f f f f f f f f f f f


able regulations. Employee training remains essential as human error is a common sou
f f f f f f f f f f f f


rce of security risks, independent of specific system vulnerabilities.
f f f f f f f f


While effective vulnerability management reduces the risk of data breaches, it
f f f f f f f f f f


cannot completelyguarantee prevention due to the evolving nature ofcyber threats. Reg
f f f f f f f f f f f f


ular audits are still necessary as they provide an ongoing review of the organi-
f f f f f f f f f f f f f


zation's security posture, beyond identified vulnerabilities.
f f f f f f


4. What is the primary goal of the OWASPTesting Guide? f f f f f f f f f




Understanding the relationships between the elements of a cyber attack f f f f f f f f f




Providing a knowledge base of tactics, techniques, and procedures used by attac f f f f f f f f f f f


ers

Providing a framework for web application security testing f f f f f f f




Describing the linear progression of a cyber attack: Providing a framework for web f f f f f f f f f f f f f


application security testing f f




2f/f50

, CompTIA CySA+ (CS0-003) Practice Exam #1 f f f f f


Studyfonlinefatfhttps://quizlet.com/_e7ugr1
The OWASP Testing Guide provides a comprehensive framework for testing the securi
f f f f f f f f f f f


of web applications.This is the main focus of the Cyber Kill Chain, not the OWASP Testing
f f f f f f f f f f f f f f f f


Guide.This is a primary focus of the Diamond Model of Intrusion Analysis, not the OWAS
f f f f f f f f f f f f f f f


Testing Guide.This is a primary purpose of the MITRE ATT&CK framework, not the OWA
f f f f f f f f f f f f f f


SP Testing Guide.
f f


5. As part of your organization's proactive threat hunting, you're considering gat
f f f f f f f f f f


hering threat intelligence from the deep web and dark web.What could be a signifi
f f f f f f f f f f f f f f


cant benefit of this approach?
f f f f




Discovering potential threats before they impact your organization A f f f f f f f f




voiding the need for other security measures f f f f f f




Eliminating all cyber threats f f f




Increasing the organization's web presence: Discovering potential threats before the f f f f f f f f f


mpact your organization f f




Gathering threat intelligence from the deep web and dark web can help your organizatio
f f f f f f f f f f f f f


dentify emerging threats or planned attacks before they affect your network.While gathe
f f f f f f f f f f f f


ng intelligence can help identify and mitigate threats, it does not guarantee the eliminatio
f f f f f f f f f f f f f


of all cyber threats. Gathering threat intelligence is
f f f f f f f


a part of a broader security strategy and should be used in conjunction with other securi
f f f f f f f f f f f f f f f


ty measures, not in lieu of them.Gathering threat intelligence from the deep web and da
f f f f f f f f f f f f f f f


rk web is not related to increasing an organization's web presence; it's about identifying
f f f f f f f f f f f f f f


potential cyber threats. f f


6. Which tool should a malware analyst utilize to track the registry's changes and
f f f f f f f f f f f f f


the file system while running a suspicious executable on a Windows system?
f f f f f f f f f f f




DiskMon Autoru f


ns Process Moni
f f


tor
ProcDump: Process Monitor f f




ProcessMonitorisanadvancedmonitoringtoolforWindowsthatshowsreal-
f f f f f f f f f f f


timefile system, Registry, and process/thread activity. Autoruns shows you what progra
f f f f f f f f f f f


s are configured to run during system bootup or login.ProcDump is a command-
f f f f f f f f f f f f f


line utility whose primary purpose is monitoring an application for CPU spikes and
f f f f f f f f f f f f




3f/f50

, CompTIA CySA+ (CS0-003) Practice Exam #1 f f f f f


Studyfonlinefatfhttps://quizlet.com/_e7ugr1
generating crash dumps during a spike that an administrator or developer can use to deter f f f f f f f f f f f f f f


mine the cause of the spike. DiskMon is an application that logs and displays all hard disk
f f f f f f f f f f f f f f f f


activity on a Windows system.This question may seem beyond the scope of the exam. S
f f f f f f f f f f f f f f f f


till, the objectives allow for "other examples of technologies, processes,ortasksaboute
f f f f f f f f f f f f f


achobjectivemayalsobeincludedontheexamalthough notlistedorcovered"intheobject
f f f f f f f f f f f f f f f f


ives'bulletizedlists.Theexam teststhe equivalent of 4 years of hands-
f f f f f f f f f f f f


on experience in a technical cybersecurity job role.The content examples listed in the obj
f f f f f f f f f f f f f f


ectives are meant to clarify the test objectives and should notbeconstrued asacomprehe f f f f f f f f f f f f f f f


nsive listing ofthisexamination's content.Therefore, questionslike this are fair game on te
f f f f f f f f f f f f f f


st day.That said, your goal isn't to score 100% on the exam; it is to pass it.Don't let questio
f f f f f f f f f f f f f f f f f f f f


ns like this throw you off on test day. If you aren't sure, take your best guess and move on!
f f f f f f f f f f f f f f f f f f f


7. Which of the following is NOT a valid reason to conduct reverse engineer- f f f f f f f f f f f f


ing?

To commit industrial espionage f f f




To allow an attacker to spot vulnerabilities in an executable
f f f f f f f f f




To allow the software developer to spot flaws in their source code
f f f f f f f f f f f




To determine how a piece of malware operates: To allow the software developer to sp
f f f f f f f f f f f f f f


ot flaws in their source code
f f f f f




If a software developer has a copy of their source code, there is no need to reverse engine
f f f f f f f f f f f f f f f f f


er it since they can directly examine the code. Doing this is known as static code analysis
f f f f f f f f f f f f f f f f


, not reverse engineering. Reverse engineering is the process of analyzing asystem's or
f f f f f f f f f f f f f


application'sstructuretorevealmoreabout howitfunctions. In malware, examining the c f f f f f f f f f f f f f


ode that implements its functionality can provide you with information as to how the mal
f f f f f f f f f f f f f f


ware propagates and what its primary directives are. Reverse engineering is also used t
f f f f f f f f f f f f f


o conduct industrial espionage since it can allow a company to figure out how a competit
f f f f f f f f f f f f f f f


or's application works and develop f f f f


its own version. An attacker might use reverse engineering of an application or executa
f f f f f f f f f f f f f


ble toidentifya flaw or vulnerability in its operation andthen exploit that flaw as part of their
f f f f f f f f f f f f f f f f f f f


attack.
8. The incident response team leader has asked you to perform a forensic exami f f f f f f f f f f f f


nation on a workstation suspected of being infected with malware.You remembe f f f f f f f f f f f


r from your training that you must collect digital evidence in the proper order to pr
f f f f f f f f f f f f f f f


otect it from being changed during your evidence collection f f f f f f f f




4f/f50