100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached 4.2 TrustPilot
logo-home
Previously searched by you
Previously searched by you
logo
  • COMPTIA CYSA+
  • COMPTIA CYSA+
To add items to your wishlist, you must be logged in
Exam (elaborations)

CompTIA CySA+ CS0-002 Practice Questions with precise solutions

Rating
-
Sold
-
Pages
29
Grade
A+
Uploaded on
09-05-2025
Written in
2024/2025

CompTIA CySA+ CS0-002 Practice Questions with precise solutions

Institution
COMPTIA CYSA+
Course
COMPTIA CYSA+










Whoops! We can’t load your doc right now. Try again or contact support.
Report Copyright Violation

Written for

Institution
COMPTIA CYSA+
Course
COMPTIA CYSA+

Document information

Uploaded on
May 9, 2025
Number of pages
29
Written in
2024/2025
Type
Exam (elaborations)
Contains
Questions & answers

Subjects

  • comptia cysa cs0 002 practice questions

Content preview

CompTIA CySA+ CS0-002
Practice Questions with
precise solutions

A cybersecurity analyst receives a phone call from an unknown person with the number
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




blocked on the caller ID. After starting conversation, the caller begins to request sensitive
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




information. Which of the following techniques is being applied? |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




A. Social engineering
|||||| ||||||




B. Phishing
||||||




C. Impersonation
||||||




D. War dialing - ...,.🔹VERIFIED ANSWER **✔✔A
|||||| |||||| |||||| |||||| |||||| ||||||




Which of the following is the main benefit of sharing incident details with partner
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




organizations or external trusted parties during the incident response process? |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




A. It facilitates releasing incident results, findings and resolution to the media and all
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




appropriate government agencies |||||| ||||||




B. It shortens the incident life cycle by allowing others to document incident details and
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




prepare reports. ||||||




C. It enhances the response process, as others may be able to recognize the observed behavior
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




and provide valuable insight.
|||||| |||||| ||||||




D. It allows the security analyst to defer incident-handling activities until all parties agree on
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




how to proceed with analysis. - ...,.🔹VERIFIED ANSWER **✔✔C
|||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||

,The security analyst determined that an email containing a malicious attachment was sent to
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




several employees within the company, and it was not stopped by any of the email filtering
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




devices. An incident was declared. During the investigation, it was determined that most users
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




deleted the email, but one specific user executed the attachment. Based on the details
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




gathered, which of the following actions should the security analyst perform NEXT? |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




A. Obtain a copy of the email with the malicious attachment. Execute the file on another user's
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




machine and observe the behavior. Document all findings.
|||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




B. Acquire a full backup of the affected machine. Reimage the machine and then restore from
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




the full backup. |||||| ||||||




C. Take the affected machine off the network. Review local event logs looking for activity and
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




processes related to unknown or unauthorized software. |||||| |||||| |||||| |||||| |||||| ||||||




D. Take possession of the machine. Apply the latest OS updates and fir - ...,.🔹VERIFIED
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




ANSWER **✔✔C ||||||




Which of the following tools should a cybersecurity analyst use to verify the integrity of a
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




forensic image before and after an investigation? |||||| |||||| |||||| |||||| |||||| ||||||




A. strings ||||||




B. sha1sum
||||||




C. file ||||||




D. dd ||||||




E. gzip - ...,.🔹VERIFIED ANSWER **✔✔B
|||||| |||||| |||||| |||||| ||||||




Given the following logs: |||||| |||||| ||||||




Aug 18 11:00:57 comptia sshd[5657]: Failed password for root from 10.10.10.192 port 38980
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




ssh2

Aug 18 23:08:26 comptia sshd[5768]: Failed password for root from 18.70.0.160 port 38156 ssh2
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




Aug 18 23:08:30 comptia sshd[5770]: Failed password for admin from 18.70.0.160 port 38556
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




ssh2

, Aug 18 23:08:34 comptia sshd[5772]: Failed password for invalid user asterisk from 18.70.0.160
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




port 38864 ssh2
|||||| |||||| ||||||




Aug 18 23:08:38 comptia sshd[5774]: Failed password for invalid user sjobeck from 10.10.1.16
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




port 39157 ssh2 |||||| ||||||




Aug 18 23:08:42 comptia sshd[5776]: Failed password for root from 18.70.0.160 port 39467 ssh2
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




Which of the following can be suspected? |||||| |||||| |||||| |||||| |||||| ||||||




A. An unauthorized user is trying to gain access from 10.10.10.192.
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




B. An authorized user is trying to gain access from 10.10.10.192.
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




C. An authorized user is trying to gain access from 18.70.0.160.
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




D. An unauthorized user is trying to gain access from 18.70.0.160 - ...,.🔹VERIFIED ANSWER
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




**✔✔D



A security analyst has been asked to review permissions on accounts within Active Directory
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




to determine if they are appropriate to the user's role. During this process, the analyst notices
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




that a user from building maintenance is part of the Domain Admin group. Which of the
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




following does this indicate? |||||| |||||| ||||||




A. Cross-site scripting
|||||| ||||||




B. Session hijack |||||| ||||||




C. Privilege escalation
|||||| ||||||




D. Rootkit - ...,.🔹VERIFIED ANSWER **✔✔C
|||||| |||||| |||||| |||||| ||||||




In the last six months, a company is seeing an increase in credential-harvesting attacks. The
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




latest victim was the chief executive officer (CEO). Which of the following countermeasures
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




will render the attack ineffective?
|||||| |||||| |||||| ||||||




A. Use a complex password according to the company policy.
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||




B. Implement an intrusion-prevention system.
|||||| |||||| |||||| ||||||




C. Isolate the CEO's computer in a higher security zone.
|||||| |||||| |||||| |||||| |||||| |||||| |||||| |||||| ||||||
$17.99
Get access to the full document:
100% satisfaction guarantee
Immediately available after payment
Both online and in PDF
No strings attached
Get to know the seller
Seller avatar
Reputation scores are based on the amount of documents a seller has sold for a fee and the reviews they have received for those documents. There are three levels: Bronze, Silver and Gold. The better the reputation, the more your can rely on the quality of the sellers work.
Ruiz
3.3
(7)

Get to know the seller

Seller avatar
Reputation scores are based on the amount of documents a seller has sold for a fee and the reviews they have received for those documents. There are three levels: Bronze, Silver and Gold. The better the reputation, the more your can rely on the quality of the sellers work.
Ruiz Liberty University
View profile
Follow You need to be logged in order to follow users or courses
Sold
74
Member since
1 year
Number of followers
1
Documents
11347
Last sold
1 week ago
Top-Quality Study Materials for Success – Ace Your Exams with Expert Resources!

Access high-quality study materials to help you excel in your exams. Get notes, summaries, and guides tailored to your courses!

3.3

7 reviews

5
3
4
0
3
2
2
0
1
2

Recently viewed by you

Thumbnail
Package deal
Physics OCR A Level Module 3, 4 and 5 Flashcards (Handwritten)
-
2023
R 103,89 More info
Thumbnail
Other
A Concise Introduction to Logic, Thirteenth Edition [13th Ed] by: Patrick J. Hurley Solution Manual Answers to all chapters.
-
2025
$ 27.99 More info
Thumbnail
Exam (elaborations)
CS 1332 Final Exam Questions With Correct Answers
-
2025
$ 13.99 More info
Thumbnail
Exam (elaborations)
NSG 6001 WEEK 3 MIDTERM | 2025 UPDATE | QUESTIONS AND ANSWERS | SCORED A+
-
2025
$ 16.99 More info
Thumbnail
Exam (elaborations)
D276 WEB DEV FOUNDATIONS EXAM WITH COMPLETE SOLUTIONS 2024
-
2023
$ 14.99 More info
Thumbnail
Exam (elaborations)
ASVAB, Real asvab test!!!|Questions With Correct Answers|Verified|Already A+ Graded
-
2025
$ 11.49 More info
Thumbnail
Class notes
Checkpoint Quiz 1.2
-
2023
$ 8.49 More info
Thumbnail
Exam (elaborations)
NSG6430 week 4 Quiz with complete solution
-
2022
$ 3.49 More info
Thumbnail
Exam (elaborations)
University of Toronto CHMA10: 2nd Midterm Test Review Questions and Answers
-
2025
$ 17.99 More info

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their tests and reviewed by others who've used these notes.

Didn't get what you expected? Choose another document

No worries! You can instantly pick a different document that better fits what you're looking for.

Pay as you like, start learning right away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

Student with book image

“Bought, downloaded, and aced it. It really can be that simple.”

Alisha Student

Frequently asked questions