CYSA Exam UPDATED ACTUAL Questions and CORRECT Answers
Of the following options, which is a cryptographic algo-
RSA
rithm classified as asymmetric?
RSA (Rivest-Shamir-Adleman) is an asymmetric crypto-
RSA graphic algorithm commonly used for data transmission.
It uses public and private key pairs.
What term best describes an action by a user that might
threaten an organization's security, such as violating cor- Risky
porate policies or bypassing security measures?
The term 'Risky' specifically refers to actions by users that
could potentially compromise the security of an organi-
zation. These can include a range of behaviors, such as
violating company policies or intentionally bypassing se-
Risky
curity controls, which could lead to data breaches or other
security incidents. The incorrect answers, while related
to security, do not precisely describe the act of a user
potentially compromising security through their actions.
What type of backup requires the least amount of storage
space and captures only the changes made since the most Incremental backup
recent backup of any type?
An incremental backup requires the least amount of stor-
age space because it only captures the changes made
since the last backup, regardless of whether the last back-
up was full or incremental. This contrasts with a differential
backup, which captures changes made since the last full
Incremental backup backup, potentially using more storage as the amount
of data changes increases over time. A snapshot may be
space-eflcient but is a copy of the system state at a point in
time, not based on the changes. A full backup is the most
comprehensive and storage-intensive, as it duplicates all
data.
, Which of the following algorithms is a symmetric algo-
Twofish
rithm?
As part of a comprehensive risk management process,
your organization is conducting a qualitative risk analysis.
The team must evaluate potential threats to the confiden-
Hold structured brainstorming sessions with representa-
tial client information stored in your database. Which ap-
tives from customer service, IT, and executive manage-
proach best captures the concerns of various stakehold-
ment.
ers, including customer service, IT, and executive man-
agement, towards the risks associated with the stored
client information?
Holding structured brainstorming sessions with stake-
holders from different departments allows for diverse per-
Hold structured brainstorming sessions with representa- spectives to be shared, ensuring a more thorough under-
tives from customer service, IT, and executive manage- standing of potential risks. This technique promotes active
ment. participation and helps uncover risks that may not be
immediately obvious to a particular group, thus capturing
qualitative inputs from various parts of the organization.
After a risk assessment it is decided that security controls
will be applied to a system to lower the likelihood of an
Mitigation
incident occurring from a risk being exploited. Which risk
management strategy is being used?
Risk mitigation is the process of using security con-
Mitigation trols/countermeasures in reducing risk exposure and
minimizing the likelihood of an incident.
Implementing a gateway at the network perimeter is only
effective for inbound traflc and cannot filter or control False
outbound traflc from the internal network to the internet.
Implementing a gateway
Of the following options, which is a cryptographic algo-
RSA
rithm classified as asymmetric?
RSA (Rivest-Shamir-Adleman) is an asymmetric crypto-
RSA graphic algorithm commonly used for data transmission.
It uses public and private key pairs.
What term best describes an action by a user that might
threaten an organization's security, such as violating cor- Risky
porate policies or bypassing security measures?
The term 'Risky' specifically refers to actions by users that
could potentially compromise the security of an organi-
zation. These can include a range of behaviors, such as
violating company policies or intentionally bypassing se-
Risky
curity controls, which could lead to data breaches or other
security incidents. The incorrect answers, while related
to security, do not precisely describe the act of a user
potentially compromising security through their actions.
What type of backup requires the least amount of storage
space and captures only the changes made since the most Incremental backup
recent backup of any type?
An incremental backup requires the least amount of stor-
age space because it only captures the changes made
since the last backup, regardless of whether the last back-
up was full or incremental. This contrasts with a differential
backup, which captures changes made since the last full
Incremental backup backup, potentially using more storage as the amount
of data changes increases over time. A snapshot may be
space-eflcient but is a copy of the system state at a point in
time, not based on the changes. A full backup is the most
comprehensive and storage-intensive, as it duplicates all
data.
, Which of the following algorithms is a symmetric algo-
Twofish
rithm?
As part of a comprehensive risk management process,
your organization is conducting a qualitative risk analysis.
The team must evaluate potential threats to the confiden-
Hold structured brainstorming sessions with representa-
tial client information stored in your database. Which ap-
tives from customer service, IT, and executive manage-
proach best captures the concerns of various stakehold-
ment.
ers, including customer service, IT, and executive man-
agement, towards the risks associated with the stored
client information?
Holding structured brainstorming sessions with stake-
holders from different departments allows for diverse per-
Hold structured brainstorming sessions with representa- spectives to be shared, ensuring a more thorough under-
tives from customer service, IT, and executive manage- standing of potential risks. This technique promotes active
ment. participation and helps uncover risks that may not be
immediately obvious to a particular group, thus capturing
qualitative inputs from various parts of the organization.
After a risk assessment it is decided that security controls
will be applied to a system to lower the likelihood of an
Mitigation
incident occurring from a risk being exploited. Which risk
management strategy is being used?
Risk mitigation is the process of using security con-
Mitigation trols/countermeasures in reducing risk exposure and
minimizing the likelihood of an incident.
Implementing a gateway at the network perimeter is only
effective for inbound traflc and cannot filter or control False
outbound traflc from the internal network to the internet.
Implementing a gateway
