Test Bank for Ciampa’s CompTIA CySA+ Guide to
Cybersecurity Analyst 1st Edition Ciampa
, Multiple Choice
1. Kendra has a very limited budget, but has three critical servers that she needs to secure against data breaches within her
company’s infrastructure. She knows that she won’t be able to protect the entire network, but she has started searching for
a solution to secure the most critical assets. Which of the following options would she most likely choose?
a. UTM appliance
b. NIPS
c. Proxy server
d. HIPS
ANSWER: d
FEEDBACK: a. Incorrect. A unified threat management, or UTM, appliance is used to perform antivirus,
spam filtering, and IDS/IPS functions within a single networked device. As such, it
would be useful for an entire network or network segment, not just a few servers.
b. Incorrect.A network intrusion prevention system would meet all of the requirements
listed in the scenario, except that it is network-based.
c. Incorrect.A proxy server can perform certain types of traffic filtering, but it is used at a
network or network segment level and thus does not meet the requirements of the
scenario.
d. Correct. A host intrusion prevention system is installed on individual hosts to detect an
intrusion, log the event, alert administrators, and attempt to stop the intrusion. It is the
only host-based solution described in the answer choices.
POINTS: 1
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
DATE CREATED: 6/17/2020 6:02 AM
DATE MODIFIED: 6/17/2020 6:05 AM
2. Talia has just been hired as the first security employee at an organization. Until this point, security has been everyone’s
responsibility, but she knows that the IT staff have different skill sets and may not be aware of certain weaknesses within
various platforms. Which of the following tools might Talia use to help her determine the state of the existing
infrastructure?
a. NIDS
b. Vulnerability scanner
c. OS fingerprinting
d. syslog
ANSWER: b
FEEDBACK: a. Incorrect. A network intrusion detection system is a good tool to use, but before making
any changes to the infrastructure, it would be a better idea to get an overall status update
and determine where the weakest points are. From there, Talia could determine the best
solutions for resolving any outstanding issues, prioritize which systems are most critical,
and work within a budget to implement the changes.
b. Correct. A vulnerability scanner is a generic term for a range of products that look for
different vulnerabilities, or weaknesses, within networks or systems. A comprehensive
scan of the network and systems would be a good starting point before suggesting or
implementing any new technologies or changes.
c. Incorrect. OS fingerprinting is a type of network scan that determines which operating
system(s) are running. This scan should be incorporated as a part of comprehensive
vulnerability scanning.
Cybersecurity Analyst 1st Edition Ciampa
, Multiple Choice
1. Kendra has a very limited budget, but has three critical servers that she needs to secure against data breaches within her
company’s infrastructure. She knows that she won’t be able to protect the entire network, but she has started searching for
a solution to secure the most critical assets. Which of the following options would she most likely choose?
a. UTM appliance
b. NIPS
c. Proxy server
d. HIPS
ANSWER: d
FEEDBACK: a. Incorrect. A unified threat management, or UTM, appliance is used to perform antivirus,
spam filtering, and IDS/IPS functions within a single networked device. As such, it
would be useful for an entire network or network segment, not just a few servers.
b. Incorrect.A network intrusion prevention system would meet all of the requirements
listed in the scenario, except that it is network-based.
c. Incorrect.A proxy server can perform certain types of traffic filtering, but it is used at a
network or network segment level and thus does not meet the requirements of the
scenario.
d. Correct. A host intrusion prevention system is installed on individual hosts to detect an
intrusion, log the event, alert administrators, and attempt to stop the intrusion. It is the
only host-based solution described in the answer choices.
POINTS: 1
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
DATE CREATED: 6/17/2020 6:02 AM
DATE MODIFIED: 6/17/2020 6:05 AM
2. Talia has just been hired as the first security employee at an organization. Until this point, security has been everyone’s
responsibility, but she knows that the IT staff have different skill sets and may not be aware of certain weaknesses within
various platforms. Which of the following tools might Talia use to help her determine the state of the existing
infrastructure?
a. NIDS
b. Vulnerability scanner
c. OS fingerprinting
d. syslog
ANSWER: b
FEEDBACK: a. Incorrect. A network intrusion detection system is a good tool to use, but before making
any changes to the infrastructure, it would be a better idea to get an overall status update
and determine where the weakest points are. From there, Talia could determine the best
solutions for resolving any outstanding issues, prioritize which systems are most critical,
and work within a budget to implement the changes.
b. Correct. A vulnerability scanner is a generic term for a range of products that look for
different vulnerabilities, or weaknesses, within networks or systems. A comprehensive
scan of the network and systems would be a good starting point before suggesting or
implementing any new technologies or changes.
c. Incorrect. OS fingerprinting is a type of network scan that determines which operating
system(s) are running. This scan should be incorporated as a part of comprehensive
vulnerability scanning.
