Answers |Actual Complete Exam |Already Graded A+
1. 2 Factor
ËSomething you
Authen-
are ËSomething
tication
you know
ËSomething you
have
* New and improved statement on 2 factor or multi factor -- Location --
2. 3 threat Behaviors (but NIST doesn't totally accept this yet)
model
Corporate
scenarios
network Websites
and Cloud Internal
custom apps
3. 4 key pillars to
CART
intelligence gath- Completeness - Accuracy - Relevance - Timeliness
ering
4. 4 phases of Preparation
the incident Detection and
re-sponse analysis
cycle Containment
Eradication and
recovery
5. 5 functions of
NIST Identify
Framework Protect
Detect
Respond
Recover
6. Authentication is ËDigital authentication is usually a user name and password
ËUser name is identifier (SID) that computers look at to authenticate
, CYSA+ 003 Exam with all Correct & 100% Verified
Answers |Actual Complete Exam |Already Graded A+
ËW/passwords you are looking at shared secret.
TËhes e two items together authenticate
7. Authorization Based ott who you are do you have rights to this
resource 8.
, CYSA+ 003 Exam with all Correct & 100% Verified
Answers |Actual Complete Exam |Already Graded A+
Best practice forSIEM - Security Information and event management
where to store 2 functions
logs and rules -act as central local in secure way;
around the -apply AI/ML to correlate
loca-tion *** Rules - can create own rules or do queries - interpret the meaning behind
individual points in a query to alert (Conditions with logical expressions,
full queries to extract, sting search) - allows on command to take output
and return with specified info and can sort and do lots with it.
9. Best Practices for Goal of SW security is maintain CIA and enable successful business
operations,
Securing Code important to understand client side controls don't provide a security benefit
should and security isn't a focus it's usually about does it do what's intended
check what -input validation - output validation - authentication & password -
areas session man-agement - access control - Cryptography practice - error
handling and logging
-data protection - communication security - system configuration -
Database security - File Management - memory management -
general coding practice
10. break down
a cvss v 3 ËAV - Attack vector - access required to exploit; higher exploits can be
score what is implemented remotely vs physical presence (N-Network, Adjacent, L-
in base Local, P-Physical)
ËAC - Attack complexity - based on what's required outside attackers control
to exploit; higher scores require additional attacker work like a shared secret
key or man in the middle (low, high)
ËPR - Privileges required - based on attackers privileges required to exploit;
something requiring admin control will have higher score (N-None,
Low, High) ËUI - User Interaction - varies based on if the attacker needs
others willingly or not to execute; score is higher is you can attack
autonomously, with no participation. (none, required)
ËS - Scope - Can the vulnerability component prorogate to other components
, CYSA+ 003 Exam with all Correct & 100% Verified
Answers |Actual Complete Exam |Already Graded A+
(Unchanged,
changed)
- Impact - focuses on
outcome you can
achieve and which
CIA gets compro-
mised. --
Confidentiality -
amount of data the
attacker can gain
access too; higher if
all data on systems is
accessible (high, Low,
none) -- Integrity -
ability of attacker