CySA+(updated 2022) questions solved

CySA+(updated 2022) questions solvedConfidentiality, integrity, and availability What are the three key objectives of information security? Threats and vulnerabilities. Risk exists at the intersection of _______ and _________. Network access control What type of system controls access to a network based on criteria such as time of day, location, device type, and system health? The Internet, an internal network, and a DMZ What are the three networks typically connected to a triple-homed firewall? Packet filters Stateful inspection firewalls Next-generation firewalls Web application firewalls. What are the four types of firewalls? Group Policy Objects (GPOs) ______ may be used to apply settings to many different Windows systems at the same time. Planning, Discovery, Attack, and Reporting Four phases of penetration testing Port scanner What type of software can you use to enumerate the services that are accepting network connections on a remote system without probing that system for vulnerabilities? nmap What is the most commonly used port scanner? Traceroute or tracert, depending on the operating system What tool can be used to determine the path between two systems over the Internet? Anomaly analysis What type of data analysis looks for differences from expected behaviors? Trend analysis What type of data analysis predicts threats based on existing data? Credentialed scan What type of vulnerability scan leverages read-only access to the scan target? Risk appetite What term is used to describe an organization's willingness to tolerate risk? Read-only account What type of account should be used to perform credentialed vulnerability scans? Vulnerability scanning What function is performed by QualysGuard, Nessus, Nexpose, and OpenVAS? Web application scanning What is the purpose of Nikto and Acunetix? Criticality Difficulty Severity Exposure Remediation Priority CVSS What industry-standard system is used to assess the severity of security vulnerabilities? False positive What is the term used to describe when a scanner reports a vulnerability that does not really exist? Buffer overflow What type of vulnerability allows an attacker to place more data into an area of memory than is allocated for a specific purpose? Privilege escalation What type of attack seeks to increase the level of access that an attacker has to a targeted system? Arbitrary code execution What type of attack allows an attacker to run software of his or her choice on the targeted system? TLS 1.2 or later What is the current secure standard for providing HTTPS encryption? DNS amplification In what type of attack does the attacker sends spoofed DNS requests to a DNS server that are carefully designed to elicit responses that are much larger in size than the original requests? Security event What term is used to describe any observable occurrence in a system or network that relates to a security function? Security incident What term is used to describe a violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices? Preparation Detection & Analysis Containment, Eradication, & Recovery Post-Incident Activity What are the phases of incident response? Procedures What type of documents provide the detailed, tactical information that CSIRT members need when responding to an incident? Incident Response Policy What document serves as the cornerstone of an organization's incident response program? Advanced Persistent Threat (APT) What type of threat consists of highly skilled and talented attackers focused on a specific objective? Functional impact, economic impact, and recoverability effort What are the types of impact used to describe the scope of a security incident? External/removable media Attrition Web, email Impersonation Improper usage Loss or theft of equipment What are the common attack vectors for security incidents? Top or ps What Linux command displays processes, memory utilization, and other detail about running programs? Beaconing What term is used to describe traffic sent to a command and control system by a PC that is part of a botnet? Perfmon What Windows tool provides information on memory, CPU, and disk use? SNMP What protocol is used to gather information