Summary CySA+ (CS0-002) CompTIA Cybersecurity Analyst (CySA) 2023 Exam Prep Answered.

Summary CySA+ (CS0-002) CompTIA Cybersecurity Analyst (CySA) 2023 Exam Prep Answered. An analyst needs to forensically examine a Windows machine that was compromised by a threat actor. Intelligence reports state this specific threat actor is characterized by hiding malicious artifacts, especially with alternate data streams. Based on this intelligence, which of the following BEST explains alternate data streams? A. A different way data can be streamlined if the user wants to use less memory on a Windows system for forking resources B. A way to store data on an external drive attached to a Windows machine that is not readily accessible to users C. A windows attribute that provides for forking resources and is potentially used to hide the presence of secret or malicious files inside the file records of a benign file D. A Windows attribute that can be used by attackers to hide malicious files within system memory - ANSWER D. A Windows attribute that can be used by attackers to hide malicious files within system memory An executive assistant wants to onboard a new cloud-based product to help with business analytics and dashboarding. Which of the following would be the BEST integration option for this service? A. Manually log in to the service and upload data files on a regular basis. B. Have the internal development team script connectivity and file transfers to the new service. CySA+ (CS0-002) CompTIA Cybersecurity Analyst (CySA) 2023 Exam Prep Answered. C. Create a dedicated SFTP site and schedule transfers to ensure file transport security. D. Utilize the cloud product's API for supported and ongoing integrations. - ANSWER D. Utilize the cloud product's API for supported and ongoing integrations Data spillage occurred when an employee accidentally emailed a sensitive file to an external recipient. Which of the following controls would have MOST likely prevented this incident? A. SSO B. DLP C. WAF D. VDI - ANSWER B. DLP A development team is testing a new application release. The team needs to import existing client PHI data records from the production environment to the test environment to test accuracy and functionality. Which of the following would BEST protect the sensitivity of this data while still allowing the team to perform the testing? A. Deidentification B. Encoding C. Encryption D. Watermarking - ANSWER A. Deidentification Which of the following are components of the intelligence cycle? (Select TWO). A. Collection B. Normalization C. Response D. Analysis E. Correction F. Dissension - ANSWER A. Collection D. Analysis During an investigation, a security analyst identified machines that are infected with malware the antivirus was unable to detect. Which of the following is the BEST place to acquire evidence to perform data carving? A. The system memory B. The hard drive C. Network packets D. The Windows Registry - ANSWER A. The system memory A SIEM solution alerts a security analyst of a high number of login attempts against the company's webmail portal. The analyst determines the login attempts used credentials from a past data breach. Which of the following is the BEST mitigation to prevent unauthorized access? A. Single sign-on B. Mandatory access control C. Multifactor authentication D. Federation E. Privileged access management - ANSWER C. Multifactor authentication .