CompTIA Cybersecurity Analyst (CySA+)
Practice Exam Questions and Answers
1- Which framework allows for risk prioritization based on potential threat impact?
%
a) NIST Cybersecurity Framework
0
b) OWASP Top 10
0
c) CIS Top 20 Critical Security Controls
1
d) ISO 31000
2- What is the MOST crucial strategy for managing and mitigating multiple known
vulnerabilities?
a) The number of vulnerabilities
b) Prioritizing risk level of each vulnerability
,c) The type of vulnerabilities
d) The location of vulnerabilities
%
0
3- How can a company's reluctance to interrupt business processes impact vulnerability
management?
a) Increase market share
0
b) Enhance marketing strategies
1
c) Lead to postponed or overlooked patches
d) Boost employee productivity
4-Why is regular vulnerability management reporting crucial for an organization?
a) Boosts stock price
,b) Improves employee morale
c) Helps identify and prioritize vulnerabilities
%
d) Increases customers
0
5- Which nmap syntax is used for operating system identification?
0
a) nmap -os
1
b) nmap -O
c) nmap -id
d) nmap -osscan
6- If a company patches identified vulnerabilities within 24 hours of weekly scans, what
risk response strategy does this represent?
, a) Avoidance
b) Acceptance
%
c) Mitigation
0
d) Transference
0
7- How can you identify affected hosts for a vulnerability?
1
a) Use BitLocker
b) Vulnerability scan for known issues
c) Packet sniff for exploitation signs
d) Network scan for vulnerable software
Practice Exam Questions and Answers
1- Which framework allows for risk prioritization based on potential threat impact?
%
a) NIST Cybersecurity Framework
0
b) OWASP Top 10
0
c) CIS Top 20 Critical Security Controls
1
d) ISO 31000
2- What is the MOST crucial strategy for managing and mitigating multiple known
vulnerabilities?
a) The number of vulnerabilities
b) Prioritizing risk level of each vulnerability
,c) The type of vulnerabilities
d) The location of vulnerabilities
%
0
3- How can a company's reluctance to interrupt business processes impact vulnerability
management?
a) Increase market share
0
b) Enhance marketing strategies
1
c) Lead to postponed or overlooked patches
d) Boost employee productivity
4-Why is regular vulnerability management reporting crucial for an organization?
a) Boosts stock price
,b) Improves employee morale
c) Helps identify and prioritize vulnerabilities
%
d) Increases customers
0
5- Which nmap syntax is used for operating system identification?
0
a) nmap -os
1
b) nmap -O
c) nmap -id
d) nmap -osscan
6- If a company patches identified vulnerabilities within 24 hours of weekly scans, what
risk response strategy does this represent?
, a) Avoidance
b) Acceptance
%
c) Mitigation
0
d) Transference
0
7- How can you identify affected hosts for a vulnerability?
1
a) Use BitLocker
b) Vulnerability scan for known issues
c) Packet sniff for exploitation signs
d) Network scan for vulnerable software
