BEST CYSA+ EXAM CS0-002
1. E An analyst is performing penetration testing and
vulnera- bility assessment activities against a
new vehicle automa- tion platform.
Which of the following is MOST likely an attack
vector that is being utilized as part of the testing
and assessment?
A. FaaS
B. RTOS
C. SoC
D.GPS
E. CAN bus
2. C An information security analyst observes
anomalous be- havior on the SCADA devices in a
power plant. This behavior results in the
industrial generators overheating and
destabilizing the power supply.
Which of the following would BEST identify
potential indi- cators of compromise?
A. Use Burp Suite to capture packets to the
SCADA device's IP.
B. Use tcpdump to capture packets from the
SCADA device IP.
C. Use Wireshark to capture packets between
SCADA devices and the management system.
D.Use Nmap to capture packets from the
management system to the SCADA devices.
3. B Which of the following would MOST likely be
included in the incident response procedure
after a security
breach of customer PII?
A. Human resources
1/
91
,BEST CYSA+ EXAM CS0-002
B. Public relations
C. Marketing
D.Internal network operations center
2/
91
, BEST CYSA+ EXAM CS0-002
4. A An analyst is working with a network engineer to
re- solve a vulnerability that was found in a piece
of legacy hardware, which is critical to the
operation of the orga- nization's production line.
The legacy hardware does not have third-party
support, and the OEM manufacturer of the
controller is no longer in operation. The analyst
doc- uments the activities and verifies these
actions prevent remote exploitation of the
vulnerability.
Which of the following would be the MOST
appropriate to remediate the controller?
A. Segment the network to constrain access to
adminis- trative interfaces.
B. Replace the equipment that has third-party
support.
C. Remove the legacy hardware from the network.
D.Install an IDS on the network between the
switch and the legacy equipment.
5. D A small electronics company decides to use a
contractor to assist with the development of a
new FPGA-based device. Several of the
development phases will occur
off-site at the contractor's labs.
Which of the following is the main concern a
security analyst should have with this
arrangement?
A. Making multiple trips between development
sites in- creases the chance of physical damage
to the FPGAs.
B. Moving the FPGAs between development
sites will lessen the time that is available for
3/
91
, BEST CYSA+ EXAM CS0-002
security testing.
C. Development phases occurring at multiple
sites may produce change management issues.
D.FPGA applications are easily cloned,
increasing the possibility of intellectual
property theft.
4/
91
1. E An analyst is performing penetration testing and
vulnera- bility assessment activities against a
new vehicle automa- tion platform.
Which of the following is MOST likely an attack
vector that is being utilized as part of the testing
and assessment?
A. FaaS
B. RTOS
C. SoC
D.GPS
E. CAN bus
2. C An information security analyst observes
anomalous be- havior on the SCADA devices in a
power plant. This behavior results in the
industrial generators overheating and
destabilizing the power supply.
Which of the following would BEST identify
potential indi- cators of compromise?
A. Use Burp Suite to capture packets to the
SCADA device's IP.
B. Use tcpdump to capture packets from the
SCADA device IP.
C. Use Wireshark to capture packets between
SCADA devices and the management system.
D.Use Nmap to capture packets from the
management system to the SCADA devices.
3. B Which of the following would MOST likely be
included in the incident response procedure
after a security
breach of customer PII?
A. Human resources
1/
91
,BEST CYSA+ EXAM CS0-002
B. Public relations
C. Marketing
D.Internal network operations center
2/
91
, BEST CYSA+ EXAM CS0-002
4. A An analyst is working with a network engineer to
re- solve a vulnerability that was found in a piece
of legacy hardware, which is critical to the
operation of the orga- nization's production line.
The legacy hardware does not have third-party
support, and the OEM manufacturer of the
controller is no longer in operation. The analyst
doc- uments the activities and verifies these
actions prevent remote exploitation of the
vulnerability.
Which of the following would be the MOST
appropriate to remediate the controller?
A. Segment the network to constrain access to
adminis- trative interfaces.
B. Replace the equipment that has third-party
support.
C. Remove the legacy hardware from the network.
D.Install an IDS on the network between the
switch and the legacy equipment.
5. D A small electronics company decides to use a
contractor to assist with the development of a
new FPGA-based device. Several of the
development phases will occur
off-site at the contractor's labs.
Which of the following is the main concern a
security analyst should have with this
arrangement?
A. Making multiple trips between development
sites in- creases the chance of physical damage
to the FPGAs.
B. Moving the FPGAs between development
sites will lessen the time that is available for
3/
91
, BEST CYSA+ EXAM CS0-002
security testing.
C. Development phases occurring at multiple
sites may produce change management issues.
D.FPGA applications are easily cloned,
increasing the possibility of intellectual
property theft.
4/
91
