CYSA+ Exam Topics UPDATED ACTUAL Questions and CORRECT Answers
A recent zero-day vulnerability is being actively exploited,
requires no user interaction or privilege escalation, and
has a significant impact to confidentiality and integrity CVSS:31/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:K/A:L
but not to availability. Which of the following CVE metrics
would be most accurate for this zero-day threat?
Which of the following tools would work best to prevent
DLP
the exposure of PII outside of an organization?
An organization conducted a web application vulnerability Configure an Access-Control-Allow-Origin header to au-
assessment against the corporate website, and the follow- thorized domains
ing output was observed:
Which of the following tuning recommendations should
the security analyst share?
Which of the following items should be included in a
Affected Hosts & Risk Score
vulnerability scan report? (Choose two.)
The Chief Executive Oflcer of an organization recently
heard that exploitation of new attacks in the industry was
happening approximately 45 days after a patch was re- A mean time to remediate of 30 days
leased. Which of the following would best protect this
organization?
A security analyst recently joined the team and is trying
to determine which scripting language is being used in a
production script to
determine if it is malicious. Given the following script:
foreach ($user in Get-Content .\this.txt) PowerShell
{
Get-ADUser $user -Properties primaryGroupID | se-
lect-object primaryGroupID
Add-ADGroupMember "Domain Users" -Members
, $user
Set-ADUser $user -Replace @{primaryGroupID=513}
}
Which of the following scripting languages was used in
the script?
A company's user accounts have been compromised.
Users are also reporting that the company's internal portal
An on-path attack is being performed by someone with
is sometimes only accessible through HTTP, other times; it
internal access that forces users into port 80
is accessible through HTTPS. Which of the following most
likely describes the observed activity?
A security analyst is tasked with prioritizing vulnerabilities
for remediation. The relevant company security policies
are shown below:Security Policy 1006: Vulnerability Man-
agement
1. The Company shall use the CVSSv3.1 Base Score Metrics
(Exploitability and Impact) to prioritize the remediation of
security vulnerabilities.
Name: CAP.SHIELD -CVSS
2. In situations where a choice must be made between
3.1 /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExternal Sys-
confidentiality and availability, the Company shall priori-
tem
tize confidentiality of data over availability of systems and
data.
3. The Company shall prioritize patching of publicly avail-
able systems and services over patching of internally avail-
able system.
According to the security policy, which of the following
vulnerabilities should be the highest priority to patch?
Business Continuity Plan
2/8
A recent zero-day vulnerability is being actively exploited,
requires no user interaction or privilege escalation, and
has a significant impact to confidentiality and integrity CVSS:31/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:K/A:L
but not to availability. Which of the following CVE metrics
would be most accurate for this zero-day threat?
Which of the following tools would work best to prevent
DLP
the exposure of PII outside of an organization?
An organization conducted a web application vulnerability Configure an Access-Control-Allow-Origin header to au-
assessment against the corporate website, and the follow- thorized domains
ing output was observed:
Which of the following tuning recommendations should
the security analyst share?
Which of the following items should be included in a
Affected Hosts & Risk Score
vulnerability scan report? (Choose two.)
The Chief Executive Oflcer of an organization recently
heard that exploitation of new attacks in the industry was
happening approximately 45 days after a patch was re- A mean time to remediate of 30 days
leased. Which of the following would best protect this
organization?
A security analyst recently joined the team and is trying
to determine which scripting language is being used in a
production script to
determine if it is malicious. Given the following script:
foreach ($user in Get-Content .\this.txt) PowerShell
{
Get-ADUser $user -Properties primaryGroupID | se-
lect-object primaryGroupID
Add-ADGroupMember "Domain Users" -Members
, $user
Set-ADUser $user -Replace @{primaryGroupID=513}
}
Which of the following scripting languages was used in
the script?
A company's user accounts have been compromised.
Users are also reporting that the company's internal portal
An on-path attack is being performed by someone with
is sometimes only accessible through HTTP, other times; it
internal access that forces users into port 80
is accessible through HTTPS. Which of the following most
likely describes the observed activity?
A security analyst is tasked with prioritizing vulnerabilities
for remediation. The relevant company security policies
are shown below:Security Policy 1006: Vulnerability Man-
agement
1. The Company shall use the CVSSv3.1 Base Score Metrics
(Exploitability and Impact) to prioritize the remediation of
security vulnerabilities.
Name: CAP.SHIELD -CVSS
2. In situations where a choice must be made between
3.1 /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExternal Sys-
confidentiality and availability, the Company shall priori-
tem
tize confidentiality of data over availability of systems and
data.
3. The Company shall prioritize patching of publicly avail-
able systems and services over patching of internally avail-
able system.
According to the security policy, which of the following
vulnerabilities should be the highest priority to patch?
Business Continuity Plan
2/8
