CompTIA CySA+ Study guides, Class notes & Summaries

CompTIA CySA+ CS0-002 Practice Questions and Answers (2023/2024) (Verified Answers)

In which phase of the security intelligence cycle is information from several different sources aggregated into useful repositories? A.Collection B.Analysis C.Dissemination D.Feedback - Answer A.Collection (Correct) Explanation OBJ-1.2: The collection phase is usually implemented by administrators using various software suites, such as security information and event management (SIEM). This software must be configured with connectors or agents that can retrieve data from sources such as ...

Which format does dd produce files in? A. ddf B. RAW C. EN01 D. OVF - Answer B. dd creates files in RAW, bit-by-bit format. EN01 is the EnCase forensic file format, OVF is virtualization file format, and ddf is a made-up answer. Files remnants found in clusters that have been only partially rewritten by new files found are in what type of space? A. Outer B. Slack C. Unallocated space D. Non-Euclidean - Answer B. Slack space is the space that remains when only a portion of a cluster is...

An analyst needs to forensically examine a Windows machine that was compromised by a threat actor. Intelligence reports state this specific threat actor is characterized by hiding malicious artifacts, especially with alternate data streams. Based on this intelligence, which of the following BEST explains alternate data streams? A. A different way data can be streamlined if the user wants to use less memory on a Windows system for forking resources B. A way to store data on an external driv...

All parts of a security policy should be public knowledge. True False - Answer False What reasons might a company forgo scanning a critical system? Too much time Confidentiality Backups already exist Costs too much - Answer Too much time & Costs too much What is the factor that determines scanning frequency characterized by an accepted amount of risk? Technical Constraints Risk Acceptance Risk Appetite Regulatory Requirements - Answer Risk Appetite An assessment scan is ...

Which of the following describes a rudimentary threat that would be picked up by an anti-virus or IPS? Known Threat Unknown threat Zero-day threat Advanced Persistent Threat - Answer Known Threat Which of the following describes a threat coming from a well trained attacker such as another country? Known Threat Unknown threat Zero-day threat Advanced Persistent Threat - Answer Advanced Persistent Threat Which of the following describes a threat unknown to the local IT department...

Which framework was designed to widen the focus of an organization to overall architecture? COBIT TOGAF SABSA ITIL - Answer TOGAF (The Open Group Architecture Framework) The procedures in place to test controls need to be examined only by internal parties to ensure security. True False - Answer False Which policies are responsible for securing employee profiles? Account Management Policy Acceptable Use Policy Data Ownership Policy Password Policy - Answer Account Management...

2.1 Given a scenario, implement an information security vulnerability management process. - Answer CompTIA • Identification of requirements - Answer As an organization begins developing a vulnerability management program, it should first undertake the identification of any internal or external requirements for vulnerability scanning. These requirements may come from the regulatory environment(s) in which the organization operates and/or internal policy-driven requirements. Vulnerabilit...

FTP port(s) - Answer TCP 20, 21 Telnet port(s) - Answer TCP 23 TFTP port(s) - Answer UDP 69 POP3 port(s) - Answer TCP 110 IMAP port(s) - Answer TCP 143 LDAP port(s) - Answer TCP and UDP 389 SQL server port(s) - Answer TCP 1433 Oracle database port(s) - Answer TCP 1521 H.323 call signaling port(s) - Answer TCP 1720 PPTP port(s) - Answer TCP 1723 Most common Network Access Control (NAC) standard - Answer 802.1x Defense Deception - Answer Attempts to lure attackers ...

4.1 Explain the relationship between frameworks, common policies, controls, and procedures. - Answer • Regulatory compliance - Answer - NIST - ISO - COBIT - SABSA - TOGAF - ITIL • Frameworks - Answer • Policies - Answer - Password policy - Acceptable use policy - Data ownership policy - Data retention policy - Account management policy - Data classification policy • Controls - Answer - Control selection based on criteria - Organizationally defined parameters - P...