Comptia cybersecurit Study guides, Class notes & Summaries

All parts of a security policy should be public knowledge. True False - Answer False What reasons might a company forgo scanning a critical system? Too much time Confidentiality Backups already exist Costs too much - Answer Too much time & Costs too much What is the factor that determines scanning frequency characterized by an accepted amount of risk? Technical Constraints Risk Acceptance Risk Appetite Regulatory Requirements - Answer Risk Appetite An assessment scan is ...

2.1 Given a scenario, implement an information security vulnerability management process. - Answer CompTIA • Identification of requirements - Answer As an organization begins developing a vulnerability management program, it should first undertake the identification of any internal or external requirements for vulnerability scanning. These requirements may come from the regulatory environment(s) in which the organization operates and/or internal policy-driven requirements. Vulnerabilit...

3.1 Given a scenario, distinguish threat data or behavior to determine the impact of an incident. - Answer Event - Answer is any observable occurrence in a system or network. Security Event - Answer includes any observable occurrence that relates to a security function. For example, a user accessing a file stored on a server, an administrator changing permissions on a shared folder, and an attacker conducting a port scan. Adverse Event - Answer any event that has negative consequence...

Test Bank for CompTIA CySA+ Guide to Cybersecurity Analyst (CS0-002) 2nd Edition by Mark Ciampa. Isbn. 9780357678091. 9780357678107. CompTIA CySA+ Second Edition Test Bank. CompTIA CySA+ Guide to Cybersecurity Analyst 2nd Edition Test Bank. Part 1: EXTERNAL THREATS & INTERNAL VULNERABILITIES 1. Enterprise threats and vulnerabilities 2. Utilizing threat data and intelligence sources 3. Vulnerability management 4. Cloud computing and assessment tools Part 2: CONTROLS 5. Infrastructure cont...

Which of the following is an alternate name for topology Discovery? Fingerprinting Footprinting Pivotprinting Sniffing - Answer Footprinting What process allows an analyst to discover the operating system and version of a system? Service Discovery Topology Discovery Log Review OS Fingerprinting - Answer OS Fingerprinting In what order is an ACL processed? From top to bottom From bottom to top Most specific entry first Least specific entry first - Answer From top to bottom...

After running an nmap scan of a system, you receive scan data that indicates the following three ports are open:22/TCP443/TCP1521/TCP What services commonly run on these ports? A.SMTP, NetBIOS, MySQL B.SSH, Microsoft DS, WINS C.SSH, HTTPS, Oracle D.FTP, HTTPS, MS-SQL - Answer C. These three TCP ports are associated with SSH (22), HTTPS (443), and Oracle databases (1521). Other ports mentioned in the potential answers are SMTP (25), NetBIOS (137-139), MySQL (3306), WINS (1512), FTP (20 and ...

COMPTIA CYBERSECURITY ANALYST (CYSA+) - MODULE 4 SECURITY ARCHITECTURE AND TOOL SETS EXAM SOLVED #2

Solutions For CompTIA CySA+ Guide to Cybersecurity Analyst (CS0-002), 2nd Edition by Mark CSolutions For CompTIA CySA+ Guide to Cybersecurity Analyst (CS0-002), 2nd Edition by Mark C

Which framework was designed to widen the focus of an organization to overall architecture? COBIT TOGAF SABSA ITIL - Answer TOGAF (The Open Group Architecture Framework) The procedures in place to test controls need to be examined only by internal parties to ensure security. True False - Answer False Which policies are responsible for securing employee profiles? Account Management Policy Acceptable Use Policy Data Ownership Policy Password Policy - Answer Account Management...