CompTIA Cybersecurity Analyst (CySA+) - Module 1 Threat Management Exam Solved 100%

Which of the following is an alternate name for topology Discovery? Fingerprinting Footprinting Pivotprinting Sniffing - Answer Footprinting What process allows an analyst to discover the operating system and version of a system? Service Discovery Topology Discovery Log Review OS Fingerprinting - Answer OS Fingerprinting In what order is an ACL processed? From top to bottom From bottom to top Most specific entry first Least specific entry first - Answer From top to bottom What is the unwritten rule at the bottom of a firewall's ACL? Implicit Allow Implicit Deny Explicit Deny Explicit Allow - Answer Implicit Deny Attackers may potentially collect company emails by searching Google. True False - Answer True Which process would an attacker use to determine who in a company is most likely to be tricked into giving up company information? Social Engineering Phishing Social Media Profiling Email Harvesting - Answer Social Media Profiling What type of Phishing is sent over a text message specifically? Vishing Spear Phishing SMiShing Whaling - Answer SMiShing Internal DNS servers need to be protected from an attacker to prevent the leakage of email records within a company. True False - Answer False Due to the amount of a network that is physically wired it is more difficult to prevent access to a physical network than a wireless one. True False - Answer False Which of the following wireless protocols can be used to best supply security for a wireless network? WEP TKIP WPA2 WPA - Answer WPA2 A virtual network is more secure network for which of the following reasons? They are easier to patch They can't spread viruses Virtual machines can't compromise their host They're easier to isolate - Answer They're easier to isolate In which way can an IDS protect a network? (Choose all that apply) Reactively Proactively Actively Passively - Answer Reactively & Passively Which of the following methods can be used to delay a scan to avoid detection? Sparse scanning Traceroute scan half-open scan Randomized scan - Answer Sparse scanning Which tool can be used to test many different port states on a Linux or Windows device? Firewall Packet Analyze Netstat Syslog - Answer Netstat Of the IDS/ IPS systems which will have the best ability to prevent an attack on a network scale? HIDS HIPS NIDS NIPS - Answer NIPS Of the IDS/ IPS systems which will be best at protecting a system while minimizing service interruptions? HIDS HIPS NIDS NIPS - Answer HIDS When reviewing a Syslog report which of the following severities would have the highest priority? 0 4 7 10 - Answer 0 Which of the following Windows commands would allow the user to determine the path that traffic takes through the network. Traceroute Netstat NMAP Tracert - Answer Tracert Spear phishing is when an attacker goes after corporate data by calling up the CEO or other upper-level employees. True False - Answer False Employees need not be trained in current social engineering attacks as plenty of other countermeasures exist to prevent somebody from falling victim to one of these attacks such as email filters. True False - Answer False In which of the following networks types should an analyst hide the network's name in order to help prevent an attacker from finding the network? Wired Wireless Cloud Virtual - Answer Wireless