CompTIA Cybersecurity Analyst (CySA+) - Module 2: Vulnerability Management Exam Correct 100%
All parts of a security policy should be public knowledge. True False - Answer False What reasons might a company forgo scanning a critical system? Too much time Confidentiality Backups already exist Costs too much - Answer Too much time & Costs too much What is the factor that determines scanning frequency characterized by an accepted amount of risk? Technical Constraints Risk Acceptance Risk Appetite Regulatory Requirements - Answer Risk Appetite An assessment scan is used to discover assets. True False - Answer False What type of test gives the best perspective of an outsider threat? Non-Credentialed Scan Passive Scan Agent-Based Scan Credentialed Scan - Answer Non-Credentialed Scan What should be considered when prioritizing vulnerabilities to be fixed? Where it is How critical it is Time to fix Which scanner was used - Answer How critical it is & Time to fix What is a factor considered when categorizing a change to a system? Scope Size Sensitivity Level Risk - Answer Risk What could inhibit a change from being implemented? Cost Complexity Approval All of the Above - Answer All of the Above An Agent-Based Scan has a lesser impact on a network vs Sever-based. True False - Answer True Which scan effects network traffic the least? Non-Credentialed Scan Agent-Based Scan Passive Scan Server-Based Scan - Answer Passive Scan Which one of these is legally binding? MOU SLA ATWA MTTR - Answer SLA What determines when a companies security capabilities should grow. Workflow Regulatory Requirements Technical Constraints Risk Appetite - Answer Workflow Which type of scan uses a copy of the network traffic to find vulnerabilities? Agent-Based Scan Non-Credentialed Scan Passive Scan Server-Based Scan - Answer Passive Scan The results of vulnerability scans should be shared with the entire company in order to fix vulnerabilities. True False - Answer True What is it called when a scan misses an existing vulnerability? False Reporting True Negative False Negative False Positive - Answer False Negative Which has a higher chance of being compromised? Agent-Based Scan SCAP Passive Scan Server-Based Scan - Answer Agent-Based Scan Which type of scan is most likely to cause major disruption in everyday operations? Agent-Based Scan Non-Credentialed Scan Server-Based Scan Credentialed Scan - Answer Credentialed Scan
Escuela, estudio y materia
- Institución
- CompTIA CySA+
- Grado
- CompTIA CySA+
Información del documento
- Subido en
- 13 de septiembre de 2023
- Número de páginas
- 17
- Escrito en
- 2023/2024
- Tipo
- Examen
- Contiene
- Preguntas y respuestas
Temas
-
comptia cysa
-
comptia cybersecurity analyst cysa module 2
Documento también disponible en un lote
