CySA Exam2022 with complete solution

CySA Exam Which one of the following objectives is not one of the three main objectives that information security professionals must achieve to protect their organizations against cybersecurity threats? Correct answer- nonrepudiation Tommy is assessing the security database servers in his datacenter and realizes that one of them is missing a critical Oracle security patch. What type of situation has Tommy detected? Correct answer- vulnerability Ben is preparing to conduct a cybersecurity risk assessment for his organization. If he chooses to follow the standard process proposed by NIST, which one of the following steps would come first? Correct answer- Identify threats Cindy is conducting a cybersecurity risk assessment and is considering the impact that a failure of her city's power grid might have on the organization. What type of threat is she considering? Correct answer- environmental Which one of the following categories of threat requires that cybersecurity analysts consider the capability, intent and targeting of the threat source? Correct answer- adversarial Vincent is responding to a security incident that compromised one of his organization's web servers. He does not believe that the attackers modified or stole any information, but they did disrupt access to the organization's website. What cybersecurity objective did this attack violate? Correct answer- availability Which one of the following is an example of an operational security control? Correct answer- penetration tests Encryption software, network firewalls, and antivirus software are all examples of _________________ security controls. Correct answer- technical Paul recently completed a risk assessment and determined that his network was vulnerable to hackers connecting to open ports on servers. He implemented a network firewall to reduce the likelihood of a successful attack. What risk management strategy did Paul choose to pursue? Correct answer- risk mitigation Robert's organization has a BYOD policy, and he would like to ensure that devices connected to the network under this policy have current antivirus software. What technology can best assist him with this goal? Correct answer- network access control When performing 802.1x authentication, what protocol does the authenticator use to communicate with the authentication server? Correct answer- RADIUS Juan is configuring a new device that will join his organization's wireless network. The wireless network uses 802.1x authentication. What type of agent must be running on the device for it to join this network? Correct answer- 802.1x supplicant Rick is preparing a firewall rule that will allow network traffic from external systems to a web server running the HTTPS protocol. What TCP port must he allow to pass through the firewall? Correct answer- 443 What type of firewall provides the greatest degree of contextual information and can include information about users and applications in its decision-making process? Correct answer- Next Generation Firewalls Wayne is configuring a jump box server that system administrators will connect to from their laptops. Which port should definitely not be open on the jump box? Correct answer- 23 Tom would like to deploy consistent security settings to all of his Windows settings simultaneously. What technology can he use to achieve this goal? Correct answer- group policy object During what phase of a penetration test should the testers obtain written authorization to conduct the test? Correct answer- planning Which step occurs first during the attack phase of a penetration test? Correct answer- gaining access Barry is participating in a cybersecurity wargame exercise. His role is to attempt to break into adversary systems. What team is he on? Correct answer- red Which one of the following techniques might be used to automatically detect and block malicious software that does not match known malware signatures? Correct answer- sandboxing Kevin would like to implement a specialized firewall that can protect against SQL injection, cross-site scripting, and similar attacks. What technology should he choose? Correct answer- WAF What method is used to replicate DNS information for DNS servers but is also a tempting exploit target for attackers? Correct answer- zone transfers ____________ is a suite of DNS security specifications. Correct answer- DNSSEC What flag does nmap use to enable operating system identification? Correct answer- -o What command line tool can be used to determine the path that traffic takes to a remote system? Correct answer- traceroute Traceroute is a command-line tool that uses __________ to trace the route that a packet takes to a host. Correct answer- ICMP What type of data can frequently be gathered from images taken on smartphones? Correct answer- EXIF EXIF or Exchangeable Image Format data often includes ________________, allowing the images to be mapped and identified to a specific device or type of camera. Correct answer- location and camera data Which Cisco log level is the most critical? Correct answer- 0 Which Cisco log level is used for debugging information and is at the bottom of the scale? Correct answer- 7 During passive intelligence gathering, you are able to run netstat on a workstation located at your target's headquarters. What information would you not be able to find using netstat on a Windows system? Correct answer- Active IPX connections Active TCP connections and the executables that are associated with them, and route table information are all available via ____________. Correct answer- Netstat Which type of Windows log is most likely to contain information about a file being deleted? Correct answer- security logs What organization manages the global IP address space? Correct answer- IANA Before Ben sends a Word document, he uses the built-in Document Inspector to verify that the file does not contain hidden content. What is this process called? Correct answer- metadata purging What type of analysis is best suited to identify a previously unknown malware package operating on a compromised system? Correct answer- heuristic analysis Which of the following is not a common DNS anti-harvesting technique? Correct answer- registering manually CAPTCHAs, rate limiting, and blacklisting systems or networks that are gathering data are all common ___________ techniques. Correct answer- anti-DNS harvesting The __________ flag indicates a zone transfer in both the dig and host utilities. Correct answer- axfr