CySA Study guides, Class notes & Summaries

YSA EXAM TEST 2023 LATEST UPDATE An analyst is performing penetration testing and vulnerability assessment activities against a new vehicle automation platform. Which of the following is MOST likely an attack vector that is being utilized as part of the testing and assessment? - ANSWER CAN Bus A cyber-incident response analyst is investigating a suspected cryptocurrency miner on a company's server. Which of the following is the FIRST step the analyst should take? - ANSWER Start pa...

CYSA EXAM TEST 2023 LATEST UPDATE Q1 A Chief Information Security Officer (CISO) is concerned developers have too much visibility into customer data. Which of the following controls should be implemented to BEST address these concerns? A. Data masking B. Data loss prevention C. Data minimization D. Data sovereignty - ANSWER A 2 A Chief Information Security Officer (CISO) is concerned the development team, which consists of contractors, has too much access to customer data. Develo...

CYSA EXAM REVISED 2023.. LATEST UPDATE Confidentiality - ANSWER How secure does the data need to be? How secure is the information? Falure of condifentiality occurs if someone can obtain the a view the data Confidentiality best practices - ANSWER Physical Protections -Locked doors, fences, security guards, security cameras, Electronic Protections -Encryption (storage and in transit), passwords, firewalls, integrity - ANSWER How correct is the information? Has the data been modified...

CYSA EXAM 2023LATEST UPDATE VERIFIED SOLUTIONS What are the three key objectives of information security? - ANSWER Confidentiality, integrity, and availability Risk exists at the intersection of _______ and _________. - ANSWER Threats and vulnerabilities. What is the overall risk rating for a risk that has medium likelihood and high impact? - ANSWER High What type of system controls access to a network based on criteria such as time of day, location, device type, and system - AN...

CYSA EXAM 2023 QUESTIONS AND VERIFIED CORRECT ANSWERS The IT team reports the EDR software that is installed on laptops is using a large amount of resources. Which of the following changes should a security analyst make to the EDR to BEST improve performance without compromising security? A. Quarantine the infected systems. B. Disable on-access scanning. C. Whitelist known-good applications. D. Sandbox unsigned applications. - ANSWER Whitelist known-good applications A security a...

CYSA EXAM 2023 Questions AND SOLUTIONS What federal law requires the use of vulnerability scanning on information systems operated by federal government agencies? A. HIPAA B. GLBA C. FISMA D. FERPA - ANSWER C: FISMA. The Federal Information Security Management Act (FISMA) requires that federal agencies implement vulnerability management programs for federal information systems. Gary is the system administrator for a federal agency and is responsible for a variety of information...

CYSA Exam 2 QUESTION AND CORRECT ANSWERS Ty is reviewing the scan report for a Windows system joined to his organization's domain and finds the vulnerability shown here. What should be Ty's most significant concern related to this vulnerability? Window shows sections for 3 administrator account's password does not expire and threat, and options for first detected, last detected, vendor reference, user modified, et cetera. The presence of this vulnerability indicates that an at...

CYSA+ EXAM 2023 100% VERIFIED SOLUTIONS I'm preparing to conduct a cybersecurity risk assessment for his organization. If he chooses to follow the standard process proposed by NIST, which one of the following steps would come first? A. Determine Likelihood B. Determine Impact C. Identify Threats D. Identify Vulnerabilities? - ANSWER C. ID Threats I'm conducting a CS risk assessment and am considering the impact that a failure of the city power grid might have on the org. What t...

CYSA Test QUESTIONS AND 100% VERIFIED SOLUTIONS Stephanie believes that her computer had been compromised because her computer suddenly slows down and often freezes up. Worried her computer was infected with malware, she immediately unplugged the network and power cables from her computer. Per the company procedures, she contacts the help desk, fills out the appropriate forms, and is sent to a cybersecurity analyst for further analysis. The analyst was not able to confirm or deny ...

CYSA EXAM TEST SOLUTION LATEST UPDATE 2023 Describe one advantage and one disadvantage of using the -T0 switch when performing an Nmap scan. - ANSWER This sets an extremely high delay between probes, which may help to evade detection systems but will take a very long time to return results. What is the principal challenge in scanning UDP ports? - ANSWER UDP does not send ACK messages so the scan must use timeouts to interpret the port state. This makes scanning a wide range of UDP ...