CySA

Which one of the following objectives is not one of the three main objectives that information security professionals must achieve to protect their organizations against cybersecurity threats? - Answer-nonrepudiation Tommy is assessing the security database servers in his datacenter and realizes that one of them is missing a critical Oracle security patch. What type of situation has Tommy detected? - Answer-vulnerability Ben is preparing to conduct a cybersecurity risk assessment for his o...

CySA Exam Questions & Answers 2024/2025 Which one of the following objectives is not one of the three main objectives that information security professionals must achieve to protect their organizations against cybersecurity threats? - ANSWERSnonrepudiation Tommy is assessing the security database servers in his datacenter and realizes that one of them is missing a critical Oracle security patch. What type of situation has Tommy detected? - ANSWERSvulnerability Ben is preparing to cond...

CySA Exam Review Questions & Answers 2024/2025 A recent zero-day vulnerability is being actively exploited, requires no user interaction or privilege escalation, and has a significant impact to confidentiality and integrity but not to availability. Which of the following CVE metrics would be most accurate for this zero-day threat? A. CVSS:31/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:K/A:L B. CVSS:31/AV:K/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L C. CVSS:31/AV:N/AC:L/PR:N/UI:H/S:U/C:L/I:N/A:H D. CVSS:31/AV:L...

CySA Exam/582 Questions with Correct Answers

CYSA 2023 Exam Questions and Correct Answers An organization has recently recovered from an incident where a managed switch had been accessed and reconfigured without authorization by an insider. The incident response team is working on developing a lessons learned report with recommendations. Which of the following recommendations will BEST prevent the same attack from occurring in the future? A. Remove and replace the managed switch with an unmanaged one. B. Implement a separate logical ...

CYSA Test Questions and Correct Answers The IT team reports the EDR software that is installed on laptops is using a large amount of resources. Which of the following changes should a security analyst make to the EDR to BEST improve performance without compromising security? A. Quarantine the infected systems. B. Disable on-access scanning. C. Whitelist known-good applications. D. Sandbox unsigned applications. - ANSWER Whitelist known-good applications A security analyst is review...

CYSA Practice Test Questions and Correct Answers I'm preparing to conduct a cybersecurity risk assessment for his organization. If he chooses to follow the standard process proposed by NIST, which one of the following steps would come first? A. Determine Likelihood B. Determine Impact C. Identify Threats D. Identify Vulnerabilities? - ANSWER C. ID Threats I'm conducting a CS risk assessment and am considering the impact that a failure of the city power grid might have on ...

CYSA EXAM TEST 2023 LATEST UPDATE Q1 A Chief Information Security Officer (CISO) is concerned developers have too much visibility into customer data. Which of the following controls should be implemented to BEST address these concerns? A. Data masking B. Data loss prevention C. Data minimization D. Data sovereignty - ANSWER A 2 A Chief Information Security Officer (CISO) is concerned the development team, which consists of contractors, has too much access to customer data. Develo...

CYSA Exam Questions and Correct Answers Q1 A Chief Information Security Officer (CISO) is concerned developers have too much visibility into customer data. Which of the following controls should be implemented to BEST address these concerns? A. Data masking B. Data loss prevention C. Data minimization D. Data sovereignty - ANSWER A 2 A Chief Information Security Officer (CISO) is concerned the development team, which consists of contractors, has too much access to custome...