100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Previously searched by you
Previously searched by you
logo
CompTIA CySA+ CS0-002 Practice Questions with100% Correct Answers. $20.49   Add to cart
Quickly navigate to
Preview
  2.  
  3. CompTIA CySA+ CS0-002
  4.  
  5. CompTIA CySA+ CS0-002

Exam (elaborations)

CompTIA CySA+ CS0-002 Practice Questions with100% Correct Answers.
 4 views  0 purchase
  • Course
  • CompTIA CySA+ CS0-002
  • Institution
  • CompTIA CySA+ CS0-002

CompTIACySA+ CS0-002PracticeQuestionswith100% CorrectAnswers. A cybersecurity analyst receives a phone call from an unknown person with the number blocked on the caller ID. After starting conversation, the caller begins to request sensitive information. Which of the following techniques is bein...

[Show more]

Preview 3 out of 24  pages

Document information

  • November 12, 2024
  • 24
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers

Subjects

Written for

  • CompTIA CySA+ CS0-002
  • CompTIA CySA+ CS0-002

Seller

avatar-seller
Pronurse

Reviews received

Content preview

CompTIA CySA+ CS0-002 Practice Questions with100%
Correct Answers.

A cybersecurity analyst receives a phone call from an unknown person with the number
blocked on the caller ID. After starting conversation, the caller begins to request sensitive
information. Which of the following techniques is being applied?
A. Social engineering
B. Phishing
C. Impersonation
D. War dialing - Correct Answer A


Which of the following is the main benefit of sharing incident details with partner
organizations or external trusted parties during the incident response process?
A. It facilitates releasing incident results, findings and resolution to the media and all
appropriate government agencies
B. It shortens the incident life cycle by allowing others to document incident details and
prepare reports.
C. It enhances the response process, as others may be able to recognize the observed
behavior and provide valuable insight.
D. It allows the security analyst to defer incident-handling activities until all parties agree
on how to proceed with analysis. - Correct Answer C


The security analyst determined that an email containing a malicious attachment was sent
to several employees within the company, and it was not stopped by any of the email
filtering devices. An incident was declared. During the investigation, it was determined
that most users deleted the email, but one specific user executed the attachment. Based
on the details gathered, which of the following actions should the security analyst perform
NEXT?
A. Obtain a copy of the email with the malicious attachment. Execute the file on another
user's machine and observe the behavior. Document all findings.
B. Acquire a full backup of the affected machine. Reimage the machine and then restore
from the full backup.
C. Take the affected machine off the network. Review local event logs looking for activity
and processes related to unknown or unauthorized software.

,D. Take possession of the machine. Apply the latest OS updates and fir - Correct Answer
C


Which of the following tools should a cybersecurity analyst use to verify the integrity of a
forensic image before and after an investigation?
A. strings
B. sha1sum
C. file
D. dd
E. gzip - Correct Answer B


Given the following logs:
Aug 18 11:00:57 comptia sshd[5657]: Failed password for root from 10.10.10.192 port
38980 ssh2
Aug 18 23:08:26 comptia sshd[5768]: Failed password for root from 18.70.0.160 port
38156 ssh2
Aug 18 23:08:30 comptia sshd[5770]: Failed password for admin from 18.70.0.160 port
38556 ssh2
Aug 18 23:08:34 comptia sshd[5772]: Failed password for invalid user asterisk from
18.70.0.160 port 38864 ssh2
Aug 18 23:08:38 comptia sshd[5774]: Failed password for invalid user sjobeck from
10.10.1.16 port 39157 ssh2
Aug 18 23:08:42 comptia sshd[5776]: Failed password for root from 18.70.0.160 port
39467 ssh2


Which of the following can be suspected?
A. An unauthorized user is trying to gain access from 10.10.10.192.
B. An authorized user is trying to gain access from 10.10.10.192.
C. An authorized user is trying to gain access from 18.70.0.160.
D. An unauthorized user is trying to gain access from 18.70.0.160 - Correct Answer D


A security analyst has been asked to review permissions on accounts within Active
Directory to determine if they are appropriate to the user's role. During this process, the

, analyst notices that a user from building maintenance is part of the Domain Admin group.
Which of the following does this indicate?
A. Cross-site scripting
B. Session hijack
C. Privilege escalation
D. Rootkit - Correct Answer C


In the last six months, a company is seeing an increase in credential-harvesting attacks.
The latest victim was the chief executive officer (CEO). Which of the following
countermeasures will render the attack ineffective?
A. Use a complex password according to the company policy.
B. Implement an intrusion-prevention system.
C. Isolate the CEO's computer in a higher security zone.
D. Implement multifactor authentication. - Correct Answer D


After a security breach, it was discovered that the attacker had gained access to the
network by using a brute-force attack against a service account with a password that was
set to not expire, even though the account had a long, complex password. Which of the
following could be used to prevent similar attacks from being successful in the future?
A. Complex password policies
B. Account lockout
C. Self-service password reset portal
D. Scheduled vulnerability scans - Correct Answer B


A security analyst wants to capture data flowing in and out of a network. Which of the
following would MOST likely assist in achieving this goal?
A. Taking a screenshot.
B. Analyzing network traffic and logs.
C. Analyzing big data metadata.
D. Capturing system image. - Correct Answer B

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Pronurse. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $20.49. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

75323 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$20.49
  • (0)
  Add to cart