100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Previously searched by you
Previously searched by you
logo
Cysa+ Prep Questions with solutions 100% solved $21.99   Add to cart
Quickly navigate to
Preview
  2.  
  3. CYSA+
  4.  
  5. CYSA+

Exam (elaborations)

Cysa+ Prep Questions with solutions 100% solved
 4 views  0 purchase
  • Course
  • CYSA+
  • Institution
  • CYSA+

Cysa+ Prep Questions with solutions 100% solved Which of the following is the software development process by which function, usability, and scenarios are tested against a known set of base requirements? A. Security regression testing B. Code review C. User acceptance testing D. Stress tes...

[Show more]

Preview 4 out of 45  pages

Document information

  • September 23, 2024
  • 45
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers

Subjects

  • cysa prep questions with solutions 100 solved

Written for

  • CYSA+
  • CYSA+

Seller

avatar-seller
UpperClass

Reviews received

Content preview

Cysa+ Prep Questions with solutions 100%
solved

Which of the following is the software development process by which function, usability, and

scenarios are tested against a known set of base requirements?

A. Security regression testing

B. Code review

C. User acceptance testing


D. Stress testing C. User acceptance testing




A security analyst is revising a company's MFA policy to prohibit the use of short message

service (SMS) tokens. The Chief Information Officer has questioned this decision and asked for

justification. Which of the following should the analyst provide as justification for the new

policy?

A. SMS relies on untrusted, third-party carrier networks.

B. SMS tokens are limited to eight numerical characters.

C. SMS is not supported on all handheld devices in use.


D. SMS is a cleartext protocol and does not support encryption. D. SMS is a cleartext

protocol and does not support encryption.

, Cysa+ Prep Questions with solutions 100%
solved
During an incident response procedure, a security analyst collects a hard drive to analyze a

possible vector of compromise. There is a Linux swap partition on the hard drive that needs to be

checked. Which of the following should the analyst use to extract human-readable content from

the partition?

A. strings

B. head

C. fsstat


D. dd A. strings




A consultant is evaluating multiple threat intelligence feeds to assess potential risks for a client.

Which of the following is the BEST approach for the consultant to consider when modeling the

client's attack surface?

A. Ask for external scans from industry peers, look at the open ports, and compare information

with the client.

B. Discuss potential tools the client can purchase to reduce the likelihood of an attack.

C. Look at attacks against similar industry peers and assess the probability of the same attacks

happening.

D. Meet with the senior management team to determine if funding is available for recommended

solutions. C. Look at attacks against similar industry peers and assess the probability of

the same attacks happening.

, Cysa+ Prep Questions with solutions 100%
solved

A development team has asked users to conduct testing to ensure an application meets the needs

of the business. Which of the following types of testing does this describe?

A. Acceptance testing

B. Stress testing

C. Regression testing


D. Penetration testing A. Acceptance testing




An analyst receives artifacts from a recent intrusion and is able to pull a domain, IP address,

email address, and software version. Which of the following points of the Diamond Model of

Intrusion Analysis does this intelligence represent?

A. Infrastructure

B. Capabilities

C. Adversary


D. Victims A. Infrastructure




While conducting a network infrastructure review, a security analyst discovers a laptop that is

plugged into a core switch and hidden behind a desk. The analyst sees the following on the

laptop's screen:[*] [NBT-NS] Poisoned answer sent to 192.169.23.115 for name FILE-SHARE-A

, Cysa+ Prep Questions with solutions 100%
solved
(service: File Server)[*] [LLMNR] Poisoned answer sent to 192.168.23.115 for name FILE-

SHARE-A[*] [LLMNR] Poisoned answer sent to 192.168.23.115 for name FILE-SHARE-

A[SMBv2] NTLMv2-SSP Client : 192.168.23.115[SMBv2] NTLMv2-SSP Username :

CORP\jsmith[SMBv2] NTLMv2-SSP Hash : F5DBF769CFEA7...[*] [NBT-NS] Poisoned

answer sent to 192.169.23.24 for name FILE-SHARE-A (service: File Server)[*] [LLMNR]

Poisoned answer sent to 192.168.23.24 for name FILE-SHARE-A[*] [LLMNR] Poisoned

answer sent to 192.168.23.24 for name FILE-SHARE-A[SMBv2] NTLMv2-SSP Client :

192.168.23.24[SMBv2] NTLMv2-SSP Username : CORP\progers[SMBv2] NTLMv2-SSP Hash

: 6D093BE2FDD70A.. B. Disconnect the laptop and ask the users jsmith and progers to

log out.




A Chief Executive Officer (CEO) is concerned the company will be exposed to data sovereignty

issues as a result of some new privacy regulations. To help mitigate this risk, the Chief

Information Security Officer (CISO) wants to implement an appropriate technical control. Which

of the following would meet the requirement?

A. Data masking procedures

B. Enhanced encryption functions

C. Regular business impact analysis functions


D. Geographic access requirements D. Geographic access requirements

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller UpperClass. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $21.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

75759 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$21.99
  • (0)
  Add to cart