100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Previously searched by you
Previously searched by you
logo
CYSA+ Chapter 4 Review Questions And 100% Correct Answers A+ Graded $9.99   Add to cart
Quickly navigate to
Preview
  2.  
  3. CYSA+ Chapter 4
  4.  
  5. CYSA+ Chapter 4

Exam (elaborations)

CYSA+ Chapter 4 Review Questions And 100% Correct Answers A+ Graded
 3 views  0 purchase
  • Course
  • CYSA+ Chapter 4
  • Institution
  • CYSA+ Chapter 4

CYSA+ Chapter 4 Review Questions And 100% Correct Answers A+ Graded...

Preview 2 out of 6  pages

Document information

  • October 12, 2024
  • 6
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers

Subjects

Written for

  • CYSA+ Chapter 4
  • CYSA+ Chapter 4

Seller

avatar-seller
Braxton

Reviews received

Content preview

CYSA+ Chapter 4 Review Questions And 100%
Correct Answers A+ Graded


Kevin has very recently discovered a new security vulnerability and estimated the base
score of this vulnerability to be 6.5 under the CVSS scheme. Which of the following
categories would this vulnerability fall into?

A. Low

B. Medium

C. High

D. Critical - ANSWER C - High. Vulnerabilities whose CVSS score is greater than 6.0 but
less than 10.0 are classified as High risk.



Tara recently reviewed the findings of a vulnerability scan report and determined that a
vulnerability identified by the scanner did not exist because the system actually was
patched as prescribed. Which of the following types of errors has occurred?

A. False Positive

B. False Negative

C. True Positive

D. True Negative - ANSWER A - False Positive. The vulnerability scanner reports a
vulnerability that actually does not exist. This can be termed as the false positive error.



Tom is reviewing the output of a vulnerability scan report and finds that one of the
servers on his network suffers from an internal IP address disclosure vulnerability.
Which of the following protocols would most likely be in use on the network to have
caused this vulnerability?

A) TLS

B) NAT

C) SSH

D. VPN ANSWER B NAT Although the network can support any of these protocols,

, internal IP disclosure vulnerabilities occur when a network uses Network Address
Translation (NAT to map public and private IP addresses but a server inadvertently
discloses its private IP address to remote systems.



Which of the CVSS metrics would define information about how many times an attacker
must be successfully authenticated in order to execute an attack?

A. AV

B. C

C. Au

D. AC

ANSWER C -Au. The authentication metric describes the type of authentication hurdles
that would need to be cleared by an attacker in order to successfully exploit a
vulnerability.



Which of the following values of the CVSS access complexity metric would indicate that
an attacker can most easily mount the targeted attack?

A. High

B. Medium

C. Low

D. Severe - ANSWER C - Low. An access complexity of "low" means that there are no
special conditions that must be met in order to exploit the vulnerability.

Which of the following values of the CVSS confidentiality, integrity, or availability metric
would indicate that the system might suffer a complete compromise?

A. N

B. A

C. P

D. C - ANSWER D - C. If any of those measures is checked as C, for Complete, it signals
the very likely complete compromise of a system.

Current Latest Version of Available CVSS

A. 1.0

B. 2.0

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Braxton. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $9.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

75759 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$9.99
  • (0)
  Add to cart