Cys - Study guides, Class notes & Summaries

CYSA Review Activities (CYSA Manual - COMPTIA) – Qs And As

CySA+ Exam 1 Questions & Answers 2024/2025 You suspect that a service called on a Windows server is malicious and you need to terminate it. Which of the following tools would NOT be able to terminate it? sc wmic - ANSWERS (OBJ-3.1: The security policy auditor () will allow an authorized administrator the option to change a great deal about an operating system, but it cannot explicitly stop a process or service that is already running. The command allows an analyst to ...

Service Enumeration The process of identifying the services running on a remote system. This is the main focus of Nmap port scanning. Reverse Proxy Positioned at the cloud network edge and directs traffic to cloud services if the contents of that traffic comply with the policy Skip Ad Security Operations Center (SOC) The location where security professionals monitor and protect critical information assets in an organization. NIST Special Publication 800-53 Revision 5 This document is cal...

CySA+CS0-002 Exam Questions & Answers 2024/2025 An analyst needs to forensically examine a Windows machine that was compromised by a threat actor. Intelligence reports state this specific threat actor is characterized by hiding malicious artifacts, especially with alternate data streams. Based on this intelligence, which of the following BEST explains alternate data streams? A. A different way data can be streamlined if the user wants to use less memory on a Windows system for forking ...

CySA Exam Review Questions & Answers 2024/2025 A recent zero-day vulnerability is being actively exploited, requires no user interaction or privilege escalation, and has a significant impact to confidentiality and integrity but not to availability. Which of the following CVE metrics would be most accurate for this zero-day threat? A. CVSS:31/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:K/A:L B. CVSS:31/AV:K/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L C. CVSS:31/AV:N/AC:L/PR:N/UI:H/S:U/C:L/I:N/A:H D. CVSS:31/AV:L...

DNS Sinkhole - Answer-Provide a response to a DNS query that does not resolve the IP address.. Instead targets the addresses for known malicious domains Role-Based access control (RBAC) - Answer-grants permissions based on a user's role or group. Reverse Engineering - Answer-the process of decontructing something in order to discover its features and constituents Banner grabbing - Answer-used to gain information about a computer system on a network and the services running on its open...

HLT 490 EVIDENCE-BASED INTERVENTION FOR CYSTIC FIBROSIS IN RESPIRATORY CARE (CASE STUDY)

A cybersecurity analyst receives a phone call from an unknown person with the number blocked on the caller ID. After starting conversation, the caller begins to request sensitive information. Which of the following techniques is being applied? A. Social engineering B. Phishing C. Impersonation D. War dialing CORRECT ANSWER A Which of the following is the main benefit of sharing incident details with partner organizations or external trusted parties during the incident response process? A...

An analyst is performing penetration testing and vulnerability assessment activities against a new vehicle automation platform. Which is the MOST likely attack vector being utilized as part of the testing and assessment? A. FaaS B. RTOS C. SoC D. GPS E. CAN bus correct answers E. CAN bus An information security analyst observes anomalous behavior on the SCADA devices in a power plant. This behavior results in the industrial generators overheating and destabilizing the power supply. Whi...

CompTIA CySA - CS0-002 Exam Questions & Answers 2024/2025 Proprietary Intelligence - ANSWERSThreat intelligence that is widely provided as a commercial service offering. Closed-Source Intelligence - ANSWERSData that is derived from the provider's own research and analysis efforts, such as data from honeynets that they operate. Open-Sourced Intelligence - ANSWERSMethods of obtaining information about a person or organization through public records, websites, and social media. Infor...