Cysa exam set - Study guides, Class notes & Summaries

CySA+ Exam guide Questions and Answers Rated A DNS Sinkhole Provide a response to a DNS query that does not resolve the IP address.. Instead targets the addresses for known malicious domains Role-Based access control (RBAC) grants permissions based on a user's role or group. Reverse Engineering the process of decontructing something in order to discover its features and constituents Banner grabbing used to gain information about a computer system on a network and the services running on its ...

CYSA EXAM 2023 QUESTIONS AND VERIFIED CORRECT ANSWERS The IT team reports the EDR software that is installed on laptops is using a large amount of resources. Which of the following changes should a security analyst make to the EDR to BEST improve performance without compromising security? A. Quarantine the infected systems. B. Disable on-access scanning. C. Whitelist known-good applications. D. Sandbox unsigned applications. - ANSWER Whitelist known-good applications A security a...

CYSA+ EXAM 2023 100% VERIFIED SOLUTIONS I'm preparing to conduct a cybersecurity risk assessment for his organization. If he chooses to follow the standard process proposed by NIST, which one of the following steps would come first? A. Determine Likelihood B. Determine Impact C. Identify Threats D. Identify Vulnerabilities? - ANSWER C. ID Threats I'm conducting a CS risk assessment and am considering the impact that a failure of the city power grid might have on the org. What t...

CySA Practice Exam #2 question with complete solution C. The attack vector explains what type of access that the attacker must have to a system or network and does not refer to the types of specialized conditions that must exist. In this case, the A rating refers to Adjacent, where the attacker must launch the attack from the same shared physical (such as Bluetooth or Wi-Fi network), logical network (such as a local subnet), or a limited administrative domain (such as a VPN or MPLS). An attac...

CYSA EXAM 2023 QUESTIONS AND VERIFIED CORRECT ANSWERS The IT team reports the EDR software that is installed on laptops is using a large amount of resources. Which of the following changes should a security analyst make to the EDR to BEST improve performance without compromising security? A. Quarantine the infected systems. B. Disable on-access scanning. C. Whitelist known-good applications. D. Sandbox unsigned applications. - ANSWER Whitelist known-good applications A security a...

CYSA+ Practice Exam #1 question with complete solution 2022While reviewing network flow logs, John sees that network flow on a particular segment suddenly dropped to zero. What is the most likely cause of this? A denial-of-service attack A link failure High bandwidth consumption Beaconing B. The sudden drop to zero is most likely to be an example of link failure. A denial-of- service attack could result in this type of drop but is less likely for most organizations. High bandwidth consump...

CYSA EXAM TEST 2023 QUESTION AND CORRECT ANSWER Which of the following is the software development process by which function, usability, and scenarios are tested against a known set of base requirements? A. Security regression testing B. Code review C. User acceptance testing D. Stress testing - ANSWER C. User acceptance testing A security analyst is revising a company's MFA policy to prohibit the use of short message service (SMS) tokens. The Chief Information Officer has questio...

(Jason Dion's) CySA+ Practice Exam 1 correctly answered 2022You suspect that a service called on a Windows server is malicious and you need to terminate it. Which of the following tools would NOT be able to terminate it? ​ A.sc ​ B.wmic ​ C. ​ D. C. Explanation OBJ-3.1: The security policy auditor () will allow an authorized administrator the option to change a great deal about an operating system, but it cannot explicitly stop a process or service that is already running....

CYSA+ EXAM 2023 100% VERIFIED SOLUTIONS I'm preparing to conduct a cybersecurity risk assessment for his organization. If he chooses to follow the standard process proposed by NIST, which one of the following steps would come first? A. Determine Likelihood B. Determine Impact C. Identify Threats D. Identify Vulnerabilities? - ANSWER C. ID Threats I'm conducting a CS risk assessment and am considering the impact that a failure of the city power grid might have on the org. What type o...

CYSA+ EXAM 2023 100% VERIFIED SOLUTIONS I'm preparing to conduct a cybersecurity risk assessment for his organization. If he chooses to follow the standard process proposed by NIST, which one of the following steps would come first? A. Determine Likelihood B. Determine Impact C. Identify Threats D. Identify Vulnerabilities? - ANSWER C. ID Threats I'm conducting a CS risk assessment and am considering the impact that a failure of the city power grid might have on the org. What t...