CompTIA CS0-001 CompTIA CySA+ Certification Exam Online Training
CompTIA CS0-001 Online Training
The questions for CS0-001 were last updated at Nov 10,2024.
- Exam Code: CS0-001
- Exam Name: CompTIA CySA+ Certification Exam
- Certification Provider: CompTIA
- Latest update: Nov 10,2024
A cybersecurity analyst has received the laptop of a user who recently left the company.
The analyst types ‘history’ into the prompt, and sees this line of code in the latest bash history:
This concerns the analyst because this subnet should not be known to users within the company .
Which of the following describes what this code has done on the network?
- A . Performed a ping sweep of the Class C network.
- B . Performed a half open SYB scan on the network.
- C . Sent 255 ping packets to each host on the network.
- D . Sequentially sent an ICMP echo reply to the Class C network.
A database administrator contacts a security administrator to request firewall changes for a connection to a new internal application.
The security administrator notices that the new application uses a port typically monopolized by a virus.
The security administrator denies the request and suggests a new port or service be used to complete the application’s task.
Which of the following is the security administrator practicing in this example?
- A . Explicit deny
- B . Port security
- C . Access control lists
- D . Implicit deny
A cybersecurity professional typed in a URL and discovered the admin panel for the e-commerce application is accessible over the open web with the default password .
Which of the following is the MOST secure solution to remediate this vulnerability?
- A . Rename the URL to a more obscure name, whitelist all corporate IP blocks, and require two-factor authentication.
- B . Change the default password, whitelist specific source IP addresses, and require two-factor authentication.
- C . Whitelist all corporate IP blocks, require an alphanumeric passphrase for the default password, and require two-factor authentication.
- D . Change the username and default password, whitelist specific source IP addresses, and require two-factor authentication.
A security analyst is creating baseline system images to remediate vulnerabilities found in different operating systems. Each image needs to be scanned before it is deployed. The security analyst must ensure the configurations match industry standard benchmarks and the process can be repeated frequently .
Which of the following vulnerability options would BEST create the process requirements?
- A . Utilizing an operating system SCAP plugin
- B . Utilizing an authorized credential scan
- C . Utilizing a non-credential scan
- D . Utilizing a known malware plugin
A company discovers an unauthorized device accessing network resources through one of many network drops in a common area used by visitors.
The company decides that it wants to quickly prevent unauthorized devices from accessing the network but policy prevents the company from making changes on every connecting client.
Which of the following should the company implement?
- A . Port security
- B . WPA2
- C . Mandatory Access Control
- D . Network Intrusion Prevention
A vulnerability scan has returned the following information:
Which of the following describes the meaning of these results?
- A . There is an unknown bug in a Lotus server with no Bugtraq ID.
- B . Connecting to the host using a null session allows enumeration of share names.
- C . Trend Micro has a known exploit that must be resolved or patched.
- D . No CVE is present, so it is a false positive caused by Lotus running on a Windows server.
Law enforcement has contacted a corporation’s legal counsel because correlated data from a breach shows the organization as the common denominator from all indicators of compromise. An employee overhears the conversation between legal counsel and law enforcement, and then posts a comment about it on social media. The media then starts contacting other employees about the breach .
Which of the following steps should be taken to prevent further disclosure of information about the breach?
- A . Perform security awareness training about incident communication.
- B . Request all employees verbally commit to an NDA about the breach.
- C . Temporarily disable employee access to social media.
- D . Have law enforcement meet with employees.
A software assurance lab is performing a dynamic assessment on an application by automatically generating and inputting different, random data sets to attempt to cause an error/failure condition .
Which of the following software assessment capabilities is the lab performing AND during which phase of the SDLC should this occur? (Select two.)
- A . Fuzzing
- B . Behavior modeling
- C . Static code analysis
- D . Prototyping phase
- E . Requirements phase
- F . Planning phase
An incident response report indicates a virus was introduced through a remote host that was connected to corporate resources. A cybersecurity analyst has been asked for a recommendation to solve this issue .
Which of the following should be applied?
- A . MAC
- B . TAP
- C . NAC
- D . ACL
A cybersecurity analyst has been asked to follow a corporate process that will be used to manage vulnerabilities for an organization. The analyst notices the policy has not been updated in three years .
Which of the following should the analyst check to ensure the policy is still accurate?
- A . Threat intelligence reports
- B . Technical constraints
- C . Corporate minutes
- D . Governing regulations
Latest CS0-001 Dumps Valid Version with 455 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
