CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
ComptiA CySA+ 2023 Questions and answer - Part 42
1. Which of the following is a technology used to provide Internet access to internal associates without exposing the Internet directly to the associates?
A) Intrusion prevention system
B) Vulnerability scanner
C) Fuzzer
D) Web proxy
2. Several users have reported that when attempting to save documents in team folders, the following message is received:The File Cannot Be Copied or Moved Service Unavailable.Upon further investigation, it is found that the syslog server is not obtaining log events from the file server to which the users are attempting to copy files. Which ofthe following is the MOST likely scenario causing these issues?
A) The network is saturated, causing network congestion
B) The file server is experiencing high CPU and memory utilization
C) Malicious processes are running on the file server
D) All the available space on the file server is consumed
3. While preparing for a third-party audit, the vice president of risk management and the vice president of information technology have stipulated that the vendor maynot use offensive software during the audit. This is an example of:
A) organizational control.
B) service-level agreement.
C) risk appetite
D) rules of engagement.
4. The Chief Information Security Officer (CISO) has asked the security staff to identify a framework on which to base the security program. The CISO would like toachieve a certification showing the security program meets all required best practices. Which of the following would be the BEST choice?
A) OSSIM
B) ISO
C) SANS
D) SDLC
5. An application development company released a new version of its software to the public. A few days after the release, the company is notified by end users thatthe application is notably slower, and older security bugs have reappeared in the new release. The development team has decided to include the security analystduring their next development cycle to help address the reported issues. Which of the following should the security analyst focus on to remedy the existing reportedproblems?
A) The security analyst should perform end user acceptance security testing during each application development cycle.
B) The security analyst should perform application fuzzing to locate application vulnerabilities during each application development cycle.
C) The security analyst should perform security regression testing during each application development cycle.
D) The security analyst should perform secure coding practices during each application development cycle.
A) Intrusion prevention system
B) Vulnerability scanner
C) Fuzzer
D) Web proxy
2. Several users have reported that when attempting to save documents in team folders, the following message is received:The File Cannot Be Copied or Moved Service Unavailable.Upon further investigation, it is found that the syslog server is not obtaining log events from the file server to which the users are attempting to copy files. Which ofthe following is the MOST likely scenario causing these issues?
A) The network is saturated, causing network congestion
B) The file server is experiencing high CPU and memory utilization
C) Malicious processes are running on the file server
D) All the available space on the file server is consumed
3. While preparing for a third-party audit, the vice president of risk management and the vice president of information technology have stipulated that the vendor maynot use offensive software during the audit. This is an example of:
A) organizational control.
B) service-level agreement.
C) risk appetite
D) rules of engagement.
4. The Chief Information Security Officer (CISO) has asked the security staff to identify a framework on which to base the security program. The CISO would like toachieve a certification showing the security program meets all required best practices. Which of the following would be the BEST choice?
A) OSSIM
B) ISO
C) SANS
D) SDLC
5. An application development company released a new version of its software to the public. A few days after the release, the company is notified by end users thatthe application is notably slower, and older security bugs have reappeared in the new release. The development team has decided to include the security analystduring their next development cycle to help address the reported issues. Which of the following should the security analyst focus on to remedy the existing reportedproblems?
A) The security analyst should perform end user acceptance security testing during each application development cycle.
B) The security analyst should perform application fuzzing to locate application vulnerabilities during each application development cycle.
C) The security analyst should perform security regression testing during each application development cycle.
D) The security analyst should perform secure coding practices during each application development cycle.
1. Right Answer: D
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: D
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: C
Explanation:
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: D
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: C
Explanation:
Tags:
comptia it exams it certification exams it certifications 2023 comptia exam comptia certification comptia questions comptia a+ comptia exam prep comptia 2023 compti prep materials comptia practice exams questions and answers practice tests test question test comptia a+ comptia a+ 1001 comptioa a+ 1002 comptia casp comptia cloud comptia cysa comptia it fundamentals comptia linux comptia network+ comptia security+ linux essentials0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment