CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
ComptiA CySA+ 2023 Questions and answer - Part 45
1. There have been several exploits to critical devices within the network. However, there is currently no process to perform vulnerability analysis.Which of the following should the security analyst implement during production hours to identify critical threats and vulnerabilities?
A) Vulnerability scanning frequency that does not interrupt workflow
B) Daily automated reports of exploited devices
C) Scanning of all types of data regardless of sensitivity levels
D) Asset inventory of all critical devices
2. A threat intelligence feed has posted an alert stating there is a critical vulnerability in the kernel. Unfortunately, the companys asset inventory is not current. Whichof the following techniques would a cybersecurity analyst perform to find all affected servers within an organization?
A) A service discovery scan on the network
B) A manual log review from data sent to syslog
C) A packet capture of data traversing the server network
D) An OS fingerprinting scan across all hosts
3. A cybersecurity analyst has identified a new mission-essential function that utilizes a public cloud-based system. The analyst needs to classify the informationprocessed by the system with respect to CIA, Which of the following should provide the CIA classification for the information?
A) The data owner
B) The cloud provider
C) The system administrator
D) The cybersecurity analyst
4. Using a heuristic system to detect an anomaly in a computers baseline, a system administrator was able to detect an attack even though the company signaturebased IDS and antivirus did not detect it. Further analysis revealed that the attacker had downloaded an executable file onto the company PC from the USB port,and executed it to trigger a privilege escalation flaw. Which of the following attacks has MOST likely occurred?
A) Cookie stealing
B) Zero-day
C) Directory traversal
D) XML injection
5. Which of the following stakeholders would need to be aware of an e-discovery notice received by the security office about an ongoing case within the manufacturingdepartment?
A) Legal
B) Marketing
C) Board of trustees
D) Human resources
A) Vulnerability scanning frequency that does not interrupt workflow
B) Daily automated reports of exploited devices
C) Scanning of all types of data regardless of sensitivity levels
D) Asset inventory of all critical devices
2. A threat intelligence feed has posted an alert stating there is a critical vulnerability in the kernel. Unfortunately, the companys asset inventory is not current. Whichof the following techniques would a cybersecurity analyst perform to find all affected servers within an organization?
A) A service discovery scan on the network
B) A manual log review from data sent to syslog
C) A packet capture of data traversing the server network
D) An OS fingerprinting scan across all hosts
3. A cybersecurity analyst has identified a new mission-essential function that utilizes a public cloud-based system. The analyst needs to classify the informationprocessed by the system with respect to CIA, Which of the following should provide the CIA classification for the information?
A) The data owner
B) The cloud provider
C) The system administrator
D) The cybersecurity analyst
4. Using a heuristic system to detect an anomaly in a computers baseline, a system administrator was able to detect an attack even though the company signaturebased IDS and antivirus did not detect it. Further analysis revealed that the attacker had downloaded an executable file onto the company PC from the USB port,and executed it to trigger a privilege escalation flaw. Which of the following attacks has MOST likely occurred?
A) Cookie stealing
B) Zero-day
C) Directory traversal
D) XML injection
5. Which of the following stakeholders would need to be aware of an e-discovery notice received by the security office about an ongoing case within the manufacturingdepartment?
A) Legal
B) Marketing
C) Board of trustees
D) Human resources
1. Right Answer: A
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: A
Explanation:
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: A
Explanation:
Tags:
comptia it exams it certification exams it certifications 2023 comptia exam comptia certification comptia questions comptia a+ comptia exam prep comptia 2023 compti prep materials comptia practice exams questions and answers practice tests test question test comptia a+ comptia a+ 1001 comptioa a+ 1002 comptia casp comptia cloud comptia cysa comptia it fundamentals comptia linux comptia network+ comptia security+ linux essentials0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment