CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
ComptiA CySA+ 2023 Questions and answer - Part 69
1. A threat intelligence analyst who works for a financial services firm received this report:There has been an effective waterhole campaign residing at www.bankfinancecompsoftware.com. This domain is delivering ransomware. This ransomware varianthas been called LockMaster by researchers due to its ability to overwrite the MBR, but this term is not a malware signature. Please execute a defensive operationregarding this attack vector.The analyst ran a query and has assessed that this traffic has been seen on the network. Which of the following actions should the analyst do NEXT? (SelectTWO).(Select 2answers)
A) Advise the security analysts to add an alert in the SIEM on the string LockMaster
B) Produce a threat intelligence message to be disseminated to the company
C) Advise the security architects to enable full-disk encryption to protect the MBR
D) Format the MBR as a precaution
E) Visit the domain and begin a threat assessment
F) Advise the firewall engineer to implement a block on the domain
2. A cybersecurity analyst is completing an organizations vulnerability report and wants it to reflect assets accurately. Which of the following items should be in thereport?
A) Organizational governance
B) Virtual hosts
C) Asset isolation
D) Log disposition
E) Processor utilization
3. External users are reporting that a web application is slow and frequently times out when attempting to submit information. Which of the following softwaredevelopment best practices would have helped prevent this issue?
A) Regression testing
B) Stress testing
C) Fuzzing
D) Input validation
4. A cybersecurity analyst has received an alert that well-known call home messages are continuously observed by network sensors at the network boundary. Theproxy firewall successfully drops the messages. After determining the alert was a true positive, which of the following represents the MOST likely cause?
A) An outside command and control system is attempting to reach an infected system.
B) Malware is running on a company system.
C) Attackers are running reconnaissance on company resources.
D) An insider is trying to exfiltrate information to a remote network.
5. Following a data compromise, a cybersecurity analyst noticed the following executed query:SELECT * from Users WHERE name = rick OR 1=1Which of the following attacks occurred, and which of the following technical security controls would BEST reduce the risk of future impact from this attack? (SelectTWO).(Select 2answers)
A) XSS attack
B) SQL injection
C) Character blacklist
D) Malicious code execution
E) Parameter validation
F) Cookie encryption
A) Advise the security analysts to add an alert in the SIEM on the string LockMaster
B) Produce a threat intelligence message to be disseminated to the company
C) Advise the security architects to enable full-disk encryption to protect the MBR
D) Format the MBR as a precaution
E) Visit the domain and begin a threat assessment
F) Advise the firewall engineer to implement a block on the domain
2. A cybersecurity analyst is completing an organizations vulnerability report and wants it to reflect assets accurately. Which of the following items should be in thereport?
A) Organizational governance
B) Virtual hosts
C) Asset isolation
D) Log disposition
E) Processor utilization
3. External users are reporting that a web application is slow and frequently times out when attempting to submit information. Which of the following softwaredevelopment best practices would have helped prevent this issue?
A) Regression testing
B) Stress testing
C) Fuzzing
D) Input validation
4. A cybersecurity analyst has received an alert that well-known call home messages are continuously observed by network sensors at the network boundary. Theproxy firewall successfully drops the messages. After determining the alert was a true positive, which of the following represents the MOST likely cause?
A) An outside command and control system is attempting to reach an infected system.
B) Malware is running on a company system.
C) Attackers are running reconnaissance on company resources.
D) An insider is trying to exfiltrate information to a remote network.
5. Following a data compromise, a cybersecurity analyst noticed the following executed query:SELECT * from Users WHERE name = rick OR 1=1Which of the following attacks occurred, and which of the following technical security controls would BEST reduce the risk of future impact from this attack? (SelectTWO).(Select 2answers)
A) XSS attack
B) SQL injection
C) Character blacklist
D) Malicious code execution
E) Parameter validation
F) Cookie encryption
1. Right Answer: C,E
Explanation:
2. Right Answer: B
Explanation:
3. Right Answer: B
Explanation:
4. Right Answer: A
Explanation:
5. Right Answer: B,E
Explanation: Reference: https://lwn.net/Articles/177037/
Explanation:
2. Right Answer: B
Explanation:
3. Right Answer: B
Explanation:
4. Right Answer: A
Explanation:
5. Right Answer: B,E
Explanation: Reference: https://lwn.net/Articles/177037/
Tags:
comptia it exams it certification exams it certifications 2023 comptia exam comptia certification comptia questions comptia a+ comptia exam prep comptia 2023 compti prep materials comptia practice exams questions and answers practice tests test question test comptia a+ comptia a+ 1001 comptioa a+ 1002 comptia casp comptia cloud comptia cysa comptia it fundamentals comptia linux comptia network+ comptia security+ linux essentials0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment