Certification Practice Test Sample Questions For CompTIA (CS0-001) Cybersecurity Analyst (CySA+)

QuickStart is now offering sample questions for CompTIA (CS0-001): Cybersecurity Analyst (CySA+). Whether you are deciding which exam to sign up for, or simply want to practice the materials necessary to complete certification for this course, we have provided a practice test to better aid in certification. 100% of the questions are real test questions; from a recent version of the CompTIA (CS0-001): Cybersecurity Analyst (CySA+) exam.


Arrow

CompTIA CySA+ Certification Course + Exam Bundle

Enroll now today and get 30% off using discount code PRACTICE30 at checkout.

CompTIA PenTest+ Certification Course + Exam Bundle

Enroll now today and get 30% off using discount code at checkout.

 
proceed to the next question. Correct answers will be displayed when you complete exam.

CS0-001 Sample Exam Questions

1

A network server is suspected as the target of a zero-day attack by the internal cybersecurity team. The cybersecurity team can verify his using which type of analysis?

A. Trend
Incorrect.
B. Heuristic
Correct!
C. Packet
Incorrect.
D. Availability
Incorrect.
2

A company hires a cybersecurity consultant to help organize the internal incident response team. As per the consultant’s recommendations, it is critical to collect information about system activity and events that can possibly lead to an incident. Which of the following should the team use?

A. Process analysis utility
Incorrect.
B. Cryptographic tools
Incorrect.
C. Log viewer
Correct!
D. Imaging utility
Incorrect.
3

An organization asks an outside organization to perform a blind penetration test. The vulnerability of network towards data theft and modification needs to be tested with the penetration test. There is a specification in the rules of engagement to test potential vulnerabilities identified in the testing. Identify the initial step testers must take when performing the test.

A. Information gathering
Correct!
B. Brute force attack
Incorrect.
C. Vulnerability scanning
Incorrect.
D. Initial reporting
Incorrect.
4

There needs to be created a forensic copy of a hard disk. The incident response team is responsible for it. Which of the following steps should the team take before the copy is created?

5

An organization has established forensic response team. A cybersecurity specialist is hired to work with the new team. They are tasked to team up and create a detailed incident response plan. At the site of incident, data needs to be collected to investigate further. The team and the specialist have to create guidelines for prioritizing data collection at the site of an incident. Can you identify the data source that must have the highest priority?

A. CPU registers and cache
Correct!
B. Temporary file systems
Incorrect.
C. System memory
Incorrect.
D. Hard disk
Incorrect.
6

An organization faces an internal data exfiltration attack. As a result, some amount of unpublished data got published at an external website. There was an unexpected vulnerability that got unfolded upon investigating about the potential impact of the attack: There are no restrictions in copying and redistributing material received from the publisher, bought directly or through a third party. The publisher needs protect the material from getting copied or redistributed in the future by unauthorized means. Which of the following solutions should the publisher implement?

A. NDA
Correct!
B. DLP
Incorrect.
C. DRM
Correct!
D. AUP
Incorrect.
7

A Company is preparing to develop an application that is planned to be used extensively throughout the organization. The developers of the application are required to look for and identify all the relevant information about security controls that must be kept in check while developing an application. Can you identify the organization that provides this information?

A. CIS
Correct!
B. CSDP
Incorrect.
C. GIAC
Incorrect.
D. OWASP
Incorrect.
8

There is a detailed analysis run on SEIM server data, IDS collected data, and network captures. The analysis reflects unusual network traffic. An external address receives bursts of outgoing traffic late at night. The cybersecurity teams plan to develop an action plan to deal with the situation and decide to gather additional information about the activity. What would be the first step the cybersecurity team should take?

9

An organization plans to manage incidents via internal resources and designates a Computer Security Incident Response Team (CSIRT) for that purpose. A laptop computer is required by the team to be repurposed as a forensic workstation. What would they install in the computer if they aim to set up the workstation in as less time as possible?

A. Red Hat Linux
Incorrect.
B. Microsoft Windows 10
Incorrect.
C. Kali Linux
Correct!
D. Microsoft Windows Server 2016
Incorrect.
10

The security team used current plug-ins to update your vulnerability scanner. An increase in reported vulnerabilities reflected upon running a non-credentialed scan of the network. There is a custom application reported as vulnerable. The application was running on several hosts. A false positive is suspected as by the security team. What do you think the security team must do first?

11

Some confidential information including PHI was downloaded during an incident as identified by the incident response team. According to the legal department, the potentially impacted customers must have a statement issued to them informing about the incident. Why do you think this is important?

12

In an incident response process, what two key roles does the management have?

13

Negotiations are going on between an Internet service provider (ISP) and a small regional competitor as the ISP plans to acquire the regional competitor. A leakage of unauthorized information regarding the acquisition is witnessed. Any more information leak could increase the cost of acquisition or even affect the deal to stop from succeeding. Initially, a social engineering attack is suspected by the ISP's security team. Later, the reason was identified to be an email sent by an ISP employee. When asked from the employee, he says he was unaware of his liberty to decide what he can and cannot speak about the acquisition. In your opinion, what is the BEST solution both companies must go for in order to minimize the risk of information leakage?

A. ISA
Incorrect.
B. DLP
Incorrect.
C. NDA
Correct!
D. AUP
Incorrect.
14

An organization has a web application that allows field sales personnel access the customer information. There is an unusual surge in data transmissions from the web site. Upon further investigation it is indicated that the traffic started when website was connected using the following string: http://frelcompany.com/showcust.php?ID=1000 OR in What is the type of vulnerability being exploited?

A. Buffer overflow
Incorrect.
B. SQL injection
Incorrect.
C. Clickjacking
Incorrect.
D. Maintenance hook
Correct!
15

An organization plans on implementing an information security vulnerability management process and wants to classify data in advance. It is required by a security specialist to take out employees’ personally identifying information (PII) on file. Can you identify the two types of information that the specialist can classify as PII? (opt any TWO)

A. Salary information
Incorrect.
B. Father,s name
Correct!
C. Salary information
Incorrect.
D. Home address
Correct!
16

An organization hires a cybersecurity consultant and aims to establish a computer incident response team. Personnel from different departments are included in the team. The departments are: -Technical services -Information technology (IT) -Management -Human resources (HR) -Public relations -Legal An incident response plan containing communication plans and guidance (in case of an incident), is being developed by the team. Three important factors in terms of communication must be kept in mind. Security, reliability, and appropriateness. Identify the two most suitable items that the communication plan must include? (opt any TWO)

17

An organization wants to provide access to outside sales personnel for which it deploys a CRM web application in its perimeter network. Compatibility and security issues, while deployment, are dealt as the internal security team borrows support from supplier's technical team. The internal security team realizes within the process that the application has a maintenance hook. Can you identify what potential risk would be attached to a maintenance hook?

18

The following is executed by a cyber team member from a Linux host: ping -b -c 3 -i30 192.168.2.255 This indicates what type of environmental reconnaissance effort?

A. Service discovery
Incorrect.
B. DNS harvesting
Incorrect.
C. Topology discovery
Correct!
D. OS fingerprinting
Incorrect.
19

An organization hires you as a security consultant to aid in implementing an information vulnerability management process. Can you identify the first step you would recommend?

20

An organization has started facing increased security exploit incidents recently. It is realized that due to an overloaded number of network resources the network has become vulnerable to exploit attempts. There was also a denial-of-service (DoS) attack that resulted in crashing a critical database server. Trend analysis is intended to be implemented so resource requirements can be managed proactively. Can you identify the first step in setting up trend analysis?

21

An organization faced an incident, which was analyzed to check for the loopholes. It was established that the following will be needed to modify or update: -Permission assignments -Router and firewall configurations -VLAN boundaries Can you identify where the IT department can get the guidelines for implementing the above mentioned elements?

22

An organization has an internally developed application. It is decided to test an update on the application at its corporate office. There are remote offices with users of the application and it must be ensure that the update is available to users in remote offices on an as needed basis. A website that can be accessed by users in remote locations has the file available for download. Now it is required to be sure the integrity and authenticity of the file remains intact after download. Which technology should the company use?

A. Encryption
Incorrect.
B. Fuzzing
Incorrect.
C. Mutual authentication
Incorrect.
D. Hashing
Correct!
23

In an organization, both employees and customers are brought in communication using websites. Various private and public websites are hosted by the company. Attacks have been detected on some websites as they are found to be vulnerable to session hijacking. How best can session hijacking can be prevented in future?

24

An organization wants to implement an information security vulnerability management process for which it hires on contract a data security specialist. The data security specialist helps with data classification. The specialist is required to classify the data as proprietary, confidential, private, or public. Can you identify the type of data that can be identified as proprietary data?

25

An audit carried after an incident identifies the need to update and enforce password policies. The policy mentions wew maximum and minimum age limits. The Group Policy enforces the limits for Microsoft Active Directory Domain Services (AD DS) users. Technical services is required to enforce the policy to a limited number of users. Those users who can directly log onto the network's two Linux servers. Can you identify a step that technical services must take?

26

There is a commercial customer management application that is reported to have a problem by a user. Customer records get deleted every time it is accessed by a user. It is a web application. There is an Antivirus software installed and runs on the web server and the database server. There are no problems reported by the antivirus software. How would this type of threat be classified by the security analyst?

A. Known
Incorrect.
B. Zero-day
Correct!
C. PHI
Incorrect.
D. APT
Incorrect.
27

An organization has a new web application deployed. It is a limited release edition, as part of its user acceptance testing (UAT). The organization wants to focus on application security while monitoring, capturing, and analyzing users and web application real-world activity. What do you think the company should use?

A. Interception proxy
Correct!
B. Regression testing
Incorrect.
C. WAF
Incorrect.
D. Input validation
Correct!
28

An organization would like to have continuous scans as part of its information security vulnerability management process. A hired security consultant recommends using standards so the automated vulnerability management can be enabled. This would help the organization identify, separate and highlight software flaws and configuration issues. What do you think is the appropriate standard the company must use to provide this?

A. SIEM
Incorrect.
B. SABSA
Incorrect.
C. SCADA
Incorrect.
D. SCAP
Correct!
29

A known vulnerability is reported in a credentialed vulnerability scan. The vulnerability is reported on various databases. However, when a non-credentialed scan runs, the vulnerability is not reported. It is established that the configuration settings that are required to support a legacy application are causing the vulnerability. It is desired by the security team to not have vulnerability reported on future scans. At the same time the team doesn’t want the accuracy of the scans to go down. What do you think the security team must do?

Sample-Question CompTIA Cybersecurity Analyst (CySA+)

$99.00

More Information:

  • Learning Style: On Demand
  • Learning Style: Practice Exam
  • Difficulty: Beginner
  • Course Duration: 1 Hour
  • Course Info: Download PDF
  • Certificate: See Sample

Need Training for 5 or More People?

Customized to your team's need:

  • Annual Subscriptions
  • Private Training
  • Flexible Pricing
  • Enterprise LMS
  • Dedicated Customer Success Manager

Outline

Reviews

Write Your Own Review
Only registered users can write reviews. Please Sign in or create an account

Hit button to validate captcha