100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Previously searched by you
Previously searched by you
logo
CompTIA Cybersecurity CySA+ (CS0- 001): Practice Test #1 of 2 - Results $13.49   Add to cart
Quickly navigate to
Preview
  2.  
  3. CompTIA Cybersecurity CySA+ : Practice T
  4.  
  5. CompTIA Cybersecurity CySA+ : Practice T

Exam (elaborations)

CompTIA Cybersecurity CySA+ (CS0- 001): Practice Test #1 of 2 - Results
 1 view  0 purchase
  • Course
  • CompTIA Cybersecurity CySA+ : Practice T
  • Institution
  • CompTIA Cybersecurity CySA+ : Practice T

Which of the following statements best describes an audit file? ​ A.It updates lists of scanned hosts, to avoid unnecessarily rescanning these hosts. ​ B.It produces a list of vulnerabilities found on scanned hosts. ​ C.It produces a list of the hosts that are scanned. ​ D.It gives ...

[Show more]

Preview 4 out of 41  pages

Document information

  • April 8, 2022
  • 41
  • 2021/2022
  • Exam (elaborations)
  • Questions & answers

Subjects

  • comptia cybersecurity cysa cs0 001 practice test 1 of 2 results
  • which of the following statements best describes an audit file
  • which of the following are two types of requirements in the sdlc

Written for

  • CompTIA Cybersecurity CySA+ : Practice T
All documents for this subject (1)

Seller

avatar-seller
EvaTee

Reviews received

Content preview

CompTIA Cybersecurity CySA+ (CS0-
001): Practice Test #1 of 2 - Results

Which of the following statements best describes an audit file?

A.It updates lists of scanned hosts, to avoid unnecessarily rescanning these hosts.

B.It produces a list of vulnerabilities found on scanned hosts.

C.It produces a list of the hosts that are scanned.

D.It gives instructions used to assess the configuration of endpoints and network
devices against a compliance policy. Correct answer- 1D.It gives instructions used to
assess the configuration of endpoints and network devices against a compliance policy.

Explanation
Correct Answer: An audit file in Nessus gives the scan instructions used to assess the
configuration of endpoints and network devices against a compliance policy.
Incorrect Answers: An audit file is used prior to the scan and does not produce any lists
or results after a scan.

Which of the following are two types of requirements in the SDLC model?

A.Nonfunctional and performance requirements

B.Functional and nonfunctional requirements

C.Functional and performance requirements

D.Functional and security requirements Correct answer- B.Functional and nonfunctional
requirements

Explanation
Correct Answer: Functional requirements describe what the software must do, and
nonfunctional requirements describe how the software must do these things—or what
the software must be like.


Incorrect Answers:
A.Performance requirements are nonfunctional requirements. Performance
requirements dictate how well the software must function, which is a nonfunctional
requirement.

,D.A security requirement defines the behaviors and characteristics a system must
possess in order to achieve and maintain an acceptable level of security by itself, and in
its interactions with other systems.
Security requirements are also nonfunctional requirements.

Which of the following is an effective way that attackers can use an organization's
bandwidth to hide data exfiltration?

A.By exfiltrating data during periods of low use.

B.By hiding data exfiltration during periods of peak use.

C.By attaching sensitive data to otherwise innocuous data while exfiltrating it.

D.By downloading information quickly before getting caught Correct answer- B.By
hiding data exfiltration during periods of peak use.

Explanation
Correct Answer:
Patient attackers can hide data exfiltration during periods of peak use by using a low-
and-slow approach that can make them exceptionally difficult to detect if administrators
are just looking at network traffic. Most attackers, however, will attempt to download
sensitive information quickly and thus generate distinctive signals.

Incorrect Answers: Each of these other methods will typically trigger alarms and alert
administrators to data leaving the network.

All of the following are common vulnerabilities that plague most systems within an
organization, EXCEPT:

A.Weak passwords

B.Misconfigured firewall rules

C.Missing patches or updates

D.Need for compensating controls Correct answer- D.Need for compensating controls

Explanation
Correct Answer: The need for compensating controls is not a vulnerability; it is actually
a mitigation for vulnerabilities that are not adequately addressed. A compensating
control is added to compensate for a weakness in an existing control, to make the
control stronger.

,Incorrect Answers: All of these other choices are common vulnerabilities found in most
organizations and affect a variety of systems.

During a penetration test exercise, which type of team is responsible for defending the
network against the penetration testers and simulated attacks?

A.Red team

B.Green team

C.Blue team

D.White team Correct answer- C.Blue team

Explanation
Correct Answer: The blue team is the focus of the exercise, as they are defending the
network being tested. Their response capabilities and procedures reflect how effective
the penetration testing team, also known as the red team, is in its attacks.
Incorrect Answers: The red team is the penetration testing team, the blue team the
defenders, the white team is composed of the exercise planners and coordinators, and
green team is not a valid answer.

A large number of ARP queries might indicate which of the following type of attack?

A.TCP SYN flood

B.Cross-site scripting (XSS) attack

C.Ping sweep

D.Man-in-the-middle (MITM) attack Correct answer- C.Ping sweep

Explanation
Correct Answer: A large amount of ARP queries could indicate that the organization's
systems are being scanned, such as during a ping sweep, so the hosts' MAC addresses
can be resolved to IP addresses. This is merely a reconnaissance activity designed to
map out the network.
Incorrect Answers:
These other choices are active attacks not related to reconnaissance.

D. A man-in-the-middle (MITM) attack involves an attacker inserting himself into an
active conversation.
A cross-site scripting (XSS) attack is a web-based attack and does not involve
generating ARP traffic.

, A TCP SYN flood involves sending a large amount of TCP segments with the
synchronize (SYN) flag set but never completing the three-way TCP handshake. This
causes a denial of service (DoS) condition for some hosts.

A routine vulnerability scan conducted weekly on different network segments is most
likely to be performed by which the following?

A.Blue team

B.Red team

C.White team

D.Green team Correct answer- A.Blue team

Explanation
Correct Answer: A blue team consists of network defenders and security administrators,
who would be responsible for routine security tasks such as patching and vulnerability
scanning.

Incorrect Answers: A red team is a penetration testing team, and a white team is
responsible for planning and coordinating the penetration test.


D.Finally, green team is an invalid answer.

Which of the following best describes a situation in which a mitigation would be most
likely to be selected to protect an asset from risk?

A.An asset that has a value of $10,000, which might incur $9,000 worth of damage in a
given risk scenario, but can be protected by a mitigation that costs $11,000

B.An asset that has a value of $10,000, which might incur $5000 worth of damage in a
given risk scenario, but can be protected by a mitigation that costs $1000
(Correct)

C.An asset that has a value of $10,000, which might incur $5000 worth of damage in a
given risk scenario, but can be protected by a mitigation that costs $10,000

D.An asset that has a value of $10,000, which might incur $500 worth of damage in a
given risk scenario, but can be protected by a mitigation that costs $1000 Correct
answer- B.An asset that has a value of $10,000, which might incur $5000 worth of
damage in a given risk scenario, but can be protected by a mitigation that costs $1000

All of the following are metrics associated with the Common Vulnerability Scoring
System (CVSS), EXCEPT:

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller EvaTee. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $13.49. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

79064 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$13.49
  • (0)
  Add to cart