Cysa+ Exam Guide With Complete
Solutions Latest Update
DNS Sinkhole - correct answers Provide a response to a DNS query that does not resolve the IP address..
Instead targets the addresses for known malicious domains
Role-Based access control (RBAC) - correct answers grants permissions based on a user's role or group.
Reverse Engineering - correct answers the process of decontructing something in order to discover its features and constituents
Banner grabbing - correct answers used to gain information about a computer system on a network and the services running on its open ports. Administrators can use this to take inventory of the systems and services on their network.
Cross-site scripting XSS - correct answers a vulnerability in a web application that allows malicious users to execute arbitrary client side scripts.
Forensic Acquisition - correct answers The process of extracting the digital contents from seized evidence so that they may be analyzed
Fuzzing - correct answers techniqued used to discover flaws and vulnerabilities in software by sending large amounts of malformed, unexpected, or random data to the target programs in order to trigger failures
Netstat - correct answers command-line interface tool that provides information on the status of network connections and listening sockets Input validation - correct answers an approach to protecting systems from abnormal user input by testing the data provided against appropriate values. (cha p 14)
Interception Proxy - correct answers is a software tool that is inserted between two endpoints usually on the same network. to monitor traffic and help with security testing.
SQL injection - correct answers A code injection technique that exploits security vulnerabilities in the DB layer of an application.
Application Programing Interface - correct answers a set of subroutine definitions, protocols, and tools for building software. In general terms, it is a set of clearly defined methods of communication between various components.
types of NAC policy? - correct answers 1. location based
2 time based
3 Role Based
4 rule based
a padded cell - correct answers performs intrusion isolation -after detection, intruder is automatically transferred here, which resembles a real environment but is fake and attacker cannot perform any dangerous activities
-admin's can gather evidence here
A system that waits for an IDS to detect an attacker and then transfers the attacker to a special host where he or she cannot do any damage to the production environment.
firewalking - correct answers The concept of walking a firewall ACL or ruleset to determine what
it filters and how.
Armitage - correct answers gives you the users interface
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Schoolflix. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $14.99. You're not tied to anything after your purchase.