CySA+ Chapter 1
Firewall - ANS-Filters network connections based on source, destination, and port
Decompiler - ANS-Attempts to recover source code from binary code
Antivirus - ANS-Scans a system for malicious software
NAC - ANS-Determines what clients may access a wired or wireless network
GPO - ANS-Deploys configuration settings to multiple Windows systems
Hash - ANS-Creates a unique fingerprint of a file
Honeypot - ANS-System intentionally created to appear vulnerable
WAF - ANS-Protects against SQL injection attacks
1) Which one of the following objectives is not one of the three main objectives of CIA
triad?
A. Integrity
B. Nonrepudiation
C. Availability
D. Confidentiality - ANS-Nonrepudiation
2) Tommy is assessing the security of several database servers in his datacenter and
realizes that one of them is missing a critical Oracle security patch. What type of
situation has Tommy detected?
A. Risk
B. Vulnerability
C. Hacker
D. Threat - ANS-Vulnerability
3) Ben is preparing to conduct a cybersecurity risk assessment for his organization. If
he chooses to follow the standard process proposed by NIST, which one of the following
steps would come first?
, A. Determine likelihood
B. Determine impact
C. Identify threats
D. Identify vulnerabilities - ANS-Identify threats
4) Cindy is conducted a cybersecurity risk assessment and is considering the impact
that a failure of her city's power grid might have on the organization. What type of threat
is she considering?
A. Adversarial
B. Accidental
C. Structural
D. Environmental - ANS-Environmental
5) Which one of the following categories of threat requires that cybersecurity analysts
consider the capability, intent, and targeting of the threat source?
A. Adversarial
B. Accidental
C. Structural
D. Environmental - ANS-Adversarial
6) Vincent is responding to a security incident that compromised one of his
organization's web servers. He does not believe that the attackers modified or stole any
information, but they did disrupt access to the organization's web servers. He does not
believe that the attackers modified or stole any information, but they did disrupt access
to the organization's website. What cybersecurity objective did this attack violate?
A. Confidentiality
B. Nonrepudiation
C. Integrity
D. Availability - ANS-Availability
7) Which one of the following is an example of an operational security control?
A. Encryption software
B. Network firewall
C. Antivirus software
D. Penetration tests - ANS-Penetration tests
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller modockochieng06. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $7.99. You're not tied to anything after your purchase.