100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
CySA+ Exam guide (1) CA$11.47   Add to cart

Exam (elaborations)

CySA+ Exam guide (1)

 2 views  0 purchase

CySA+ Exam guide (1)

Preview 2 out of 10  pages

  • August 1, 2024
  • 10
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
All documents for this subject (480)
avatar-seller
modockochieng06
CySA+ Exam guide
- Configuration Errors
- Patch Status
-Administrative Vulnerabilities - ANS-types of concerns identified by the Microsoft Baseline
Security Analyzer.

1. Loss of revenue.
2. Loss of availability.
3. Loss of integrity.
4. Loss of confidentiality.
5. Loss of an asset. - ANS-factors that contribute to the scope of impact.

1. SECaaS cloud provider
2..Contracting a managed security service provider.
3. Using individual consults - ANS-the three general levels of security outsourcing

1. Typing patterns.
2. Time.
3. Location data. - ANS-examples of context-based authentication

1. update heuristics baselines
2. remove non-appicable - ANS-What you can do to reduce a high number of false positives
when performing vulnerability scanning

1. web search
2. website ripping
3. email harvesting.
4. Social media harvesing
5. DNS harvesting. - ANS-Tools to perform environmental reconnaissance

5 scope of impact factors governing incident prioritization - ANS-1. Recovery Time
2. Data integrity
3. Downtime
4.
5.

6 phases of the Kill Chain - ANS-1. Planning,
2. reconnaissance
3. Weaponization/ Exploitation
3. Lateral Movement. / discovery
4. Data exfiltration

, 3. re treat?

a federal statute requireing that data be protected to a certain level. - ANS-an example of the
regulatory environment affecting any information security management program.

a low and slow approach - ANS-used to ex filtrate data during periods of high bandwidth usage.

a padded cell - ANS-performs intrusion isolation
-after detection, intruder is automatically transferred here, which resembles a real environment
but is fake and attacker cannot perform any dangerous activities
-admin's can gather evidence here
A system that waits for an IDS to detect an attacker and then transfers the attacker to a special
host where he or she cannot do any damage to the production environment.

Adminitrative Controls - ANS-Security mechanisms implemented by

Air Gap - ANS-type of system isolation ensures that the host is physically disconnected from
any network

Application Programing Interface - ANS-a set of subroutine definitions, protocols, and tools for
building software. In general terms, it is a set of clearly defined methods of communication
between various components.

Armitage - ANS-gives you the users interface

Armitage - ANS-helps security professions better understand hacking and help them realize the
power and potential of Metasploit.

ARP Spoofing - ANS-Forging a MAC address in ARP messages. An attacker sends false ARP
information that contains the MAC address of the attacker's computer mapped to the IP of a
legitimate server, causing client to connect to attacker's PC.
or ARP poisoning, is a technique used by an attacker to,inject the wrong MAC address
association into a network by issuing fake ARP requests. An attacker forges the MAC address
of a device and then frames can be sent to the wrong destination.

ARP spooling , ARP cache poising routing, or ARP poison routing. - ANS-is a technique by
which an attacker sends (spoofed) Address Resolution Protocol (ARP) messages onto a local
area network. ... ARP spoofing may allow an attacker to intercept data frames on a network,
modify the traffic, or stop all traffic.

Authenticated scan - ANS-requires credentials. you must be authenticated to a host in order for
the scan to properly work.

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller modockochieng06. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for CA$11.47. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

79271 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
CA$11.47
  • (0)
  Add to cart