Cysa 2 - Study guides, Class notes & Summaries

Comptia CYSA+ Acronyms ½ Exam Review 2024/2025 3DES - ANS-Triple Digital Encryption Standard. A symmetric algorithm used to encrypt data and provide confidentiality. It was originally designed as a replacement for DES. It uses multiple keys and multiple passes and is not as efficient as AES, but is still used in some applications, such as when hardware doesn't support AES. ACL - ANS-Access Control List Access Control List (ACL) - ANS-A clearly defined list of permissions that specifi...

CYSA EXAM REVISED 2023.. LATEST UPDATE Confidentiality - ANSWER How secure does the data need to be? How secure is the information? Falure of condifentiality occurs if someone can obtain the a view the data Confidentiality best practices - ANSWER Physical Protections -Locked doors, fences, security guards, security cameras, Electronic Protections -Encryption (storage and in transit), passwords, firewalls, integrity - ANSWER How correct is the information? Has the data been modified...

CYSA EXAM TEST 2023 LATEST UPDATE Q1 A Chief Information Security Officer (CISO) is concerned developers have too much visibility into customer data. Which of the following controls should be implemented to BEST address these concerns? A. Data masking B. Data loss prevention C. Data minimization D. Data sovereignty - ANSWER A 2 A Chief Information Security Officer (CISO) is concerned the development team, which consists of contractors, has too much access to customer data. Develo...

CYSA Exam 2 QUESTION AND CORRECT ANSWERS Ty is reviewing the scan report for a Windows system joined to his organization's domain and finds the vulnerability shown here. What should be Ty's most significant concern related to this vulnerability? Window shows sections for 3 administrator account's password does not expire and threat, and options for first detected, last detected, vendor reference, user modified, et cetera. The presence of this vulnerability indicates that an at...

CYSA Exam 2 QUESTION AND CORRECT ANSWERS Ty is reviewing the scan report for a Windows system joined to his organization's domain and finds the vulnerability shown here. What should be Ty's most significant concern related to this vulnerability? Window shows sections for 3 administrator account's password does not expire and threat, and options for first detected, last detected, vendor reference, user modified, et cetera. The presence of this vulnerability indicates that an at...

All parts of a security policy should be public knowledge. True False - Answer False What reasons might a company forgo scanning a critical system? Too much time Confidentiality Backups already exist Costs too much - Answer Too much time & Costs too much What is the factor that determines scanning frequency characterized by an accepted amount of risk? Technical Constraints Risk Acceptance Risk Appetite Regulatory Requirements - Answer Risk Appetite An assessment scan is ...

CYSA Exam 2 QUESTION AND CORRECT ANSWERS Ty is reviewing the scan report for a Windows system joined to his organization's domain and finds the vulnerability shown here. What should be Ty's most significant concern related to this vulnerability? Window shows sections for 3 administrator account's password does not expire and threat, and options for first detected, last detected, vendor reference, user modified, et cetera. The presence of this vulnerability indicates that an at...

CYSA EXAM REVISED 2023.. LATEST UPDATE Confidentiality - ANSWER How secure does the data need to be? How secure is the information? Falure of condifentiality occurs if someone can obtain the a view the data Confidentiality best practices - ANSWER Physical Protections -Locked doors, fences, security guards, security cameras, Electronic Protections -Encryption (storage and in transit), passwords, firewalls, integrity - ANSWER How correct is the information? Has the data been modified...

CYSA EXAM 2023LATEST UPDATE VERIFIED SOLUTIONS What are the three key objectives of information security? - ANSWER Confidentiality, integrity, and availability Risk exists at the intersection of _______ and _________. - ANSWER Threats and vulnerabilities. What is the overall risk rating for a risk that has medium likelihood and high impact? - ANSWER High What type of system controls access to a network based on criteria such as time of day, location, device type, and system - AN...

CYSA EXAM TEST 2023 LATEST UPDATE Q1 A Chief Information Security Officer (CISO) is concerned developers have too much visibility into customer data. Which of the following controls should be implemented to BEST address these concerns? A. Data masking B. Data loss prevention C. Data minimization D. Data sovereignty - ANSWER A 2 A Chief Information Security Officer (CISO) is concerned the development team, which consists of contractors, has too much access to customer data. Develo...