CYSA Practice Test Questions and Correct Answers

CYSA Practice Test Questions and Correct Answers I'm preparing to conduct a cybersecurity risk assessment for his organization. If he chooses to follow the standard process proposed by NIST, which one of the following steps would come first? A. Determine Likelihood B. Determine Impact C. Identify Threats D. Identify Vulnerabilities? - ANSWER C. ID Threats I'm conducting a CS risk assessment and am considering the impact that a failure of the city power grid might have on the org. What type of threat am I considering? A. Adversarial B. Accidental C. Structural D. Environmental - ANSWER D. Environmental Which one of the following is an example of an operational security control? A. Encryption software B. Network Firewall C. Antivirus D. Penetration Tests - ANSWER D. Penetration Tests I would like to implement a specialized firewall that can protect against SQL injection, cross-site scripting, and similar attacks. What tech should I choose? A. NGFW B. WAF C. Packet Filter D. Stateful Inspection - ANSWER B. WAF Which of the following measures is not commonly used to assess threat intel? A. Timeliness B. Detail C. Accuracy D. Relevance - ANSWER B. Detail I want to send threat info via a standardized protocol specifically designed to exchange cyberthreat info. What should I choose? A. STIX 1.0 B. OpenIOC C. STIX 2.0 D. TAXII - ANSWER D. TAXII