CYSA EXAM 2023LATEST UPDATE VERIFIED SOLUTIONS

CYSA EXAM 2023LATEST UPDATE VERIFIED SOLUTIONS What are the three key objectives of information security? - ANSWER Confidentiality, integrity, and availability Risk exists at the intersection of _______ and _________. - ANSWER Threats and vulnerabilities. What is the overall risk rating for a risk that has medium likelihood and high impact? - ANSWER High What type of system controls access to a network based on criteria such as time of day, location, device type, and system - ANSWER Network access control What are the three networks typically connected to a triple-homed firewall? - ANSWER The Internet, an internal network, and a DMZ What is the TCP port for the HTTP protocol? - ANSWER 80 What is the TCP port for the HTTPS protocol? - ANSWER 443 What are the four types of firewalls? - ANSWER Packet filters, stateful inspection firewalls, next-generation firewalls, and web application firewalls. ______ may be used to apply settings to many different Windows systems at the same time. - ANSWER Group Policy Objects (GPOs) What are the four phases of penetration testing? - ANSWER Planning, Discovery, Attack, and Reporting What type of software can you use to enumerate the services that are accepting network connections on a remote system - ANSWER Port scanner What is the range of well-known ports? - ANSWER 0-1023 What is the range of registered ports? - ANSWER What is the most commonly used port scanner? - ANSWER nmap What Cisco logging level indicates a critical event? - ANSWER 2 What service is responsible for resolving domain names to IP addresses? - ANSWER DNS What tool can be used to determine the path between two systems over the Internet? - ANSWER Traceroute or tracert, depending on the operating system What service allows you to look up the registered owner of a domain name? - ANSWER Whois What type of data analysis looks for differences from expected behaviors? - ANSWER Anomaly analysis What type of data analysis predicts threats based on existing data? - ANSWER Trend analysis What regulation requires vulnerability scans for organizations involved in credit card processing? - ANSWER PCI DSS What regulation requires vulnerability scanning for federal government agencies? - ANSWER FISM