100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
CySA+ (Cybersecurity Analyst) (1).p $7.99   Add to cart

Exam (elaborations)

CySA+ (Cybersecurity Analyst) (1).p

 2 views  0 purchase
  • Course
  • Institution

CySA+ (Cybersecurity Analyst) (1).p

Preview 2 out of 14  pages

  • August 1, 2024
  • 14
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
avatar-seller
CySA+ (Cybersecurity Analyst)
- ANS-

Word pool:
Procedures, Guidelines, Policies, Standards

___________ contain high-level statements of management intent

___________ provide mandatory requirements for how policies are carried out

___________ are a step-by-step process

___________ describes a best practice or recommendation - ANS-"Policies" contain high-level
statements of management intent

"Standards" provide mandatory requirements for how policies are carried out

"Procedures" are a step-by-step process

"Guidelines" describes a best practice or recommendation

What authentication protocol is best suited for untrusted networks? - ANS-Kerberos- it is
designed to run on untrusted networks and encrypts traffic by default

With 802.1x (port-based auth.), what is the name for the special piece of client software that
resides on the device requesting to join the network? - ANS-"Supplicant"

With 802.1x, what is the service that passes the authentication request along from the
supplicant (client device) to the authentication protocol (usually RADIUS)? -
ANS-"Authenticator"

What is the port for SQL Server? - ANS-TCP 1443

What is the port for Oracle? - ANS-TCP 1521

What are the 4 stages of a penetration test (in order)? - ANS-Planning, Discover, Attack,
Reporting

In a workplace "wargame" exercise, which team is defending and which team is attacking?

(HINT- there are 2 main teams, Red Team and Blue Team) - ANS--The Blue Team is defending.

, -The Red Team is attacking
***-The white/purple team acts as the referee

Any action that an organization takes to reduce the likelihood or impact of a risk is an example
of risk ___________ - ANS-"mitigation"

What are the 4 different categories of threats that an organization may face? (NIST) -
ANS-Adversarial, Accidental, Structural, and Environmental

What is the difference between a Technical control and an Operational control? - ANS-A
Technical control is a system, device, software, or setting that enforces security.

An Operational control is a practice/procedure that enforces security.

What are the 4 steps to a risk assessment? (NIST 800-30) - ANS-1) Prepare for assessment
2) Conduct assessment
3) Communicate results
4) Maintain assessment

______________ is used to create a map of an organizations networks, systems, and
infrastructure - ANS-"Footprinting"

What functions do the following flags perform with nmap?

-O
-sV
-P0 [# not letter]
-sS - ANS--O ... Attempts OS identification
-sV ... Grabs banners to detect detailed service info
-P0 ... Skips pinging prior to scanning
-sS ... Sends connection attempts to verify port response (using a TCP SYN packet)

What is the difference between active footprinting and passive footprinting? - ANS-Active
footprinting uses tools such as port scanners and network mappers to create a reconnaissance
topology, while passive footprinting uses logs and available data to perform the same function

__________ is a Cisco network protocol that collects IP traffic information, allowing network
monitoring (generally used for creating baselines and identifying unexpected behavior -
ANS-"Netflow"

What command can be used to see detailed info about open ports on a local host [on Windows,
Linux and Unix]? - ANS-netstat

What functions do the following flags perform with netstat?

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller modockochieng06. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $7.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

79271 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$7.99
  • (0)
  Add to cart