100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Previously searched by you
Previously searched by you
logo
B.4 CompTIA CySA+ CS0-002 Certification Practice Exam (1). $7.99   Add to cart
Quickly navigate to
Preview
  2.  
  3. Business Research Methods
  4.  
  5. Business Research Methods
  6.  
  7. Business Research Methods

Exam (elaborations)

B.4 CompTIA CySA+ CS0-002 Certification Practice Exam (1).
 2 views  0 purchase
  • Course
  • Business Research Methods
  • Institution
  • Business Research Methods

B.4 CompTIA CySA+ CS0-002 Certification Practice Exam (1).

Preview 3 out of 18  pages

Document information

  • August 1, 2024
  • 18
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers

Subjects

  • b4 comptia cysa cs0 002 certification practice e

Written for

  • Business Research Methods
All documents for this subject (67)

Seller

avatar-seller
modockochieng06

Content preview

B.4 CompTIA CySA+ CS0-002 Certification Practice
Exam
Some Remote Access Trojans (RATs) install a web server to allow access to the infected
machine. Others use a custom application that is run on the remote machine, such as ProRAT.
Once infected with this custom application, which other types of infections are possible with this
tool installed? (Select two.)
Answer
Rootkit
Network enumeration
DDoS attack
Ransomware
SYN attack - ANS-Rootkit
Ransomware

Which of the following BEST describes a phishing attack?
Answer
This attack is used to intercept communications between an authorized user and the web
server.
A user is tricked into believing that a legitimate website is requesting their login information.
An attacker alters the XSS to run a Trojan horse with the victim's web browser.
In this attack, attackers use various weaknesses to hack into seemingly secure passwords. -
ANS-A user is tricked into believing that a legitimate website is requesting their login
information.

Tom, a security analyst, is notified by Karen, an employee, that her work iPad has some setting
changes and a new app that she didn't download. What is the first step Tom should take?
Answer
Look through the event log for suspicious events.
Ask Karen to turn off the device.
Search online for any new known malware threats that match the indicators of compromise
(IOCs).
Run an antivirus software scan on Karen's device and scan the entire network. - ANS-Run an
antivirus software scan on Karen's device and scan the entire network.

Which of the following tools can be used to create botnets?
Answer
Shark, PlugBot, and Poison Ivy
Poison Ivy, Targa, and LOIC
Trin00, Targa, and Jolt2
Jolt2, PlugBot, and Shark - ANS-Shark, PlugBot, and Poison Ivy

,You have configured your pfsense firewall to block URLs using DNS. You have selected the
block lists that work best for your company's needs. You have tested on your machine and traffic
to those sites in the list are blocked as expected. As you walk through your office several
months later, you notice that a user is on a site that is supposed to be blocked.
What might explain this?
Answer
The DNS cache on the user's local machine contains the information for that site.
The service has stopped and is no longer functioning.
Your firewall allows DNS requests to outside DNS servers.
The user has hacked your firewall to allow their traffic through. - ANS-Your firewall allows DNS
requests to outside DNS servers.

Which of the following is the process of obfuscating data by changing it into random characters?
Answer
Data privacy
Data masking
Encryption
Tokenization - ANS-Data masking

Which type of breach happens when an attacker removes or transfers data from your system to
another?
Answer
Insider data breach
Data integrity and availability
Data exfiltration
Accidental data breach - ANS-Data exfiltration

You have been asked to perform a penetration test for a company to see if any sensitive
information can be captured by a potential hacker. You have used Wireshark to capture a series
of packets. Using the tcp contains Invoice filter, you have found one packet. Using the captured
information shown, which of the following is the name of the company requesting payment?
Answer
Lowes
Wood Specialist
ACME, Inc.
The Home Depot - ANS-ACME, Inc.

Where should VM administration occur?
Answer
On the virtual machine
On the hypervisor
On the hypervisor and virtual machine
On the host machine - ANS-On the hypervisor and virtual machine

, You are working on firewall evasion countermeasures and are specifically looking for a tool to
expose TTL vulnerabilities. Which of the following tools would you use?
Answer
Tunneling
KFSensor
Firewalking
Traffic IQ Professional - ANS-Firewalking

URL and DNS monitoring, flow and packet analysis, and DGA monitoring are all methods to
secure data in which of the following areas?
Answer
Heuristics
Trend analysis
Endpoint monitoring
Network monitoring - ANS-Network monitoring

Which of the following is a data protection approach that seeks to protect data at the file level?
Answer
Central policy
Privilege escalation
Data loss prevention
Rights management - ANS-Rights management

Spencer is in charge of his company's websites and performing countermeasures. His company
uses IIS. What is the BEST countermeasure for his situation?
Answer
Disable IIS.
Hide IIS banner broadcast.
Disable all Windows services.
Disable Linux services. - ANS-Hide IIS banner broadcast.

Using a fictitious scenario to persuade someone to perform an action or give information they
aren't authorized to share is called which of the following?
Answer
Pretexting
Preloading
Impersonation
Footprinting - ANS-Pretexting

Which of the following is the process of determining the configuration of ACLs by sending a
firewall TCP and UDP packets?
Answer
Firewalking

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller modockochieng06. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $7.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

72841 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$7.99
  • (0)
  Add to cart