2021 BEST CYSA+ EXAM CS0-002 STUDY (SHORT FORM) Questions with solutions 100% solved
4 views 0 purchase
Course
CYSA+
Institution
CYSA+
2021 BEST CYSA+ EXAM CS0-002 STUDY
(SHORT FORM) Questions with solutions
100% solved
E An analyst is performing penetration testing and vulnerability assessment activities
against a new vehicle automation platform.
Which of the following is MOST likely an attack vector that is being utilize...
2021 BEST CYSA+ EXAM CS0-002 STUDY
(SHORT FORM) Questions with solutions
100% solved
E An analyst is performing penetration testing and vulnerability assessment activities
against a new vehicle automation platform.
Which of the following is MOST likely an attack vector that is being utilized as part of the
testing and assessment?
A. FaaS
B. RTOS
C. SoC
D. GPS
E. CAN bus
C An information security analyst observes anomalous behavior on the SCADA devices
in a power plant. This behavior results in the industrial generators overheating and destabilizing
the power supply.
Which of the following would BEST identify potential indicators of compromise?
, 2021 BEST CYSA+ EXAM CS0-002 STUDY
(SHORT FORM) Questions with solutions
100% solved
A. Use Burp Suite to capture packets to the SCADA device's IP.
B. Use tcpdump to capture packets from the SCADA device IP.
C. Use Wireshark to capture packets between SCADA devices and the management system.
D. Use Nmap to capture packets from the management system to the SCADA devices.
B Which of the following would MOST likely be included in the incident response
procedure after a security
breach of customer PII?
A. Human resources
B. Public relations
C. Marketing
D. Internal network operations center
A An analyst is working with a network engineer to resolve a vulnerability that was found
in a piece of legacy hardware, which is critical to the operation of the organization's production
, 2021 BEST CYSA+ EXAM CS0-002 STUDY
(SHORT FORM) Questions with solutions
100% solved
line. The legacy hardware does not have third-party support, and the OEM manufacturer of the
controller is no longer in operation. The analyst documents the activities and verifies these
actions prevent remote exploitation of the vulnerability.
Which of the following would be the MOST appropriate to remediate the controller?
A. Segment the network to constrain access to administrative interfaces.
B. Replace the equipment that has third-party support.
C. Remove the legacy hardware from the network.
D. Install an IDS on the network between the switch and the legacy equipment.
D A small electronics company decides to use a contractor to assist with the development
of a new FPGA-based device. Several of the development phases will occur off-site at the
contractor's labs.
Which of the following is the main concern a security analyst should have with this
arrangement?
, 2021 BEST CYSA+ EXAM CS0-002 STUDY
(SHORT FORM) Questions with solutions
100% solved
A. Making multiple trips between development sites increases the chance of physical damage to
the FPGAs.
B. Moving the FPGAs between development sites will lessen the time that is available for
security testing.
C. Development phases occurring at multiple sites may produce change management issues.
D. FPGA applications are easily cloned, increasing the possibility of intellectual property theft.
A Which of the following would explain the difference in results?
A. ICMP is being blocked by a firewall.
B. The routing tables for ping and hping3 were different.
C. The original ping command needed root permission to execute.
D. hping3 is returning a false positive.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller UpperClass. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $32.99. You're not tied to anything after your purchase.
