Solution and Answer Guide
COMPTIA CYSA+ GUIDE TO CYBERSECURITY ANALYST (CS0-003) 3RD EDITION 2025 BY MARK
CIAMPA
CHAPTER 1-12
CHAPTER 1: TECHNOLOGY UNDERPINNINGS
TABLE OF CONTENTS
Review Questions ........................................................................................................................................ 1
Case Projects ............................................................................................................................................... 7
Case Project 1-1: #TrendingCyber ............................................................................................................ 7
Case Project 1-2: Lack of Knowledge by Job Applicants......................................................................... 8
Case Project 1-3: Container Security ........................................................................................................ 8
Case Project 1-4: Serverless Security ....................................................................................................... 9
Case Project 1-5: SDN Vulnerabilities ..................................................................................................... 9
Case Project 1-6: U.S. Critical Infrastructures ........................................................................................ 10
Activity Rubric .......................................................................................................................................... 11
REVIEW QUESTIONS
1. Which of the following is NOT correct about JSON?
A. It stores data in a tree structure.
B. It is compact and easy to read and write.
C. It creates files that can be transmitted quickly.
D. It executes quickly.
Answer: A. It stores data in a tree structure.
Explanation: It stores data in a tree structure.
2. Which of the following is NOT a common scripting language?
D. RegExBa
Answer: D. RegExBa
Explanation: Common scripting languages are Visual Basic for Applications, shell scripts, and
PowerShell.
3. Which of the following is NOT a cybersecurity skill for which the CySA+ certification will equip the
user?
A. Equip to demonstrate competency regarding current cyberattacks and defenses.
B. Equip to respond to threats, attacks and vulnerabilities and then communicate with stakeholders.
C. Equip to configure a firewall.
D. Equip to proactively monitor and detect systems by analyzing indicators of malicious activity
using the most up-to-date methods and tools.
Answer: C. Equip to configure a firewall.
Explanation: CompTIA CySA+ certification equips users to higher-level incident detection,
prevention, and response through continuous security monitoring.
4. What does the term ―serverless‖ mean?
A. The cloud network configuration does not require any servers.
B. Server resources are inconspicuous to the end user.
C. Servers are run as VMs.
D. All appliances are virtual and do not interact with physical servers.
Answer: B. Server resources are inconspicuous to the end user.
Explanation: Serverless does not mean that a server does not exist but only that it is opaque to end
users.
5. Which type of hypervisor runs directly on the computer’s hardware?
, Explanation: Type I hypervisors run directly on the computer’s hardware instead of the underlying
OS. Type I hypervisors are sometimes called "native" or "bare metal" hypervisors.
6. Which of the following is NOT correct about containers?
A. Containers start more quickly.
B. Containers reduce the necessary hard drive storage space to function.
C. Containers require a full OS whenever APIs cannot be used.
D. Containers include components like binary files and libraries.
Answer: C. Containers require a full OS whenever APIs cannot be used.
Explanation: Containers do not require a full OS but only the necessary OS components that are
needed for the specific application to execute.
7. Which of the following is NOT a characteristic of cloud computing?
A. Metered services
B. Delayed elasticity
C. On-demand self-service
D. Universal client support
Answer: B. Delayed elasticity
Explanation: Cloud computing has immediate elasticity, not delayed elasticity, meaning that
computing resources can be increased or decreased quickly to meet demands.
8. Which of the following is NOT a cloud computing cost savings?
A. Reduction in broadband costs
B. Resiliency
C. Scalability
D. Pay-per-use
Answer: A. Reduction in broadband costs
Explanation: Broadband costs will likely increase, not decrease, with cloud computing due to the
constant interaction of the cloud resources.
9. Which type of cloud is a combination of public and private clouds?
D. Consolidated
Answer: C. Hybrid
Explanation: A hybrid cloud combines public and private clouds.
10. Which computing location would be used to support IoT devices?
A. Edge
B. Fog
C. Off-premises
D. On-premises
Answer: A. Edge
Explanation: Edge computing is performed at or very near to the source of data instead of relying on
the cloud or on-prem for processing.
11. Which type of network segmentation makes use of virtual networks?
A. Full segmentation
B. Physical segmentation
C. Reverse segmentation
D. Logical segmentation
Answer: D. Logical segmentation
Explanation: Logical segmentation creates subnets via ―virtual networks‖ or through network
addressing schemes. Logical segmentation is more flexible than physical segmentation because it
requires no wiring or physical movement of network appliances to create the subnet, and automated
provisioning can simplify the configuration of the smaller networks.
12. Which of the following is the most secure for administration of a DMZ?
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller solutions. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $18.48. You're not tied to anything after your purchase.
