100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Previously searched by you
Previously searched by you
logo
B.4 CompTIA CySA+ CS0-002 Certification Practice Exam Questions with 100% Correct Answers Graded A+ | Verified | Latest Update 2024, Actual Complete Solutions ,Garanteed Distinction R145,26   Add to cart
Quickly navigate to
Preview
  2.  
  3. CompTIA
  4.  
  5. CompTIA

Exam (elaborations)

B.4 CompTIA CySA+ CS0-002 Certification Practice Exam Questions with 100% Correct Answers Graded A+ | Verified | Latest Update 2024, Actual Complete Solutions ,Garanteed Distinction
 3 views  0 purchase
  • Course
  • CompTIA
  • Institution
  • CompTIA

B.4 CompTIA CySA+ CS0-002 Certification Practice Exam Questions with 100% Correct Answers Graded A+ | Verified | Latest Update 2024, Actual Complete Solutions ,Garanteed Distinction

Preview 3 out of 18  pages

Document information

  • August 2, 2024
  • 18
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers

Subjects

  • b4 comptia cysa cs0 002 certification practice e

Written for

  • CompTIA
  • CompTIA

Seller

avatar-seller
AnswersCOM

Reviews received

Content preview

B.4
CompTIA
CySA+
CS0-002
Certification
Practice
Exam
A
compromised
computer
that
is
used
by
an
attacker
to
conduct
malicious
activities,
like
DDoS
attacks,
is
known
as
a
_________?
Answer
Zombie
device
Keylogger
Trojan
IoT
device
-
ANS-Zombie
device
A
document
has
arrived
via
email
for
a
manager
at
your
company,
asking
for
payment
on
a
service
that
was
never
given.
When
you
spend
some
time
researching
this
issue,
you
find
that
several
other
people
have
received
the
same
or
similar
communications.
After
reviewing
the
information
from
a
Wireshark
packet
sniff
(a
portion
of
which
is
shown
here),
you
come
to
the
conclusion
that
the
email
address
is
spoofed.
How
did
you
arrive
at
this
conclusion?
Answer
The
hex
value
"73
70
66
3d
66
61
69
6c"
indicates
the
country
of
origin
is
outside
of
the
company's.
The
"ARC-Authentication-Results"
text
does
not
show
up
for
properly
authenticated
email
messages.
The
IP
address
listed
is
93.99.104.212,
which
is
from
the
Czech
Republic.
The
packet
contains
the
text
"spf=fail".
-
ANS-The
packet
contains
the
text
"spf=fail".
After
having
calculated
the
MD5
hash
for
a
file,
you
need
to
compare
it
to
the
value
provided
by
the
vendor.
You
could
examine
each
character
to
ensure
it
is
correct,
but
PowerShell
has
a
utility
for
comparing
the
strings.
Which
of
the
following
would
be
an
example
of
that
command?
Answer
md5sum
--check
MD5SUM.txt
"2b8efe1bee907243f22c16e14032a5ea"
-eq
"2b8efe1bee907243f22c16e14032a5ea"
Get-FileHash
-Compare
-Algorithm
MD5
"2b8efe1bee907243f22c16e14032a5ea"
Get-Content
.\MD5SUM.txt
-eq
"2b8efe1bee907243f22c16e14032a5ea"
-
ANS-"2b8efe1bee907243f22c16e14032a5ea"
-eq
"2b8efe1bee907243f22c16e14032a5ea"
An
employee
not
authorized
to
release
news
to
the
press
speaks
to
a
reporter
about
upcoming
management
changes.
Which
sharing
policy
BEST
explains
why
this
shouldn't
happen?
Answer
Internet
Printed
materials
Company
social
media Employee
social
media
-
ANS-Printed
materials
As
you
gather
evidence
for
an
investigation,
you
need
to
make
a
copy
of
a
hard
disk
drive
that
includes
all
visible
files
as
well
as
any
unallocated
space.
It
needs
to
include
any
deleted
files,
metadata,
or
timestamps.
Which
of
the
following
options
would
be
BEST
for
this
task?
Answer
Use
string
searches
to
find
all
needed
information
before
copying
the
drive.
Hash
the
drive.
Make
a
forensic
copy
of
the
drive.
Make
a
logical
copy
of
the
drive.
-
ANS-Make
a
forensic
copy
of
the
drive.
As
you
review
your
network's
storage
shares
to
ensure
permissions
have
been
securely
defined,
you
come
across
the
following
list
of
users
and
permissions
set
to
a
share
on
one
of
your
key
storage
locations.
Two
of
the
regular
users
should
have
Read
and
Write
permissions
(Bob
Barker
and
Jennifer
Banks).
The
two
other
individuals
should
not
(Joseph
Lange
and
Bob
Marley),
who
were
both
given
access
during
a
specific
project
but
should've
had
their
Write
permissions
removed
afterward.
What
is
it
called
when
permissions
are
given
for
a
task
but
then
never
removed
when
they
are
no
longer
required?
Answer
Privilege
creep
Account
elevation
Privilege
elevation
SAM
database
creep
-
ANS-Privilege
creep
The
answer
is
privilege
creep,
which
is
the
gradual
accumulation
of
permissions
beyond
what
a
person
requires
to
do
their
job.
Converting
the
word
ATTACK
to
\u0041
\u0054
\u0054
\u0041
\u0043
\u004b
is
an
example
of
what
technique?
Answer
Encryption
Unicode
evasion
Insertion
attack
Polymorphic
code
-
ANS-Unicode
evasion
Dan
wants
to
implement
reconnaissance
countermeasures
to
help
protect
his
DNS
service.
Which
of
the
following
actions
should
he
take?
Answer
Limit
the
sharing
of
critical
information
in
press
releases,
annual
reports,
product
catalogs,
or
marketing
materials.
Install
patches
against
known
vulnerabilities
and
clean
up
out-of-date
zones,
files,
users,
and
groups.
Review
company
websites
to
see
which
type
of
sensitive
information
is
being
shared. Implement
policies
that
restrict
the
sharing
of
sensitive
company
information
on
employees'
personal
social
media
pages.
-
ANS-Install
patches
against
known
vulnerabilities
and
clean
up
out-of-date
zones,
files,
users,
and
groups.
During
which
phase
of
the
incident
response
life
cycle
do
you
reinforce
your
systems,
policies,
and
procedures
to
ensure
that
your
resources
are
well
secured?
Answer
Containment
Post-incident
feedback
Preparation
Post-incident
activity
-
ANS-Preparation
During
which
phase
of
the
Kill
Chain
framework
does
an
intruder
extract
or
destroy
data?
Answer
Weaponization
Action
on
Objectives
Command
and
Control
Exploitation
-
ANS-Action
on
Objectives
During
which
phase
of
the
Kill
Chain
framework
is
malware
code
encapsulated
into
commonly
used
file
formats,
such
as
PDF
files,
image
files,
or
Word
documents?
Answer
Delivery
Command
and
Control
Weaponization
Exploitation
-
ANS-Weaponization
Each
virtual
machine
created
by
a
hypervisor
is
called
a:
Answer
VDI
Guest
Thin
client
Zombie
-
ANS-Guest
Fred
runs
a
small
manufacturing
shop.
He
produces
consumer
goods
on
his
equipment.
Suppose
Fred
has
six
stamp
presses
each
valued
at
$35,000.
At
any
given
time,
two
of
his
presses
might
be
out
of
service
due
to
mechanical
breakdowns
or
required
upgrades.
What
is
Fred's
single
loss
expectancy?
Answer
$35,000
$70,000
$0
$105,000
-
ANS-$70,000

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through EFT, credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying this summary from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller AnswersCOM. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy this summary for R145,26. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

83662 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy summaries for 14 years now

Start selling
R145,26
  • (0)
  Buy now