Cys - Study guides, Class notes & Summaries

Service Enumeration The process of identifying the services running on a remote system. This is the main focus of Nmap port scanning. Reverse Proxy Positioned at the cloud network edge and directs traffic to cloud services if the contents of that traffic comply with the policy Skip Ad Security Operations Center (SOC) The location where security professionals monitor and protect critical information assets in an organization. NIST Special Publication 800-53 Revision 5 This document is cal...

A cybersecurity analyst receives a phone call from an unknown person with the number blocked on the caller ID. After starting conversation, the caller begins to request sensitive information. Which of the following techniques is being applied? A. Social engineering B. Phishing C. Impersonation D. War dialing CORRECT ANSWER A Which of the following is the main benefit of sharing incident details with partner organizations or external trusted parties during the incident response process? A...

DNS Sinkhole - Answer-Provide a response to a DNS query that does not resolve the IP address.. Instead targets the addresses for known malicious domains Role-Based access control (RBAC) - Answer-grants permissions based on a user's role or group. Reverse Engineering - Answer-the process of decontructing something in order to discover its features and constituents Banner grabbing - Answer-used to gain information about a computer system on a network and the services running on its open...

CySA Exam Review Questions & Answers 2024/2025 A recent zero-day vulnerability is being actively exploited, requires no user interaction or privilege escalation, and has a significant impact to confidentiality and integrity but not to availability. Which of the following CVE metrics would be most accurate for this zero-day threat? A. CVSS:31/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:K/A:L B. CVSS:31/AV:K/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L C. CVSS:31/AV:N/AC:L/PR:N/UI:H/S:U/C:L/I:N/A:H D. CVSS:31/AV:L...

CySA+ Exam 1 Questions & Answers 2024/2025 You suspect that a service called on a Windows server is malicious and you need to terminate it. Which of the following tools would NOT be able to terminate it? sc wmic - ANSWERS (OBJ-3.1: The security policy auditor () will allow an authorized administrator the option to change a great deal about an operating system, but it cannot explicitly stop a process or service that is already running. The command allows an analyst to ...

CySA+ (CS0-002) CompTIA Cybersecurity Analyst (CySA+) - 10/17/2022 Exam Prep Answered. An analyst needs to forensically examine a Windows machine that was compromised by a threat actor. Intelligence reports state this specific threat actor is characterized by hiding malicious artifacts, especially with alternate data streams. Based on this intelligence, which of the following BEST explains alternate data streams? A. A different way data can be streamlined if the user wants to use less memory on ...

CYSA Review Activities (CYSA Manual - COMPTIA) – Qs And As

CySA+ (CS0-002) CompTIA Cybersecurity Analyst (CySA+) - 10/17/2022 Exam Prep Answered. An analyst needs to forensically examine a Windows machine that was compromised by a threat actor. Intelligence reports state this specific threat actor is characterized by hiding malicious artifacts, especially with alternate data streams. Based on this intelligence, which of the following BEST explains alternate data streams? A. A different way data can be streamlined if the user wants to use less memory on ...

CySA+CS0-002 Exam Questions & Answers 2024/2025 An analyst needs to forensically examine a Windows machine that was compromised by a threat actor. Intelligence reports state this specific threat actor is characterized by hiding malicious artifacts, especially with alternate data streams. Based on this intelligence, which of the following BEST explains alternate data streams? A. A different way data can be streamlined if the user wants to use less memory on a Windows system for forking ...