CS0-002無料問題集「CompTIA Cybersecurity Analyst (CySA+) Certification」

質問 1

A security analyst is investigating a data leak on a corporate website. The attacker was able to dump data by sending a crafted HTTP request with the following payload:

Which of the following systems would most likely have logs with details regarding the threat actor's requests?

（A）Cloud WAF

（B）TAXII server

（C）Hardware security module

（D）Internal proxy

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

An organization supports a large number of remote users. Which of the following is the best option to protect the data on the remote users' laptops?

（A）Require the use of VPNs.

（B）Require employees to sign an NDA.

（C）Implement a DLP solution.

（D）Use whole disk encryption.

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

You are a penetration tester who is reviewing the system hardening guidelines for a company. Hardening guidelines indicate the following.
There must be one primary server or service per device.
Only default port should be used
Non- secure protocols should be disabled.
The corporate internet presence should be placed in a protected subnet
Instructions :
Using the available tools, discover devices on the corporate network and the services running on these devices.
You must determine
ip address of each device
The primary server or service each device
The protocols that should be disabled based on the hardening guidelines

（A）see the answer below in explanation

正解：A 解答を投票する

Answer below images

質問 4

Which of the following BEST describes how logging and monitoring work when entering into a public cloud relationship with a service provider?

（A）Logging and monitoring are done by the service provider

（B）Logging and monitoring are done by the data owners

（C）Logging and monitoring duties are specified in the SLA and contract

（D）Logging and monitoring are not needed in a public cloud environment

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

A vulnerability scanner has identified an out-of-support database software version running on a server. The software update will take six to nine months to complete. The management team has agreed to a one-year extended support contract with the software vendor. Which of the following BEST describes the risk treatment in this scenario?

（A）The extended support mitigates any risk associated with the software.

（B）The extended support contract changes this vulnerability finding to a false positive.

（C）The company is transferring the risk for the vulnerability to the software vendor.

（D）The company is accepting the inherent risk of the vulnerability.

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

Given the Nmap request below:

Which of the following actions will an attacker be able to initiate directly against this host?

（A）An SQL injection

（B）A brute-force attack

（C）Password sniffing

（D）ARP spoofing

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

A digital forensics investigator works from duplicate images to preserve the integrity of the original evidence. Which of the following types of media are most volatile and should be preserved? (Select two).

（A）Temporary filesystems

（B）Registry file

（C）Swap volume

（D）Memory cache

（E）SSD storage

（F）Packet decoding

正解：C、D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 8

While reviewing abnormal user activity, a security analyst notices a user has the following fileshare activities:

Which of the following should the analyst do first?

（A）Remove the user's access for all fileshares.

（B）Lock the user account until the access can be explained.

（C）Shut down the servers while the access is investigated.

（D）Initiate the security incident response process for unauthorized access.

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

A cybersecurity analyst needs to Implement controls that will reduce the attack surface of a web server. Which of the following is the best proactive control?

（A）Performing vulnerability scans

（B）Disabling unused modules

（C）Installing a host-based IDS

（D）Sending logs to a remote server

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

An application must pass a vulnerability assessment to move to the next gate. Consequently, any security issues that are found must be remediated prior to the next gate. Which of the following best describes the method for end-to-end vulnerability assessment?

（A）Dynamic analysis

（B）Static analysis

（C）Stress testing

（D）Security regression testing

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 11

A manufacturing company has joined the information sharing and analysis center for its sector. As a benefit, the company will receive structured loC data contributed by other members. Which of the following best describes the utility of this data?

（A）The manufacturing company can automatically generate security configurations for all of Its Infrastructure.

（B）Other members will have visibility into Instances o' positive loC identification within me manufacturing company's corporate network.

（C）The manufacturing company will have access to relevant malware samples from all other manufacturing sector members.

（D）Other members will automatically adjust their security postures lo defend the manufacturing company's processes.

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 12

A cyber-security analyst is implementing a new network configuration on an existing network access layer to prevent possible physical attacks. Which of the following BEST describes a solution that would apply and cause fewer issues during the deployment phase?

（A）Configure 802.1X and EAPOL across the network

（B）Deploy network address protection with DHCP and dynamic VLANs.

（C）Implement software-defined networking and security groups for isolation

（D）Implement port security with one MAC address per network port of the switch.

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 13

An organization has specific technical nsk mitigation configurations that must be implemented before a new server can be approved for production Several critical servers were recently deployed with the antivirus missing unnecessary ports disabled and insufficient password complexity Which of the following should the analyst recommend to prevent a recurrence of this risk exposure?

（A）Perform antivirus scans on all devices before they are approved for production

（B）Perform automated security controls testing of expected configurations pnor to production

（C）Perform password-cracking attempts on all devices going into production

（D）Perform an Nmap scan on all devices before they are released to production

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 14

A code review reveals a web application is using lime-based cookies for session management. This is a security concern because lime-based cookies are easy to:

（A）parameterize.

（B）guess.

（C）decrypt.

（D）decode.

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 15

A security administrator needs to provide access from partners to an Isolated laboratory network inside an organization that meets the following requirements:
* The partners' PCs must not connect directly to the laboratory network.
* The tools the partners need to access while on the laboratory network must be available to all partners
* The partners must be able to run analyses on the laboratory network, which may take hours to complete Which of the following capabilities will MOST likely meet the security objectives of the request?

（A）Deployment of a firewall to allow access to the laboratory network and use of VDI in non-persistent mode to provide the necessary tools tor analysis

（B）Deployment of a jump box to allow access to the Laboratory network and use of VDI in non-persistent mode to provide the necessary tools for analysis

（C）Deployment of a firewall to allow access to the laboratory network and use of VDI In persistent mode to provide the necessary tools for analysis

（D）Deployment of a jump box to allow access to the laboratory network and use of VDI in persistent mode to provide the necessary tools for analysis

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 16

A company experienced a security compromise due to the inappropriate disposal of one of its hardware appliances. Sensitive information stored on the hardware appliance was not removed prior to disposal. Which of the following is the BEST manner in which to dispose of the hardware appliance?

（A）Ensure the hardware appliance has the ability to encrypt the data before disposing of it.

（B）Return the hardware appliance to the vendor, as the vendor is responsible for disposal.

（C）Establish guidelines for the handling of sensitive information.

（D）Dispose of all hardware appliances securely, thoroughly, and in compliance with company policies.

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 17

Which of the following are the most likely reasons to include reporting processes when updating an incident response plan after a breach? (Select two).

（A）To isolate potential insider threats

（B）To limit reputation damage caused by the breach

（C）To meet regulatory requirements for timely reporting

（D）To remediate vulnerabilities that led to the breach

（E）To provide secure network design changes

（F）To use the SLA to determine when to deliver the report

正解：B、C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 18

A security analyst responds to a series of events surrounding sporadic bandwidth consumption from an endpoint device. The security analyst then identifies the following additional details:
* Bursts of network utilization occur approximately every seven days.
* The content being transferred appears to be encrypted or obfuscated.
* A separate but persistent outbound TCP connection from the host to infrastructure in a third-party cloud is in place.
* The HDD utilization on the device grows by 10GB to 12GB over the course of every seven days.
* Single file sizes are 10GB.
Which of the following describes the most likely cause of the issue?

（A）Data exfiltration

（B）Memory consumption

（C）System update

（D）Botnet participant

（E）Non-standard port usage

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

CS0-002 無料問題集「CompTIA Cybersecurity Analyst (CySA+) Certification」

弊社を連絡する

関連リンク

トップ試験