CS0-002無料問題集「CompTIA Cybersecurity Analyst (CySA+) Certification」

質問 1

Given the output below:
#nmap 7.70 scan initiated Tues, Feb 8 12:34:56 2022 as: nmap -v -Pn -p 80,8000,443 --script http-* -oA server.out 192.168.220.42 Which of the following is being performed?

（A）Log4] check

（B）Cross-site scripting

（C）Local file inclusion attack

（D）Web server enumeration

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

A Chief Information Officer wants to implement a BYOD strategy for all company laptops and mobile phones. The Chief Information Security Officer is concerned with ensuring all devices are patched and running some sort of protection against malicious software. Which of the following existing technical controls should a security analyst recommend to best meet all the requirements?

（A）Port security

（B）EDR

（C）NAC

（D）Segmentation

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

An online gaming company was impacted by a ransomware attack. An employee opened an attachment that was received via an SMS attack on a company-issued mobile device while connected to the network. Which of the following actions would help during the forensic analysis of the mobile device? (Select TWO).

（A）Rebooting the phone and installing the latest security updates

（B）Documenting the respective chain of custody

（C）Resetting the phone to factory settings

（D）Unlocking the device by browsing the eFuse

（E）Performing a memory dump of the mobile device for analysis

（F）Uninstalling any potentially unwanted programs

正解：B、E 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

A team of network security analysts is examining network traffic to determine if sensitive data was exfiltrated. Upon further investigation, the analysts believe confidential data was compromised. Which of the following capabilities would BEST defend against this type of sensitive data exfiltration?

（A）Deploy an edge firewall.

（B）Deploy EDR.

（C）Encrypt the hard drives

（D）Implement DLP

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

A security analyst is investigating an active threat of the system memory. While narrowing down the source of the threat, the analyst is inspecting all processes to isolate suspicious activity Which of the following techniques is the analyst using?

（A）Logical acquisition

（B）Timeline analysis

（C）Live forensics

（D）Static acquisition

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

A security analyst is scanning the network to determine if a critical security patch was applied to all systems in an enterprise. The Organization has a very low tolerance for risk when it comes to resource availability. Which of the following is the BEST approach for configuring and scheduling the scan?

（A）Make sure the scan is credentialed, uses a ironed plug-in set, scans all host IP addresses in the enterprise, and is scheduled during off-business hours so it has the least impact on operations.

（B）Make sure the scan is credentialed, covers at hosts in the patch management system, and is scheduled during business hours so it can be terminated if it affects business operations.

（C）Make sure the scan is uncredentialed, covers at hosts in the patch management system, and Is scheduled during of business hours so it has the least impact on operations.

（D）Make sure the scan is credentialed, has the latest software and signature versions, covers all external hosts in the patch management system and is scheduled during off-business hours so it has the least impact on operations.

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

A new prototype for a company's flagship product was leaked on the internet As a result, the management team has locked out all USB drives Optical drive writers are not present on company computers The sales team has been granted an exception to share sales presentation files with third parties Which of the following would allow the IT team to determine which devices are USB enabled?

（A）Device encryption

（B）Data loss prevention

（C）SIEMIogs

（D）Asset tagging

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 8

A security analyst needs to provide a copy of a hard drive for forensic analysis.
Which of the following would allow the analyst to perform the task?

（A）

（B）

（C）

（D）

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

A security analyst identified some potentially malicious processes after capturing the contents of memory from a machine during incident response. Which of the following procedures is the NEXT step for further in investigation?

（A）Reverse engineering

（B）Data carving

（C）Timeline construction

（D）File cloning

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

A Chief Information Secunty Officer has asked for a list of hosts that have critical and high-seventy findings as referenced in the CVE database. Which of the following tools would produce the assessment output needed to satisfy this request?

（A）Nikto

（B）Wireshark

（C）Prowler

（D）Fuzzer

（E）Nessus

正解：E 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 11

Which of the following is the BEST option to protect a web application against CSRF attacks?

（A）Update the web application to the latest version.

（B）Configure the web application to only use HTTPS and TLS 1.3.

（C）Avoid the transmission of CSRF tokens using cookies.

（D）Set a server-side rate limit for CSRF token generation.

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 12

A security analyst needs to automate the incident response process for malware infections. When the following logs are generated, an alert email should automatically be sent within 30 minutes:

Which of the following is the best way for the analyst to automate alert generation?

（A）Implement email protection with SPF

（B）Create a custom rule on a SIEM

（C）Install a UEBA-capable antivirus

（D）Deploy a signature-based IDS

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 13

Which of the following BEST explains the function of a managerial control?

（A）To guide the development of training, education, security awareness programs, and system maintenance

（B）To create data classification, risk assessments, security control reviews, and contingency planning

（C）To help design and implement the security planning, program development, and maintenance of the security life cycle

（D）To ensure tactical design, selection of technology to protect data, logical access reviews, and the implementation of audit trails

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 14

During an investigation, an analyst discovers the following rule in an executive's email client:

The executive is not aware of this rule. Which of the following should the analyst do first to evaluate the potential impact of this security incident?

（A）Recommend that the management team implement SPF and DKIM.

（B）Remove the rule from the email client and change the password.

（C）Use the SIEM to correlate logging events from the email server and the domain server.

（D）Check the server logs to evaluate which emails were sent to <someaddress@domain,com>.

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 15

A security analyst reviews the following post-incident information to determine the origin and cause of a breach:

Based on this information, which of the following should the analyst record in the incident report related to the breach? (Select two).

（A）An on-path attack is impersonating the gateway.

（B）A reverse shell was used.

（C）Forensic analysis Should be performed on 192.168, 1.10.

（D）The /images folder should be scanned with anti-malware.

（E）Host 192.168.1.210 should be disconnected from the network.

（F）IP address 43.23.10.201 should be blocked at the firewall.

正解：B、F 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 16

An organization is performing a risk assessment to prioritize resources for mitigation and remediation based on impact. Which of the following metrics, in addition to the CVSS for each CVE, would best enable the organization to prioritize its efforts?

（A）Mission criticality

（B）OS or application versions

（C）System architecture

（D）Patch availability

（E）OS type

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 17

A security analyst discovers the accounting department is hosting an accounts receivable form on a public document service. Anyone with the link can access it. Which of the following threats applies to this situation?

（A）Cloud-based authentication attack

（B）Potential data loss to external users

（C）Loss of public/private key management

（D）Identification and authentication failures

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 18

Which of the following can detect vulnerable third-parly libraries before code deployment?

（A）Dynamic analysis

（B）Static analysis

（C）Protocol analysis

（D）Impact analysis

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 19

An organization has the following policy statements:
* AlI emails entering or leaving the organization will be subject to inspection for malware, policy violations, and unauthorized coolant.
* AM network activity will be logged and monitored.
* Confidential data will be tagged and tracked
* Confidential data must never be transmitted in an unencrypted form.
* Confidential data must never be stored on an unencrypted mobile device.
Which of the following is the organization enforcing?

（A）Encryption policy

（B）Data management, policy

（C）Data privacy policy

（D）Acceptable use policy

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 20

A routine vulnerability scan detected a known vulnerability in a critical enterprise web application. Which of the following would be the BEST next step?

（A）Submit a change request to have the system patched

（B）Remove the application from production and Inform the users.

（C）Evaluate the risk and criticality to determine it further action is necessary

（D）Notify a manager of the breach and initiate emergency procedures.

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

CS0-002 無料問題集「CompTIA Cybersecurity Analyst (CySA+) Certification」

弊社を連絡する

関連リンク

トップ試験