CompTIA CySA+ Practice Tests
Exam CS0-002
Mike Chapple, David Seidl
- English
- ePUB (mobile friendly)
- Available on iOS & Android
CompTIA CySA+ Practice Tests
Exam CS0-002
Mike Chapple, David Seidl
About This Book
Efficiently prepare yourself for the demanding CompTIA CySA+ exam
CompTIA CySA+ Practice Tests: Exam CS0-002, 2nd Edition offers readers the fastest and best way to prepare for the CompTIA Cybersecurity Analyst exam. With five unique chapter tests and two additional practice exams for a total of 1000 practice questions, this book covers topics including:
- Threat and Vulnerability Management
- Software and Systems Security
- Security Operations and Monitoring
- Incident Response
- Compliance and Assessment
The new edition of CompTIA CySA+ Practice Tests is designed to equip the reader to tackle the qualification test for one of the most sought-after and in-demand certifications in the information technology field today.
The authors are seasoned cybersecurity professionals and leaders who guide readers through the broad spectrum of security concepts and technologies they will be required to master before they can achieve success on the CompTIA CySA exam. The book also tests and develops the critical thinking skills and judgment the reader will need to demonstrate on the exam.
Frequently asked questions
Information
Chapter 1
Domain 1.0: Threat and Vulnerability Management
- 1.1 Explain the importance of threat data and intelligence.
- Intelligence sources
- Confidence levels
- Indicator management
- Threat classification
- Threat actors
- Intelligence cycle
- Commodity malware
- Information sharing and analysis communities
- 1.2 Given a scenario, utilize threat intelligence to support organizational security.
- Attack frameworks
- Threat research
- Threat modeling methodologies
- Threat intelligence sharing with supported functions
- 1.3 Given a scenario, perform vulnerability management activities.
- Vulnerability identification
- Validation
- Remediation/mitigation
- Scanning parameters and criteria
- Inhibitors to remediation
- 1.4 Given a scenario, analyze the output from common vulnerability assessment tools.
- Web application scanner
- Infrastructure vulnerability scanner
- Software assessment tools and techniques
- Enumeration
- Wireless assessment tools
- Cloud infrastructure assessment tools
- 1.5 Explain the threats and vulnerabilities associated with specialized technology.
- Mobile
- Internet of Things (IoT)
- Embedded
- Real-time operating system (RTOS)
- System-on-Chip (SoC)
- Field programmable gate array (FPGA)
- Physical access control
- Building automation systems
- Vehicles and drones
- Workflow and process automation systems
- Industrial control systems (ICS)
- Supervisory control and data acquisition (SCADA)
- 1.6 Explain the threats and vulnerabilities associated with operating in the cloud.
- Cloud service models
- Cloud deployment models
- Function as a service (FaaS)/serverless architecture
- Infrastructure as code (IaC)
- Insecure application programming interface (API)
- Improper key management
- Unprotected storage
- Logging and monitoring
- 1.7 Given a scenario, implement controls to mitigate attacks and software vulnerabilities.
- Attack types
- Vulnerabilities
- Olivia is considering potential sources for threat intelligence information that she might incorporate into her security program. Which one of the following sources is most likely to be available without a subscription fee?
- Vulnerability feeds
- Open source
- Closed source
- Proprietary
- During the reconnaissance stage of a penetration test, Cynthia needs to gather information about the target organization's network infrastructure without causing an IPS to alert the target to her information gathering. Which of the following is her best option?
- Perform a DNS brute-force attack.
- Use an nmap ping sweep.
- Perform a DNS zone transfer.
- Use an nmap stealth scan.
- Roger is evaluating threat intelligence information sources and finds that one source results in quite a few false positive alerts. This lowers his confidence level in the source. What criteria for intelligence is not being met by this source?
- Timeliness
- Expense
- Relevance
- Accuracy
- What markup language provides a standard mechanism for describing attack patterns, malware, threat actors, and tools?
- STIX
- TAXII
- XML
- OpenIOC
- A port scan of a remote system shows that port 3306 is open on a remote database server. What database is the server most likely running?
- Oracle
- Postgres
- MySQL
- Microsoft SQL
- Brad is working on a threat classification exercise, analyzing known threats and assessing the possibility of unknown threats. Which one of the following threat actors is most likely to be associated with an advanced persistent threat (APT)?
- Hacktivist
- Nation-state
- Insider
- Organized crime
- During a port scan of her network, Cynthia discovers a workstation that shows the following ports open. What should her next action be?
- Determine the reason for the ports being open.
- Investigate the potentially compromised workstation.
- Run a vulnerability scan to identify vulnerable services.
- Reenable the workstation's local host firewall.
- Charles is working with leaders of his organization to determine the types of information that should be gathered in his new threat intelligence program. In what phase of the intelligence c...