Note! Following CS0-001 Exam is Retired now. Please select the alternative replacement for your Exam Certification. The new exam code is CS0-002

CS0-001 Exam Dumps - CompTIA CySA+ Certification Exam

Go to page:

<< First
Prev
1
2
3
4
5
6
7
8
9
Next
Last >>

Question # 57

Which of the following is a vulnerability that is specific to hypervisors?

DDoS

VLAN hopping

Weak encryption

WMescape

Full Access

Question # 58

A security analyst begins to notice the CPU utilization from a sinkhole has begun to spike. Which of the following describes what may be occurring?

Someone has logged on to the sinkhole and is using the device.

The sinkhole has begun blocking suspect or malicious traffic.

The sinkhole has begun rerouting unauthorized traffic.

Something is controlling the sinkhole and causing CPU spikes due to malicious utilization.

Full Access

Question # 59

After a recent security breach, it was discovered that a developer had promoted code that had been written to the production environment as a hotfix to resolve a user navigation issue that was causing issues for several customers. The code had inadvertently granted administrative privileges to all users, allowing inappropriate access to sensitive data and reports. Which of the following could have prevented this code from being released into the production environment?

Cross training

Succession planning

Automated reporting

Separation of duties

Full Access

Question # 60

Considering confidentiality and integrity, which of the following make servers more secure than desktops? (Select THREE).

VLANs

Trained operators

Physical access restriction

Processing power

Hard drive capacity

Full Access

Question # 61

The Chief Information Security Officer (CISO) has asked the security staff to identify a framework on which to base the security program. The CISO would like to achieve a certification showing the security program meets all required best practices. Which of the following would be the BEST choice?

OSSIM

SDLC

SANS

ISO

Full Access

Question # 62

A security analyst is reviewing a report from the networking department that describes an increase in network utilization, which is causing network performance issues on some systems. A top talkers report over a five-minute sample is included.

Given the above output of the sample, which of the following should the security analyst accomplish FIRST to help track down the performance issues?

Perform reverse lookups on each of the IP addresses listed to help determine if the traffic is necessary.

Recommend that networking block the unneeded protocols such as Quicktime to clear up some of the congestion.

Put ACLs in place to restrict traffic destined for random or non-default application ports.

Quarantine the top talker on the network and begin to investigate any potential threats caused by the excessive traffic.

Full Access

Question # 63

A cybersecurity analyst has identified a new mission-essential function that utilizes a public cloud-based system. The analyst needs to classify the information processed by the system with respect to CIA. Which of the following should provide the CIA classification for the information?

The cloud provider

The data owner

The cybersecurity analyst

The system administrator

Full Access

Question # 64

A Linux-based file encryption malware was recently discovered in the wild. Prior to running the malware on a preconfigured sandbox to analyze its behavior, a security professional executes the following command:

umount â€“a â€“t cifs,nfs

Which of the following is the main reason for executing the above command?

To ensure the malware is memory bound.

To limit the malwareâ€™s reach to the local host.

To back up critical files across the network

To test if the malware affects remote systems

Full Access

Go to page: