CySA Exam Questions with Answers

CySA Exam Questions with Answers Which one of the following objectives is not one of the three main objectives that information security professionals must achieve to protect their organizations against cybersecurity ...

CySA Exam Questions with Answers Which one of the following objectives is not one of the three main objectives that information security professionals must achieve to protect their organizations against cybersecurity threats? -Answer- nonrepudiation Tommy is assessing the security database servers in his datacenter and realizes that one of them is missing a critical Oracle security patch. What type of situation has Tommy detected? -Answer- vulnerability Ben is preparing to conduct a cybersecurity risk assessment for his organization. If he chooses to follow the standard process proposed by NIST, which one of the following steps would come first? -Answer- Identify threats Cindy is conducting a cybersecurity risk assessment and is considering the impact that a failure of her city's power grid might have on the organization. What type of threat is she considering? -Answer- environmental Which one of the following categories of threat requires that cybersecurity analysts consider the capability, intent and targeting of the threat source? -Answer- adversarial Vincent is responding to a security incident that compromised one of his organization's web servers. He does not believe that the attackers modified or stole any information, but they did disrupt access to the organization's website. What cybersecurity objective did this attack violate? -Answer- availability Which one of the following is an example of an operational security control? -Answer- penetration tests Encryption software, network firewalls, and antivirus software are all examples of _________________ security controls. -Answer- technical Paul recently completed a risk assessment and determined that his network was vulnerable to hackers connecting to open ports on servers. He implemented a network firewall to reduce the likelihood of a successful attack. What risk management strategy did Paul choose to pursue? -Answer- risk mitigation Robert's organization has a BYOD policy, and he would like to ensure that devices connected to the network under this policy have current antivirus software. What technology can best assist him with this goal? -Answer- network access control When performing 802.1x authentication, what protocol does the authenticator use to communicate with the authentication server? -Answer- RADIUS Juan is configuring a new device that will join his organization's wireless network. The wireless network uses 802.1x authentication. What type of agent must be running on the device for it to join this network? -Answer- 802.1x supplicant Rick is preparing a firewall rule that will allow network traffic from external systems to a web server running the HTTPS protocol. What TCP port must he allow to pass through the firewall? -Answer- 443 What type of firewall provides the greatest degree of contextual information and can include information about users and applications in its decision-making process? -Answer- Next Generation Firewalls Wayne is configuring a jump box server that system administrators will connect to from their laptops. Which port should definitely not be open on the jump box? -Answer- 23 Tom would like to deploy consistent security settings to all of his Windows settings simultaneously. What technology can he use to achieve this goal? -Answer- group policy object During what phase of a penetration test should the testers obtain written authorization to conduct the test? -Answer- planning Which step occurs first during the attack phase of a penetration test? -Answer- gaining access Barry is participating in a cybersecurity wargame exercise. His role is to attempt to break into adversary systems. What team is he on? -Answer- red Which one of the following techniques might be used to automatically detect and block malicious software that does not match known malware signatures? -Answer- sandboxing Kevin would like to implement a specialized firewall that can protect against SQL injection, cross-site scripting, and similar attacks. What technology should he choose? -Answer- WAF What method is used to replicate DNS information for DNS servers but is also a tempting exploit target for attackers? -Answer- zone transfers ____________ is a suite of DNS security specifications. -Answer- DNSSEC What flag does nmap use to enable operating system identification? -Answer- -o What command line tool can be used to determine the path that traffic takes to a remote system? -Answer- traceroute