CompTIA Cybersecurity Analyst (CySA+) Quiz Questions and Answers

Tommy is assessing the security of several database servers in his datacenter and realizes that one of them is missing a critical Oracle security patch. What type of situation has Tommy detected?

Answer :
  • Vulnerability

Explanation :

In this scenario, Tommy identified a deficiency in the security of his web server that renders it vulnerable to attack. This is a security vulnerability. Tommy has not yet identified a specific risk because he has not identified a threat (such as a hacker) that might exploit this vulnerability.

Alex wants to prohibit software that is not expressly allowed by his organization’s desktop management team from being installed on workstations. What type of tool should he use?

Answer :
  • Blacklisting

Explanation :

Whitelisting software prevents software that is not on a preapproved list from being installed. Blacklists prevent specific software from being installed, whereas heuristic and signature based detection systems focus on behavior and specific recognizable signatures respectively.

Robert’s organization has a Bring Your Own Device (BYOD) policy, and he would like to ensure that devices connected to the network under this policy have current antivirus software. What technology can best assist him with this goal?

Answer :
  • Network access control

Explanation :

Network access control (NAC) solutions are able to verify the security status of devices before granting them access to the organization’s network. Devices not meeting minimum security standards may be placed on a quarantine network until they are remediated.

What flag does nmap use to enable operating system identification?

Answer :
  • –o

Explanation :

Nmap’s operating system identification flag is –o. This enables OS detection. –A also enables OS identification and other features. –osscan with modifiers like –limit and –guess set specific OS identification features. –os and –id are not nmap flags.

Which of the following Linux commands will show you how much disk space is in use?

Answer :
  • top

Explanation :

The df command will show you a system’s current disk utilization. Both the top command and the ps command will show you information about processes, CPU, and memory utilization, whereas lsof is a multifunction tool for listing open files.

Wayne is configuring a jump box server that system administrators will connect to from their laptops. Which one of the following ports should definitely not be open on the jump box?

Answer :
  • 23

Explanation :

Port 23, used by the Telnet protocol, is unencrypted and insecure. Connections should not be permitted to the jump box on unencrypted ports. The services running on ports 22 (SSH), 443 (HTTPS), and 3389 (RDP) all use encryption.

Vincent is responding to a security incident that compromised one of his organization’s web servers. He does not believe that the attackers modified or stole any information, but they did disrupt access to the organization’s website. What cybersecurity objective did this attack violate?

Answer :
  • Availability

Explanation :

In an availability attack, the attacker disrupts access to information or a service by legitimate users. In this attack, the attacker disrupted access to the organization’s website, violating the principle of availabilit

Which of the following tools does not provide real-time drive capacity monitoring for Windows?

Answer :
  • Resmon

Explanation :

System Center Configuration Manager provides non-real time reporting for disk space. Resmon, perfmon, and SCOM can all provide real-time reporting, which can help to identify problems before they take a system down

What command-line tool can be used to determine the path that traffic takes to a remote system?

Answer :
  • traceroute

Explanation :

Traceroute (or tracert on Windows systems) is a command-line tool that uses ICMP to trace the route that a packet takes to a host. Whois and nslookup are domain tools, and routeview is not a command-line tool.

Karen is responding to a security incident that resulted from an intruder stealing files from a government agency. Those files contained unencrypted information about protected critical infrastructure. How should Karen rate the information impact of this loss?

Answer :
  • Proprietary breach

Explanation :

In a proprietary breach, unclassified proprietary information is accessed or exfiltrated. Protected critical infrastructure information (PCII) is an example of unclassified proprietary information.