CompTIA Cybersecurity Analyst (CySA+) Quiz Questions and Answers

A pharmaceutical company's marketing team wants to send out notifications about new products to alert users of recalls and newly discovered adverse drug reactions. The team plans to use the names and mailing addresses that users have provided. Which of the following data privacy standards does this violate?

Answer :
  • Purpose limitation

Ann, a user, reports to the security team that her browser began redirecting her to random sites while using her Windows laptop. Ann further reports that the OS shows the C: drive is out of space despite having plenty of space recently. Ann claims she did not download anything. The security team obtains the laptop and begins to investigate, noting the following: -File access auditing is turned off. -When clearing up disk space to make the laptop functional, files that appear to be cached web pages are immediately created in a temporary directory, filling up the available drive space. -All processes running appear to be legitimate processes for this user and machine. -Network traffic spikes when space is cleared on the laptop. -No browser is open. Which of the following initial actions and tools would provide the best approach to determining what is happening?

Answer :
  • Disable the network connection, check Sysinternals Process Explorer, and review netstat output

The computer incident response team at a multinational company has determined that a breach of sensitive data has occurred in which a threat actor has compromised the organization’s email system. As per the incident response procedures, this breach requires notifying the board immediately. Which of the following would be the best method of communication?

Answer :
  • VoIP phone call

During an investigation, an incident responder intends to recover multiple pieces of digital media. Before removing the media, the responder should initiate_______.

Answer :
  • Chain of custody forms

A security analyst has a sample of malicious software and needs to know what the sample does? The analyst runs the sample in a carefully controlled and monitored virtual machine to observe the software behavior. Which of the following malware analysis approaches is this?

Answer :
  • Sandboxing

Which of the following should be found within an organization's acceptable use policy?

Answer :
  • Consequences of violating the policy could include discipline up to and including termination.

Risk management wants IT to implement a solution that will permit an analyst to intercept, execute, and analyze potentially malicious files that are downloaded from the Internet. Which of the following would best provide this solution?

Answer :
  • Sandboxing

Joe, a penetration tester, used a professional directory to identify a network administrator and ID administrator for a client’s company. Joe then emailed the network administrator, identifying himself as the ID administrator, and asked for a current password as part of a security exercise. Which of the following techniques were used in this scenario?

Answer :
  • Social media profiling and phishing

A company just chose a global software company based in Europe to implement a new supply chain management solution. Which of the following would be the main concern of the company?

Answer :
  • Violating national security policy

What federal law requires the use of vulnerability scanning on information systems operated by federal government agencies?

Answer :
  • FISMA