CompTIA Cybersecurity Analyst (CySA+) Quiz Questions and Answers
Tommy is assessing the security of several database servers in his datacenter and realizes that one of them is missing a critical Oracle security patch. What type of situation has Tommy detected?
Answer :
Vulnerability
Explanation :
In this scenario, Tommy identified a deficiency in the
security of his web server that renders it vulnerable to attack.
This is a security vulnerability. Tommy has not yet identified a
specific risk because he has not identified a threat (such as a
hacker) that might exploit this vulnerability.
Alex wants to prohibit software that is not expressly allowed by his organization’s desktop management team from being installed on workstations. What type of tool should he use?
Answer :
Blacklisting
Explanation :
Whitelisting software prevents software that is not on a
preapproved list from being installed. Blacklists prevent specific
software from being installed, whereas heuristic and signature based detection systems focus on behavior and specific
recognizable signatures respectively.
Robert’s organization has a Bring Your Own Device (BYOD) policy, and he would like to ensure that devices connected to the network under this policy have current antivirus software. What technology can best assist him with this goal?
Answer :
Network access control
Explanation :
Network access control (NAC) solutions are able to verify
the security status of devices before granting them access to the organization’s network. Devices not meeting minimum security standards may be placed on a quarantine network until they are remediated.
What flag does nmap use to enable operating system
identification?
Answer :
–o
Explanation :
Nmap’s operating system identification flag is –o. This
enables OS detection. –A also enables OS identification and
other features. –osscan with modifiers like –limit and –guess
set specific OS identification features. –os and –id are not nmap flags.
Which of the following Linux commands will show you how much disk space is in use?
Answer :
top
Explanation :
The df command will show you a system’s current disk
utilization. Both the top command and the ps command will
show you information about processes, CPU, and memory
utilization, whereas lsof is a multifunction tool for listing open
files.
Wayne is configuring a jump box server that system
administrators will connect to from their laptops. Which one of
the following ports should definitely not be open on the jump box?
Answer :
23
Explanation :
Port 23, used by the Telnet protocol, is unencrypted and
insecure. Connections should not be permitted to the jump box
on unencrypted ports. The services running on ports 22 (SSH),
443 (HTTPS), and 3389 (RDP) all use encryption.
Vincent is responding to a security incident that
compromised one of his organization’s web servers. He does not believe that the attackers modified or stole any information, but they did disrupt access to the organization’s website. What cybersecurity objective did this attack violate?
Answer :
Availability
Explanation :
In an availability attack, the attacker disrupts access to
information or a service by legitimate users. In this attack, the
attacker disrupted access to the organization’s website, violating
the principle of availabilit
Which of the following tools does not provide real-time drive capacity monitoring for Windows?
Answer :
Resmon
Explanation :
System Center Configuration Manager provides non-real time reporting for disk space. Resmon, perfmon, and SCOM can
all provide real-time reporting, which can help to identify
problems before they take a system down
What command-line tool can be used to determine the path
that traffic takes to a remote system?
Answer :
traceroute
Explanation :
Traceroute (or tracert on Windows systems) is a
command-line tool that uses ICMP to trace the route that a
packet takes to a host. Whois and nslookup are domain tools,
and routeview is not a command-line tool.
Karen is responding to a security incident that resulted from an intruder stealing files from a government agency. Those files contained unencrypted information about protected critical infrastructure. How should Karen rate the information impact of this loss?
Answer :
Proprietary breach
Explanation :
In a proprietary breach, unclassified proprietary
information is accessed or exfiltrated. Protected critical
infrastructure information (PCII) is an example of unclassified
proprietary information.