CS0-001 Exam Details

  • Exam Code
    :CS0-001
  • Exam Name
    :CompTIA Cybersecurity Analyst (CySA+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :416 Q&As
  • Last Updated
    :Feb 05, 2022

CompTIA CS0-001 Online Questions & Answers

  • Question 111:

    The human resources division is moving all of its applications to an IaaS cloud. The Chief Information Officer (CIO) has asked the security architect to design the environment securely to prevent the IaaS provider from accessing its data-atrest and data-in-transit within the infrastructure. Which of the following security controls should the security architect recommend?

    A. Implement a non-data breach agreement
    B. Ensure all backups are remote outside the control of the IaaS provider
    C. Ensure all of the IaaS provider's workforce passes stringent background checks
    D. Render data unreadable through the use of appropriate tools and techniques

  • Question 112:

    The help desk informed a security analyst of a trend that is beginning to develop regarding a suspicious email that has been reported by multiple users. The analyst has determined the email includes an attachment named invoice.zip that contains the following files:

    Locky.js xerty.ini xerty.lib

    Further analysis indicates that when the .zip file is opened, it is installing a new version of ransomware on the devices. Which of the following should be done FIRST to prevent data on the company NAS from being encrypted by infected devices?

    A. Disable access to the company VPN.
    B. Move the files from the NAS to a cloud-based storage solution.
    C. Set permissions on file shares to read-only.
    D. Add the URL included in the .js file to the company's web proxy filter.

  • Question 113:

    A security analyst received an email with the following key:

    Xj3XJ3LLc

    A second security analyst received an email with following key:

    3XJ3xjcLLC

    The security manager has informed the two analysts that the email they received is a key that allows access to the company's financial segment for maintenance. This is an example of:

    A. dual control
    B. private key encryption
    C. separation of duties
    D. public key encryption
    E. two-factor authentication

  • Question 114:

    Several users have reported that when attempting to save documents in team folders, the following message is received:

    The File Cannot Be Copied or Moved ?Service Unavailable.

    Upon further investigation, it is found that the syslog server is not obtaining log events from the file server to which the users are attempting to copy files. Which of the following is the MOST likely scenario causing these issues?

    A. The network is saturated, causing network congestion
    B. The file server is experiencing high CPU and memory utilization
    C. Malicious processes are running on the file server
    D. All the available space on the file server is consumed

  • Question 115:

    A centralized tool for organizing security events and managing their response and resolution is known as:

    A. SIEM
    B. HIPS
    C. Syslog
    D. Wireshark

  • Question 116:

    The security operations team is conducting a mock forensics investigation. Which of the following should be the FIRST action taken after seizing a compromised workstation?

    A. Activate the escalation checklist
    B. Implement the incident response plan
    C. Analyze the forensic image
    D. Perform evidence acquisition

  • Question 117:

    A database administrator contacts a security administrator to request firewall changes for a connection to a new internal application.

    The security administrator notices that the new application uses a port typically monopolized by a virus.

    The security administrator denies the request and suggests a new port or service be used to complete the application's task.

    Which of the following is the security administrator practicing in this example?

    A. Explicit deny
    B. Port security
    C. Access control lists
    D. Implicit deny

  • Question 118:

    An analyst is troubleshooting a PC that is experiencing high processor and memory consumption. Investigation reveals the following processes are running on the system:

    lsass.exe csrss.exe wordpad.exe notepad.exe

    Which of the following tools should the analyst utilize to determine the rogue process?

    A. Ping 127.0.0.1.
    B. Use grep to search.
    C. Use Netstat.
    D. Use Nessus.

  • Question 119:

    The Chief Executive Officer (CEO) instructed the new Chief Information Security Officer (CISO) to provide a list of enhancement to the company's cybersecurity operation. As a result, the CISO has identified the need to align security operations with industry best practices. Which of the following industry references is appropriate to accomplish this?

    A. OSSIM
    B. NIST
    C. PCI
    D. OWASP

  • Question 120:

    A security analyst received several service tickets reporting that a company storefront website is not accessible by internal domain users. However, external users are accessing the website without issue. Which of the following is the MOST likely reason for this behavior?

    A. The FQDN is incorrect.
    B. The DNS server is corrupted.
    C. The time synchronization server is corrupted.
    D. The certificate is expired.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CS0-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.