CS0-001 Exam Details

  • Exam Code
    :CS0-001
  • Exam Name
    :CompTIA Cybersecurity Analyst (CySA+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :416 Q&As
  • Last Updated
    :Feb 05, 2022

CompTIA CS0-001 Online Questions & Answers

  • Question 141:

    An analyst wants to use a command line tool to identify open ports and running services on a host along with the application that is associated with those services and port. Which of the following should the analyst use?

    A. Wireshark
    B. Qualys
    C. netstat
    D. nmap
    E. ping

  • Question 142:

    A malicious hacker wants to gather guest credentials on a hotel 802.11 network. Which of the following tools is the malicious hacker going to use to gain access to information found on the hotel network?

    A. Nikto
    B. Aircrak-ng
    C. Nessus
    D. tcpdump

  • Question 143:

    A security analyst is concerned that unauthorized users can access confidential data stored in the production server environment. All workstations on a particular network segment have full access to any server in production. Which of the following should be deployed in the production environment to prevent unauthorized access? (Choose two.)

    A. DLP system
    B. Honeypot
    C. Jump box
    D. IPS
    E. Firewall

  • Question 144:

    Which of the following is the MOST secure method to perform dynamic analysis of malware that can sense when it is in a virtual environment?

    A. Place the malware on an isolated virtual server disconnected from the network.
    B. Place the malware in a virtual server that is running Windows and is connected to the network.
    C. Place the malware on a virtual server connected to a VLAN.
    D. Place the malware on a virtual server running SIFT and begin analysis.

  • Question 145:

    Which of the following principles describes how a security analyst should communicate during an incident?

    A. The communication should be limited to trusted parties only.
    B. The communication should be limited to security staff only.
    C. The communication should come from law enforcement.
    D. The communication should be limited to management only.

  • Question 146:

    Which of the following remediation strategies are MOST effective in reducing the risk of a network-based compromise of embedded ICS? (Select two.)

    A. Patching
    B. NIDS
    C. Segmentation
    D. Disabling unused services
    E. Firewalling

  • Question 147:

    A penetration tester is preparing for an audit of critical systems that may impact the security of the environment. This includes the external perimeter and the internal perimeter of the environment. During which of the following processes is this type of information normally gathered?

    A. Timing
    B. Scoping
    C. Authorization
    D. Enumeration

  • Question 148:

    A security analyst's daily review of system logs and SIEM showed fluctuating patterns of latency. During the analysis, the analyst discovered recent attempts of intrusion related to malware that overwrites the MBR. The facilities manager informed the analyst that a nearby construction project damaged the primary power lines, impacting the analyst's support systems. The electric company has temporarily restored power, but the area may experience temporary outages.

    Which of the following issues the analyst focus on to continue operations?

    A. Updating the ACL
    B. Conducting backups
    C. Virus scanning
    D. Additional log analysis

  • Question 149:

    A cybersecurity professional typed in a URL and discovered the admin panel for the e-commerce application is accessible over the open web with the default password. Which of the following is the MOST secure solution to remediate this vulnerability?

    A. Rename the URL to a more obscure name, whitelist all corporate IP blocks, and require two-factor authentication.
    B. Change the default password, whitelist specific source IP addresses, and require two-factor authentication.
    C. Whitelist all corporate IP blocks, require an alphanumeric passphrase for the default password, and require two-factor authentication.
    D. Change the username and default password, whitelist specific source IP addresses, and require two-factor authentication.

  • Question 150:

    A cybersecurity analyst is conducting a security test to ensure that information regarding the web server is protected from disclosure. The cybersecurity analyst requested an HTML file from the web server, and the response came back as follows:

    Which of the following actions should be taken to remediate this security issue?

    A. Set "Allowlatescanning" to 1 in the URLScan.ini configuration file.
    B. Set "Removeserverheader" to 1 in the URLScan.ini configuration file.
    C. Set "Enablelogging" to 0 in the URLScan.ini configuration file.
    D. Set "Perprocesslogging" to 1 in the URLScan.ini configuration file.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CS0-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.