CS0-001 Exam Details

  • Exam Code
    :CS0-001
  • Exam Name
    :CompTIA Cybersecurity Analyst (CySA+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :416 Q&As
  • Last Updated
    :Feb 05, 2022

CompTIA CS0-001 Online Questions & Answers

  • Question 11:

    A security analyst wants to scan the network for active hosts. Which of the following host characteristics help to differentiate between a virtual and physical host?

    A. Reserved MACs
    B. Host IPs
    C. DNS routing tables
    D. Gateway settings

  • Question 12:

    In the development stage of the incident response policy, the security analyst needs to determine the stakeholders for the policy. Who of the following would be the policy stakeholders?

    A. Human resources, legal, public relations, management
    B. Chief information Officer (CIO), Chief Executive Officer, board of directors, stockholders
    C. IT, human resources, security administrator, finance
    D. Public information officer, human resources, audit, customer service

  • Question 13:

    A company has received the results of an external vulnerability scan from its approved scanning vendor. The company is required to remediate these vulnerabilities for clients within 72 hours of acknowledgement of the scan results. Which of the following contract breaches would result if this remediation is not provided for clients within the time frame?

    A. Service level agreement
    B. Regulatory compliance
    C. Memorandum of understanding
    D. Organizational governance

  • Question 14:

    An organization is attempting to harden its web servers and reduce the information that might be disclosed by potential attackers. A security analyst is reviewing vulnerability scan results from a recent web server scan. Portions of the scan results are shown below:

    Which of the following lines indicates information disclosure about the host that needs to be remediated?

    A. Response: :\Documents\MarySmith\mailingList.pdf
    B. Finding#5144322
    C. First Time Detected 10 Nov 2015 09:00 GMT-0600
    D. Access Path: http://myOrg.com/mailingList.htm
    E. Request: GET http://myOrg.com/mailingList.aspx?content=volunteer

  • Question 15:

    An alert has been distributed throughout the information security community regarding a critical Apache vulnerability. Which of the following courses of action would ONLY identify the known vulnerability?

    A. Perform an unauthenticated vulnerability scan on all servers in the environment.
    B. Perform a scan for the specific vulnerability on all web servers.
    C. Perform a web vulnerability scan on all servers in the environment.
    D. Perform an authenticated scan on all web servers in the environment.

  • Question 16:

    While a threat intelligence analyst was researching an indicator of compromise on a search engine, the web proxy generated an alert regarding the same indicator. The threat intelligence analyst states that related sites were not visited but were searched for in a search engine. Which of the following MOST likely happened in this situation?

    A. The analyst is not using the standard approved browser.
    B. The analyst accidently clicked a link related to the indicator.
    C. The analyst has prefetch enabled on the browser in use.
    D. The alert in unrelated to the analyst's search.

  • Question 17:

    A security analyst is reviewing packet captures to determine the extent of success during an attacker's reconnaissance phase following a recent incident. The following is a hex and ASCII dump of one such packet:

    Which of the following BEST describes this packet?

    A. DNS BIND version request
    B. DNS over UDP standard query
    C. DNS over TCP server status query
    D. DNS zone transfer request

  • Question 18:

    A cybersecurity analyst is hired to review the security measures implemented within the domain controllers of a company. Upon review, the cybersecurity analyst notices a brute force attack can be launched against domain controllers that run on a Windows platform. The first remediation step implemented by the cybersecurity analyst is to make the account passwords more complex. Which of the following is the NEXT remediation step the cybersecurity analyst needs to implement?

    A. Disable the ability to store a LAN manager hash.
    B. Deploy a vulnerability scanner tool.
    C. Install a different antivirus software.
    D. Perform more frequent port scanning.
    E. Move administrator accounts to a new security group.

  • Question 19:

    An analyst finds that unpatched servers have undetected vulnerabilities because the vulnerability scanner does not have the latest set of signatures. Management directed the security team to have personnel update the scanners with the latest signatures at least 24 hours before conducting any scans, but the outcome is unchanged. Which of the following is the BEST logical control to address the failure?

    A. Configure a script to automatically update the scanning tool.
    B. Manually validate that the existing update is being performed.
    C. Test vulnerability remediation in a sandbox before deploying.
    D. Configure vulnerability scans to run in credentialed mode.

  • Question 20:

    A company that is hiring a penetration tester wants to exclude social engineering from the list of authorized activities. Which of the following documents should include these details?

    A. Acceptable use policy
    B. Service level agreement
    C. Rules of engagement
    D. Memorandum of understanding
    E. Master service agreement

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CS0-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.