CS0-001 Exam Details

  • Exam Code
    :CS0-001
  • Exam Name
    :CompTIA Cybersecurity Analyst (CySA+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :416 Q&As
  • Last Updated
    :Feb 05, 2022

CompTIA CS0-001 Online Questions & Answers

  • Question 211:

    A company requests a security assessment of its network. Permission is given, but no details are provided. It is discovered that the company has a web presence, and the company's IP address is 70.182.11.4. Which of the following Nmap commands would reveal common open ports and their versions?

    A. nmap - oV
    B. nmap -vO
    C. nmap -sv

  • Question 212:

    The primary difference in concern between remediating identified vulnerabilities found in general-purpose IT network servers and that of SCADA systems is that:

    A. change and configuration management processes do not address SCADA systems.
    B. doing so has a greater chance of causing operational impact in SCADA systems.
    C. SCADA systems cannot be rebooted to have changes to take effect.
    D. patch installation on SCADA systems cannot be verified.

  • Question 213:

    A cybersecurity analyst develops a regular expression to find data within traffic that will alarm on a hit.

    The SIEM alarms on seeing this data in cleartext between the web server and the database server.

    Which of the following types of data would the analyst MOST likely to be concerned with, and to which type of data classification does it belong?

    A. Credit card numbers that are PCI
    B. Social security numbers that are PHI
    C. Credit card numbers that are PII
    D. Social security numbers that are PII

  • Question 214:

    A systems administrator is trying to secure a critical system. The administrator has placed the system behind a firewall, enabled strong authentication, and required all administrators of this system to attend mandatory training. Which of the following BEST describes the control being implemented?

    A. Audit remediation
    B. Defense in depth
    C. Access control
    D. Multifactor authentication

  • Question 215:

    A logistics company's vulnerability scan identifies the following vulnerabilities on Internet-facing devices in the DMZ: SQL injection on an infrequently used web server that provides files to vendors SSL/TLS not used for a website that contains promotional information

    The scan also shows the following vulnerabilities on internal resources: Microsoft Office Remote Code Execution on test server for a human resources system TLS downgrade vulnerability on a server in a development network

    In order of risk, which of the following should be patched FIRST?

    A. Microsoft Office Remote Code Execution
    B. SQL injection
    C. SSL/TLS not used
    D. TLS downgrade

  • Question 216:

    A human resources employee sends out a mass email to all employees that contains their personnel records. A security analyst is called in to address the concern of the human resources director on how to prevent this from happening in the future.

    Which of the following would be the BEST solution to recommend to the director?

    A. Install a data loss prevention system, and train human resources employees on its use. Provide PII training to all employees at the company. Encrypt PII information.
    B. Enforce encryption on all emails sent within the company. Create a PII program and policy on how to handle data. Train all human resources employees.
    C. Train all employees. Encrypt data sent on the company network. Bring in privacy personnel to present a plan on how PII should be handled.
    D. Install specific equipment to create a human resources policy that protects PII data. Train company employees on how to handle PII data. Outsource all PII to another company. Send the human resources director to training for PII handling.

  • Question 217:

    Which of the following is a control that allows a mobile application to access and manipulate information which should only be available by another application on the same mobile device (e.g. a music application posting the name of the current song playing on the device on a social media site)?

    A. Co-hosted application
    B. Transitive trust
    C. Mutually exclusive access
    D. Dual authentication

  • Question 218:

    A cybersecurity analyst is investigating an incident report concerning a specific user workstation. The workstation is exhibiting high CPU and memory usage, even when first started, and network bandwidth usage is extremely high. The user reports that applications crash frequently, despite the fact that no significant changes in work habits have occurred. An antivirus scan reports no known threats. Which of the following is the MOST likely reason for this?

    A. Advanced persistent threat
    B. Zero day
    C. Trojan
    D. Logic bomb

  • Question 219:

    Which of the following BEST describes why vulnerabilities found in ICS and SCADA can be difficult to remediate?

    A. ICS/SCADA systems are not supported by the CVE publications.
    B. ICS/SCADA systems rarely have full security functionality.
    C. ICS/SCADA systems do not allow remote connections.
    D. ICS/SCADA systems use encrypted traffic to communicate between devices.

  • Question 220:

    A security administrator uses FTK to take an image of a hard drive that is under investigation. Which of the following processes are used to ensure the image is the same as the original disk? (Choose two.)

    A. Validate the folder and file directory listings on both.
    B. Check the hash value between the image and the original.
    C. Boot up the image and the original systems to compare.
    D. Connect a write blocker to the imaging device.
    E. Copy the data to a disk of the same size and manufacturer.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CS0-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.