CS0-001 Exam Details

  • Exam Code
    :CS0-001
  • Exam Name
    :CompTIA Cybersecurity Analyst (CySA+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :416 Q&As
  • Last Updated
    :Feb 05, 2022

CompTIA CS0-001 Online Questions & Answers

  • Question 331:

    A system administrator is doing network reconnaissance of a company's external network to determine the vulnerability of various services that are running. Sending some sample traffic to the external host, the administrator obtains the following packet capture:

    Based on the output, which of the following services should be further tested for vulnerabilities?

    A. SSH
    B. HTTP
    C. SMB
    D. HTTPS

  • Question 332:

    While conducting research on malicious domains, a threat intelligence analyst received a blue screen of death. The analyst rebooted and received a message stating that the computer had been locked and could only be opened by following the instructions on the screen. Which of the following combinations describes the MOST likely threat and the PRIMARY mitigation for the threat?

    A. Ransomware and update antivirus
    B. Account takeover and data backups
    C. Ransomware and full disk encryption
    D. Ransomware and data backups

  • Question 333:

    The Chief Information Security Officer (CISO) has decided that all accounts with elevated privileges must use a longer, more complicated passphrase instead of a password. The CISO would like to formally document management's intent to set this control level. Which of the following is the appropriate means to achieve this?

    A. A control
    B. A standard
    C. A policy
    D. A guideline

  • Question 334:

    A security analyst has created an image of a drive from an incident. Which of the following describes what the analyst should do NEXT?

    A. The analyst should create a backup of the drive and then hash the drive.
    B. The analyst should begin analyzing the image and begin to report findings.
    C. The analyst should create a hash of the image and compare it to the original drive's hash.
    D. The analyst should create a chain of custody document and notify stakeholders.

  • Question 335:

    A company wants to update its acceptable use policy (AUP) to ensure it relates to the newly implemented password standard, which requires sponsored authentication of guest wireless devices. Which of the following is MOST likely to be incorporated in the AUP?

    A. Sponsored guest passwords must be at least ten characters in length and contain a symbol.
    B. The corporate network should have a wireless infrastructure that uses open authentication standards.
    C. Guests using the wireless network should provide valid identification when registering their wireless devices.
    D. The network should authenticate all guest users using 802.1x backed by a RADIUS or LDAP server.

  • Question 336:

    The help desk has reported that users are reusing previous passwords when prompted to change them. Which of the following would be the MOST appropriate control for the security analyst to configure to prevent password reuse?

    A. Implement mandatory access control on all workstations.
    B. Implement role-based access control within directory services.
    C. Deploy Group Policy Objects to domain resources.
    D. Implement scripts to automate the configuration of PAM on Linux hosts.
    E. Deploy a single-sing-on solution for both Windows and Linux hosts.

  • Question 337:

    During an investigation, an incident responder intends to recover multiple pieces of digital media. Before removing the media, the responder should initiate:

    A. malware scans.
    B. secure communications.
    C. chain of custody forms.
    D. decryption tools.

  • Question 338:

    Joe, a user, is unable to launch an application on his laptop, which he typically uses on a daily basis. Joe informs a security analyst of the issue. After an online database comparison, the security analyst checks the SIEM and notices alerts indicating certain .txt and .dll files are blocked. Which of the following tools would generate these logs?

    A. Antivirus
    B. HIPS
    C. Firewall
    D. Proxy

  • Question 339:

    Which of the following is a feature of virtualization that can potentially create a single point of failure?

    A. Server consolidation
    B. Load balancing hypervisors
    C. Faster server provisioning
    D. Running multiple OS instances

  • Question 340:

    The Chief Information Security Officer (CISO) has asked the security staff to identify a framework on which to base the security program. The CISO would like to achieve a certification showing the security program meets all required best practices. Which of the following would be the BEST choice?

    A. OSSIM
    B. SDLC
    C. SANS
    D. ISO

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CS0-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.