CS0-001 Exam Details

  • Exam Code
    :CS0-001
  • Exam Name
    :CompTIA Cybersecurity Analyst (CySA+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :416 Q&As
  • Last Updated
    :Feb 05, 2022

CompTIA CS0-001 Online Questions & Answers

  • Question 361:

    An analyst is detecting Linux machines on a Windows network. Which of the following tools should be used to detect a computer operating system?

    A. whois
    B. netstat
    C. nmap
    D. nslookup

  • Question 362:

    During a recent audit, there were a lot of findings similar to and including the following: Which of the following would be the BEST way to remediate these findings and minimize similar findings in the future?

    A. Use an automated patch management solution.
    B. Remove the affected software programs from the servers.
    C. Run Microsoft Baseline Security Analyzer on all of the servers.
    D. Schedule regular vulnerability scans for all servers on the network.

  • Question 363:

    There have been several exploits to critical devices within the network. However, there is currently no process to perform vulnerability analysis. Which of the following should the security analyst implement during production hours to identify critical threats and vulnerabilities?

    A. Asset inventory of all critical devices
    B. Vulnerability scanning frequency that does not interrupt workflow
    C. Daily automated reports of exploited devices
    D. Scanning of all types of data regardless of sensitivity levels

  • Question 364:

    A computer at a company was used to commit a crime. The system was seized and removed for further analysis. Which of the following is the purpose of labeling cables and connections when seizing the computer system?

    A. To capture the system configuration as it was at the time it was removed
    B. To maintain the chain of custody
    C. To block any communication with the computer system from attack
    D. To document the model, manufacturer, and type of cables connected

  • Question 365:

    A security analyst begins to notice the CPU utilization from a sinkhole has begun to spike. Which of the following describes what may be occurring?

    A. Someone has logged on to the sinkhole and is using the device.
    B. The sinkhole has begun blocking suspect or malicious traffic.
    C. The sinkhole has begun rerouting unauthorized traffic.
    D. Something is controlling the sinkhole and causing CPU spikes due to malicious utilization.

  • Question 366:

    A security analyst is monitoring authentication exchanges over the company's wireless network. A sample of the Wireshark output is shown below:

    Which of the following would improve the security posture of the wireless network?

    A. Using PEAP instead of LEAP
    B. Using SSL 2.0 instead of TLSv1.1
    C. using aspx instead of .jsp
    D. Using UDP instead of TCP

  • Question 367:

    Considering confidentiality and integrity, which of the following make servers more secure than desktops? (Select THREE).

    A. VLANs
    B. OS
    C. Trained operators
    D. Physical access restriction
    E. Processing power
    F. Hard drive capacity

  • Question 368:

    A security administrator recently deployed a virtual honeynet. The honeynet is not protected by the company's firewall, while all production networks are protected by a stateful firewall. Which of the following would BEST allow an external penetration tester to determine which one is the honeynet's network?

    A. Banner grab
    B. Packet analyzer
    C. Fuzzer
    D. TCP ACK scan

  • Question 369:

    Employees at a manufacturing plant have been victims of spear phishing, but security solutions prevented further intrusions into the network. Which of the following is the MOST appropriate solution in this scenario?

    A. Continue to monitor security devices
    B. Update antivirus and malware definitions
    C. Provide security awareness training
    D. Migrate email services to a hosted environment

  • Question 370:

    A software development company in the manufacturing sector has just completed the alpha version of its flagship application. The application has been under development for the past three years. The SOC has seen intrusion attempts made by indicators associated with a particular APT. The company has a hot site location for COOP. Which of the following threats would most likely incur the BIGGEST economic impact for the company?

    A. DDoS
    B. ICS destruction
    C. IP theft
    D. IPS evasion

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CS0-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.