CS0-001 Exam Details

  • Exam Code
    :CS0-001
  • Exam Name
    :CompTIA Cybersecurity Analyst (CySA+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :416 Q&As
  • Last Updated
    :Feb 05, 2022

CompTIA CS0-001 Online Questions & Answers

  • Question 41:

    A company has implemented WPA2, a 20-character minimum for the WiFi passphrase, and a new WiFi passphrase every 30 days, and has disabled SSID broadcast on all wireless access points. Which of the following is the company trying to mitigate?

    A. Downgrade attacks
    B. Rainbow tables
    C. SSL pinning
    D. Forced deauthentication

  • Question 42:

    The security team has determined that the current incident response resources cannot meet management's objective to secure a forensic image for all serious security incidents within 24 hours. Which of the following compensating controls can be used to help meet management's expectations?

    A. Separation of duties
    B. Scheduled reviews
    C. Dual control
    D. Outsourcing

  • Question 43:

    Given the following code:

    Which of the following types of attacks is occurring?

    A. MITM
    B. Session hijacking
    C. XSS
    D. Privilege escalation
    E. SQL injection

  • Question 44:

    Company A's security policy states that only PKI authentication should be used for all SSH accounts. A security analyst from Company A is reviewing the following auth.log and configuration settings:

    Which of the following changes should be made to the following sshd_config file to establish compliance with the policy?

    A. Change PermitRootLogin no to #PermitRootLogin yes
    B. Change ChallengeResponseAuthentication yes to ChallangeResponseAuthentication no
    C. Change PubkeyAuthentication yes to #PubkeyAuthentication yes
    D. Change #AuthorizedKeysFile sh/.ssh/authorized_keys to AuthorizedKeysFile sh/.ssh/authorized_keys
    E. Change PassworAuthentication yes to PasswordAuthentication no

  • Question 45:

    A security analyst is creating baseline system images to remediate vulnerabilities found in different operating systems. Each image needs to be scanned before it is deployed. The security analyst must ensure the configurations match industry standard benchmarks and the process can be repeated frequently. Which of the following vulnerability options would BEST create the process requirements?

    A. Utilizing an operating system SCAP plugin
    B. Utilizing an authorized credential scan
    C. Utilizing a non-credential scan
    D. Utilizing a known malware plugin

  • Question 46:

    A company that is hiring a penetration tester wants to exclude social engineering from the list of authorized activities. Which documents should include these details?

    A. Master service agreement
    B. Memorandum of understanding
    C. Service level agreement
    D. Rules of engagement

  • Question 47:

    A company has been a victim of multiple volumetric DoS attacks. Packet analysis of the offending traffic shows the following:

    Which of the following mitigation techniques is MOST effective against the above attack?

    A. The company should contact the upstream ISP and ask that RFC1918 traffic be dropped.
    B. The company should implement a network-based sinkhole to drop all traffic coming from 192.168.1.1 at their gateway router.
    C. The company should implement the following ACL at their gateway firewall: DENY IP HOST 192.168.1.1 170.43.30.0/24.
    D. The company should enable the DoS resource starvation protection feature of the gateway NIPS.

  • Question 48:

    Which of the following is a vulnerability when using Windows as a host OS for virtual machines?

    A. Windows requires frequent patching.
    B. Windows virtualized environments are typically unstable.
    C. Windows requires hundreds of open firewall ports to operate.
    D. Windows is vulnerable to the "ping of death".

  • Question 49:

    The following IDS log was discovered by a company's cybersecurity analyst: Which of the following was launched against the company based on the IDS log?

    A. SQL injection attack
    B. Cross-site scripting attack
    C. Buffer overflow attack
    D. Online password crack attack

  • Question 50:

    Which of the following describes why it is important to include scope within the rules of engagement of a penetration test?

    A. To ensure the network segment being tested has been properly secured
    B. To ensure servers are not impacted and service is not degraded
    C. To ensure all systems being scanned are owned by the company
    D. To ensure sensitive hosts are not scanned

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CS0-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.