Solution and Answer Guide
Table of Contents
Chapter 1. Technology Underpinnings
Chapter 2. Threat Actors and Their Threats
Chapter 3. Cybersecurity Substrata
Chapter 4. Identifying Indicators of Attack
(IOA)
Chapter 5. Analyzing Indicators of
Compromise (IOC)
Chapter 6. Threat Detection and Process
Improvement
Chapter 7. Vulnerability Scanning and
Assessment Tools
Chapter 8. Addressing Vulnerabilities
Chapter 9. Vulnerability Management and
Administration
Chapter 10. Incident Response Planning
Chapter 11. Incident Response Activity Phases
Chapter 12. Data Protection and Utilization
CHAPTER 1: TECHNOLOGY UNDERPINNINGS
TABLE OF CONTENTS
Review Questions
• Case Projects
• Case Project 1-1: #TrendingCyber
• Case Project 1-2: Lack of Knowledge by Job Applicants
• Case Project 1-3: Container Security
• Case Project 1-4: Serverless Security
• Case Project 1-5: SDN Vulnerabilities
• Case Project 1-6: U.S. Critical Infrastructures
• Activity Rubric
,REVIEW QUESTIONS
1. Which of the following is NOT correct about JSON?
A. It stores data in a tree structure.
B. It is compact and easy to read and write.
C. It creates files that can be transmitted quickly.
D. It executes quickly.
Answer: A. It stores data in a tree structure.
Explanation: It stores data in a tree structure.
2. Which of the following is NOT a common scripting language?
A. VBA
B. Bash
C. PowerShell
D. RegExBa
Answer: D. RegExBa
Explanation: Common scripting languages are Visual Basic for Applications, shell scripts, and
PowerShell.
3. Which of the following is NOT a cybersecurity skill for which the CySA+ certification will equip the
user?
A. Equip to demonstrate competency regarding current cyberattacks and defenses.
B. Equip to respond to threats, attacks and vulnerabilities and then communicate with stakeholders.
C. Equip to configure a firewall.
D. Equip to proactively monitor and detect systems by analyzing indicators of malicious activity
using the most up-to-date methods and tools.
Answer: C. Equip to configure a firewall.
Explanation: CompTIA CySA+ certification equips users to higher-level incident detection,
prevention, and response through continuous security monitoring.
4. What does the term “serverless” mean?
A. The cloud network configuration does not require any servers.
B. Server resources are inconspicuous to the end user.
C. Servers are run as VMs.
, D. All appliances are virtual and do not interact with physical servers.
Answer: B. Server resources are inconspicuous to the end user.
Explanation: Serverless does not mean that a server does not exist but only that it is opaque to end
users.
5. Which type of hypervisor runs directly on the computer’s hardware?
A. Type I
B. Type II
C. Type III
D. Type IV
Answer: A. Type I
Explanation: Type I hypervisors run directly on the computer’s hardware instead of the underlying
OS. Type I hypervisors are sometimes called "native" or "bare metal" hypervisors.
6. Which of the following is NOT correct about containers?
A. Containers start more quickly.
B. Containers reduce the necessary hard drive storage space to function.
C. Containers require a full OS whenever APIs cannot be used.
D. Containers include components like binary files and libraries.
Answer: C. Containers require a full OS whenever APIs cannot be used.
Explanation: Containers do not require a full OS but only the necessary OS components that are
needed for the specific application to execute.
7. Which of the following is NOT a characteristic of cloud computing?
A. Metered services
B. Delayed elasticity
C. On-demand self-service
D. Universal client support
Answer: B. Delayed elasticity
Explanation: Cloud computing has immediate elasticity, not delayed elasticity, meaning that
computing resources can be increased or decreased quickly to meet demands.
8. Which of the following is NOT a cloud computing cost savings?
A. Reduction in broadband costs
, B. Resiliency
C. Scalability
D. Pay-per-use
Answer: A. Reduction in broadband costs
Explanation: Broadband costs will likely increase, not decrease, with cloud computing due to the
constant interaction of the cloud resources.
9. Which type of cloud is a combination of public and private clouds?
A. Joint
B. Combined
C. Hybrid
D. Consolidated
Answer: C. Hybrid
Explanation: A hybrid cloud combines public and private clouds.
10. Which computing location would be used to support IoT devices?
A. Edge
B. Fog
C. Off-premises
D. On-premises
Answer: A. Edge
Explanation: Edge computing is performed at or very near to the source of data instead of relying on
the cloud or on-prem for processing.
11. Which type of network segmentation makes use of virtual networks?
A. Full segmentation
B. Physical segmentation
C. Reverse segmentation
D. Logical segmentation
Answer: D. Logical segmentation
Explanation: Logical segmentation creates subnets via “virtual networks” or through network
addressing schemes. Logical segmentation is more flexible than physical segmentation because it
requires no wiring or physical movement of network appliances to create the subnet, and automated
provisioning can simplify the configuration of the smaller networks.
Table of Contents
Chapter 1. Technology Underpinnings
Chapter 2. Threat Actors and Their Threats
Chapter 3. Cybersecurity Substrata
Chapter 4. Identifying Indicators of Attack
(IOA)
Chapter 5. Analyzing Indicators of
Compromise (IOC)
Chapter 6. Threat Detection and Process
Improvement
Chapter 7. Vulnerability Scanning and
Assessment Tools
Chapter 8. Addressing Vulnerabilities
Chapter 9. Vulnerability Management and
Administration
Chapter 10. Incident Response Planning
Chapter 11. Incident Response Activity Phases
Chapter 12. Data Protection and Utilization
CHAPTER 1: TECHNOLOGY UNDERPINNINGS
TABLE OF CONTENTS
Review Questions
• Case Projects
• Case Project 1-1: #TrendingCyber
• Case Project 1-2: Lack of Knowledge by Job Applicants
• Case Project 1-3: Container Security
• Case Project 1-4: Serverless Security
• Case Project 1-5: SDN Vulnerabilities
• Case Project 1-6: U.S. Critical Infrastructures
• Activity Rubric
,REVIEW QUESTIONS
1. Which of the following is NOT correct about JSON?
A. It stores data in a tree structure.
B. It is compact and easy to read and write.
C. It creates files that can be transmitted quickly.
D. It executes quickly.
Answer: A. It stores data in a tree structure.
Explanation: It stores data in a tree structure.
2. Which of the following is NOT a common scripting language?
A. VBA
B. Bash
C. PowerShell
D. RegExBa
Answer: D. RegExBa
Explanation: Common scripting languages are Visual Basic for Applications, shell scripts, and
PowerShell.
3. Which of the following is NOT a cybersecurity skill for which the CySA+ certification will equip the
user?
A. Equip to demonstrate competency regarding current cyberattacks and defenses.
B. Equip to respond to threats, attacks and vulnerabilities and then communicate with stakeholders.
C. Equip to configure a firewall.
D. Equip to proactively monitor and detect systems by analyzing indicators of malicious activity
using the most up-to-date methods and tools.
Answer: C. Equip to configure a firewall.
Explanation: CompTIA CySA+ certification equips users to higher-level incident detection,
prevention, and response through continuous security monitoring.
4. What does the term “serverless” mean?
A. The cloud network configuration does not require any servers.
B. Server resources are inconspicuous to the end user.
C. Servers are run as VMs.
, D. All appliances are virtual and do not interact with physical servers.
Answer: B. Server resources are inconspicuous to the end user.
Explanation: Serverless does not mean that a server does not exist but only that it is opaque to end
users.
5. Which type of hypervisor runs directly on the computer’s hardware?
A. Type I
B. Type II
C. Type III
D. Type IV
Answer: A. Type I
Explanation: Type I hypervisors run directly on the computer’s hardware instead of the underlying
OS. Type I hypervisors are sometimes called "native" or "bare metal" hypervisors.
6. Which of the following is NOT correct about containers?
A. Containers start more quickly.
B. Containers reduce the necessary hard drive storage space to function.
C. Containers require a full OS whenever APIs cannot be used.
D. Containers include components like binary files and libraries.
Answer: C. Containers require a full OS whenever APIs cannot be used.
Explanation: Containers do not require a full OS but only the necessary OS components that are
needed for the specific application to execute.
7. Which of the following is NOT a characteristic of cloud computing?
A. Metered services
B. Delayed elasticity
C. On-demand self-service
D. Universal client support
Answer: B. Delayed elasticity
Explanation: Cloud computing has immediate elasticity, not delayed elasticity, meaning that
computing resources can be increased or decreased quickly to meet demands.
8. Which of the following is NOT a cloud computing cost savings?
A. Reduction in broadband costs
, B. Resiliency
C. Scalability
D. Pay-per-use
Answer: A. Reduction in broadband costs
Explanation: Broadband costs will likely increase, not decrease, with cloud computing due to the
constant interaction of the cloud resources.
9. Which type of cloud is a combination of public and private clouds?
A. Joint
B. Combined
C. Hybrid
D. Consolidated
Answer: C. Hybrid
Explanation: A hybrid cloud combines public and private clouds.
10. Which computing location would be used to support IoT devices?
A. Edge
B. Fog
C. Off-premises
D. On-premises
Answer: A. Edge
Explanation: Edge computing is performed at or very near to the source of data instead of relying on
the cloud or on-prem for processing.
11. Which type of network segmentation makes use of virtual networks?
A. Full segmentation
B. Physical segmentation
C. Reverse segmentation
D. Logical segmentation
Answer: D. Logical segmentation
Explanation: Logical segmentation creates subnets via “virtual networks” or through network
addressing schemes. Logical segmentation is more flexible than physical segmentation because it
requires no wiring or physical movement of network appliances to create the subnet, and automated
provisioning can simplify the configuration of the smaller networks.
