COMPTIA CYSA+ CERTIFICATION ACTUAL
TEST SCRIPT 2026 VERIFIED QUESTIONS
AND CORRECT ANSWERS A+
● Pratap runs a small business helping homeowners use some of the
same types of technologies that larger companies use for building
automation systems. He recently has started testing a new thermostat
that he wants to start recommending to customers. Which of the
following is considered the category of device into which this falls?
Answer: c. IoT
● Jumelle, a cybersecurity engineer, wants to implement a vulnerability
scanner at her organization that creates a report describing the severity
of the vulnerabilities it finds. This will allow her to prioritize resources
to address these vulnerabilities. Which of the following is part of many
vulnerability scanners and would help Jumelle meet her goal? Answer:
b. CVSS
● Charlie, a cybersecurity researcher, has created a honeynet to learn
how attackers attempt to gain unauthorized access to servers. He
attempts to lure attackers from around the world to attack the honeynet
so he can secretly watch their actions. Which of the following terms can
be used to describe what he may be looking for? Answer: c. Zero-day
attacks
, ● An organization is developing a vulnerability scanning program to
analyze systems and applications on a regular schedule and detect any
new vulnerabilities that may arise. Which of the following should be
consulted during development of this plan? Answer: Asset Inventory
● Jason is testing a new web application that his company is about to
deploy to its users. He enters some invalid input into one of the text
boxes and submits the form. He receives the error message displayed
below. Which of the following best describes this scenario?There is an
error in your query. The mysql server said: maximum length of field
phone_number is 10 characters for table customer_info. Please check the
query and try again. Answer: Improper error handling
● Kenny has performed a scan against a company's web server to
determine if any services running on the server might contain a
vulnerability that he can exploit to gain control of the server. Which of
the following tools did he probably use to perform this scan? Answer: c.
Nmap
● Kees, a penetration tester, has been hired to perform a penetration test
against an organization, but he is given little to no information about the
organization. Which of the following tools might he use as part of the
initial reconnaissance phase of the penetration test? (Choose two.)
Answer: d. Nslookup
c. Dig
TEST SCRIPT 2026 VERIFIED QUESTIONS
AND CORRECT ANSWERS A+
● Pratap runs a small business helping homeowners use some of the
same types of technologies that larger companies use for building
automation systems. He recently has started testing a new thermostat
that he wants to start recommending to customers. Which of the
following is considered the category of device into which this falls?
Answer: c. IoT
● Jumelle, a cybersecurity engineer, wants to implement a vulnerability
scanner at her organization that creates a report describing the severity
of the vulnerabilities it finds. This will allow her to prioritize resources
to address these vulnerabilities. Which of the following is part of many
vulnerability scanners and would help Jumelle meet her goal? Answer:
b. CVSS
● Charlie, a cybersecurity researcher, has created a honeynet to learn
how attackers attempt to gain unauthorized access to servers. He
attempts to lure attackers from around the world to attack the honeynet
so he can secretly watch their actions. Which of the following terms can
be used to describe what he may be looking for? Answer: c. Zero-day
attacks
, ● An organization is developing a vulnerability scanning program to
analyze systems and applications on a regular schedule and detect any
new vulnerabilities that may arise. Which of the following should be
consulted during development of this plan? Answer: Asset Inventory
● Jason is testing a new web application that his company is about to
deploy to its users. He enters some invalid input into one of the text
boxes and submits the form. He receives the error message displayed
below. Which of the following best describes this scenario?There is an
error in your query. The mysql server said: maximum length of field
phone_number is 10 characters for table customer_info. Please check the
query and try again. Answer: Improper error handling
● Kenny has performed a scan against a company's web server to
determine if any services running on the server might contain a
vulnerability that he can exploit to gain control of the server. Which of
the following tools did he probably use to perform this scan? Answer: c.
Nmap
● Kees, a penetration tester, has been hired to perform a penetration test
against an organization, but he is given little to no information about the
organization. Which of the following tools might he use as part of the
initial reconnaissance phase of the penetration test? (Choose two.)
Answer: d. Nslookup
c. Dig
