CySA Chapter 2 Exam | Questions with 100% Correct
Answers | Verified | Latest Update 2026
Save
Terms in this set (78)
What purpose does a honeypot system B.
serve when placed on a network as shown
in the following diagram?
A. Prevents attackers from targeting
production servers
B. Provides info about the techniques
attackers are using
C. Slows down attackers like sticky honey
D. Provides real-time input to IDSs and IPSs
A tarpit, or a system that looks vulnerable C.
but actually is intended to slow down
attackers, is an example of what type of Tarpits are a form of active defense that decoy or bait
technique? attackers. Passive defenses include cryptography, security
A. A passive defense architecture, and similar options.
B. A sticky defense
C. An active defense
D. A reaction-based defense
What supplier should one seek out if one is C.
required to ensure that the chips and other
hardware level components do not include Trusted foundries are part of the DoD's program that ensures
malware or other potential attack vectors, as hardware components are trustworthy and have not been
part of a government acquisitions program compromised.
for the US department of defense?
A. A TPM
B. An OEM provider
C. A trusted foundry
D. A gray-market provider
Susan needs to test thousands of submitted A.
binaries, She needs to ensure that the
applications do not contain malicious code. Susan's best option is to use an automated testing sandbox
What technique is best suited to this need? that analyzes the applications for malicious or questionable
behavior.
A. Sandboxing
B. Implementing a honeypot
C. Decompiling and analyzing the
application code
D. Fagan testing
,Manesh downloads a new security tool and C.
checks its MD5. What does she know about
the software she downloaded if she Manesh knows that the file she downloaded and computed a
receives the following message: checksum for does not match the MD5 checksum that was
calculated by the providers of the software
root@demo:# md5sum -c demo.md5
demo.txt: FAILED
md5sum: WARNING: 1 computed checksum
did NOT match
A. The file has been corrupted.
B. Attackers have modified the file.
C. The files do not match.
D. The test failed and provided no answer.
Tracy is designing a cloud infrastructure for
her company and wants to generate and
store encryption keys in a secure way. What
type of technology should she look for as
part of her infrastructure as a service
vendor's portfolio?
А. ТРМ
В. HSM
C. UEFI
D. VPC
Aziz needs to provide SSH access to
systems behind his datacenter firewall. If
Aziz's organi- zation uses the system
architecture shown here, what is the system
at point A called?
A. A firewall-hopper
B. An isolated system
C. A moat-protected host
D. A jump box
Charles wants to provide additional security
for his web application, which currently
stores passwords in plaintext in a database.
Which of the following options will best
prevent theft of the database resulting in
exposed passwords?
A. Encrypt the database of plaintext
passwords
B. Use MDS and a salt
C. Use SHA-1 and a salt
D. Use bcrypt
, What type of protected boot process is
illustrated in the following diagram?
A. Measured boot
В. ТРМ
C. Remote attestation
D. Signed BIOS
An access control system that relies on the
operating system to constrain the ability of a
subject to perform operations is an example
of what type of access control system?
A. A discretionary access control system
B. A role-based access control system
C. A mandatory access control system
D. A level-based access control system
During his analysis of a malware sample,
Sahib reviews the malware files and binaries
without running them. What type of analysis
is this?
A. Automated analysis
B. Dynamic analysis
C. Static analysis
D. Heuristic analysis
Carol wants to analyze a malware sample
that she has discovered. She wants to run
the sample safely while capturing
information about its behavior and impact
on the system it infects. What type of tool
should she use?
A. A static code analysis tool
B. A dynamic analysis sandbox tool
C. A Fagan sandbox
D. A decompiler running on an isolated VM
Answers | Verified | Latest Update 2026
Save
Terms in this set (78)
What purpose does a honeypot system B.
serve when placed on a network as shown
in the following diagram?
A. Prevents attackers from targeting
production servers
B. Provides info about the techniques
attackers are using
C. Slows down attackers like sticky honey
D. Provides real-time input to IDSs and IPSs
A tarpit, or a system that looks vulnerable C.
but actually is intended to slow down
attackers, is an example of what type of Tarpits are a form of active defense that decoy or bait
technique? attackers. Passive defenses include cryptography, security
A. A passive defense architecture, and similar options.
B. A sticky defense
C. An active defense
D. A reaction-based defense
What supplier should one seek out if one is C.
required to ensure that the chips and other
hardware level components do not include Trusted foundries are part of the DoD's program that ensures
malware or other potential attack vectors, as hardware components are trustworthy and have not been
part of a government acquisitions program compromised.
for the US department of defense?
A. A TPM
B. An OEM provider
C. A trusted foundry
D. A gray-market provider
Susan needs to test thousands of submitted A.
binaries, She needs to ensure that the
applications do not contain malicious code. Susan's best option is to use an automated testing sandbox
What technique is best suited to this need? that analyzes the applications for malicious or questionable
behavior.
A. Sandboxing
B. Implementing a honeypot
C. Decompiling and analyzing the
application code
D. Fagan testing
,Manesh downloads a new security tool and C.
checks its MD5. What does she know about
the software she downloaded if she Manesh knows that the file she downloaded and computed a
receives the following message: checksum for does not match the MD5 checksum that was
calculated by the providers of the software
root@demo:# md5sum -c demo.md5
demo.txt: FAILED
md5sum: WARNING: 1 computed checksum
did NOT match
A. The file has been corrupted.
B. Attackers have modified the file.
C. The files do not match.
D. The test failed and provided no answer.
Tracy is designing a cloud infrastructure for
her company and wants to generate and
store encryption keys in a secure way. What
type of technology should she look for as
part of her infrastructure as a service
vendor's portfolio?
А. ТРМ
В. HSM
C. UEFI
D. VPC
Aziz needs to provide SSH access to
systems behind his datacenter firewall. If
Aziz's organi- zation uses the system
architecture shown here, what is the system
at point A called?
A. A firewall-hopper
B. An isolated system
C. A moat-protected host
D. A jump box
Charles wants to provide additional security
for his web application, which currently
stores passwords in plaintext in a database.
Which of the following options will best
prevent theft of the database resulting in
exposed passwords?
A. Encrypt the database of plaintext
passwords
B. Use MDS and a salt
C. Use SHA-1 and a salt
D. Use bcrypt
, What type of protected boot process is
illustrated in the following diagram?
A. Measured boot
В. ТРМ
C. Remote attestation
D. Signed BIOS
An access control system that relies on the
operating system to constrain the ability of a
subject to perform operations is an example
of what type of access control system?
A. A discretionary access control system
B. A role-based access control system
C. A mandatory access control system
D. A level-based access control system
During his analysis of a malware sample,
Sahib reviews the malware files and binaries
without running them. What type of analysis
is this?
A. Automated analysis
B. Dynamic analysis
C. Static analysis
D. Heuristic analysis
Carol wants to analyze a malware sample
that she has discovered. She wants to run
the sample safely while capturing
information about its behavior and impact
on the system it infects. What type of tool
should she use?
A. A static code analysis tool
B. A dynamic analysis sandbox tool
C. A Fagan sandbox
D. A decompiler running on an isolated VM
