CYSA CS0-003 Exam | Questions with 100%
Correct Answers | Verified | Latest Update 2026
Save
Terms in this set (645)
AAA - Authentication, Authorization, Used to control access to computers, networks,
Accounting and services.
Authenticate users by requiring credentials like a
username, a password, and possibly a biometric or
token-based authenticator.
Once individuals have proven who they are, they
are then authorized to access or use resources or
systems
Slack Space Unused space in a disk cluster that remains after a
file is written.
When a file is saved, it is stored in fixed-size
clusters on the disk.
If the file doesn't completely fill the cluster, the
leftover portion of the cluster
Example:
If a cluster size is 4 KB and you save a 2 KB file, the
remaining 2 KB in that cluster is the _________
________ can contain remnants of deleted files or
random data, making it useful in digital forensics
for discovering evidence.
,Active vs Passive scanning Active scanning interacts with the host
Passive scanning observes network activity and
draws conclusions.
Adverse Event Event that has negative consequences.
Malware infection A type of adverse event that compromises system
integrity.
Server crash An adverse event where a server becomes non-
operational.
User accessing a file they shouldn't An adverse event that involves unauthorized
be authorized to view access to sensitive information.
Agent Based Vulnerability Scanning Installing a software or agent on a target to
perform a vulnerability scan.
Agents have direct access (privileged) access to
the system
Accurate
Requires maintenance
Agent can interfere with systems and cause
performance issues
, Agentless Vulnerability Scan No Agent Installed: The system is scanned
remotely without installing any software (agent) on
the target device.
Credentialed or Non-Credentialed: Can use
credentials for deeper access or perform basic
scans without them.
Provides Attacker's Perspective: Non-credentialed
scans mimic what an external attacker might see.
Easy to Set Up: No software deployment required
on the target systems.
Results Are Limited: Non-credentialed scans lack
in-depth results since there's no direct access to
internal system files or configurations.
Attributes Part of IAM; Provide information about the subject
such as Name, Address, Title, Contact info, etc.
These can be used as part of the authentication
Active monitoring Reach out to remote systems and devices to gather
data.
___________ ___________ are typically the data gathering
location
AKA
The monitoring system itself initiates the
connection to gather data from remote systems,
making it the primary location for data collection.
This means:
The monitoring system (___________ ___________) reaches
out to devices or systems to collect data directly
(e.g., checking availability, latency, and packet loss).
After collecting the data, the monitoring system
may forward it to a central collector for storage or
further analysis, but the initial data is gathered by
the ___________ ___________itself.
Correct Answers | Verified | Latest Update 2026
Save
Terms in this set (645)
AAA - Authentication, Authorization, Used to control access to computers, networks,
Accounting and services.
Authenticate users by requiring credentials like a
username, a password, and possibly a biometric or
token-based authenticator.
Once individuals have proven who they are, they
are then authorized to access or use resources or
systems
Slack Space Unused space in a disk cluster that remains after a
file is written.
When a file is saved, it is stored in fixed-size
clusters on the disk.
If the file doesn't completely fill the cluster, the
leftover portion of the cluster
Example:
If a cluster size is 4 KB and you save a 2 KB file, the
remaining 2 KB in that cluster is the _________
________ can contain remnants of deleted files or
random data, making it useful in digital forensics
for discovering evidence.
,Active vs Passive scanning Active scanning interacts with the host
Passive scanning observes network activity and
draws conclusions.
Adverse Event Event that has negative consequences.
Malware infection A type of adverse event that compromises system
integrity.
Server crash An adverse event where a server becomes non-
operational.
User accessing a file they shouldn't An adverse event that involves unauthorized
be authorized to view access to sensitive information.
Agent Based Vulnerability Scanning Installing a software or agent on a target to
perform a vulnerability scan.
Agents have direct access (privileged) access to
the system
Accurate
Requires maintenance
Agent can interfere with systems and cause
performance issues
, Agentless Vulnerability Scan No Agent Installed: The system is scanned
remotely without installing any software (agent) on
the target device.
Credentialed or Non-Credentialed: Can use
credentials for deeper access or perform basic
scans without them.
Provides Attacker's Perspective: Non-credentialed
scans mimic what an external attacker might see.
Easy to Set Up: No software deployment required
on the target systems.
Results Are Limited: Non-credentialed scans lack
in-depth results since there's no direct access to
internal system files or configurations.
Attributes Part of IAM; Provide information about the subject
such as Name, Address, Title, Contact info, etc.
These can be used as part of the authentication
Active monitoring Reach out to remote systems and devices to gather
data.
___________ ___________ are typically the data gathering
location
AKA
The monitoring system itself initiates the
connection to gather data from remote systems,
making it the primary location for data collection.
This means:
The monitoring system (___________ ___________) reaches
out to devices or systems to collect data directly
(e.g., checking availability, latency, and packet loss).
After collecting the data, the monitoring system
may forward it to a central collector for storage or
further analysis, but the initial data is gathered by
the ___________ ___________itself.
