CompTIA Cybersecurity CySA+ (CS0-001): Practice Test 1 And 2 - Results Questions And Answers

CompTIA Cybersecurity CySA+ (CS0-001): Practice Test 1 And 2 - Results Which of the following statements best describes an audit file? A.It updates lists of scanned hosts, to avoid unnecessarily rescanning these hosts. B.It produces a list of vulnerabilities found on scanned hosts. C.It produces a list of the hosts that are scanned. D.It gives instructions used to assess the configuration of endpoints and network devices against a compliance policy. - 1D.It gives instructions used to assess the configuration of endpoints and network devices against a compliance policy. Explanation Correct Answer: An audit file in Nessus gives the scan instructions used to assess the configuration of endpoints and network devices against a compliance policy. Incorrect Answers: An audit file is used prior to the scan and does not produce any lists or results after a scan. Which of the following are two types of requirements in the SDLC model? A.Nonfunctional and performance requirements B.Functional and nonfunctional requirements C.Functional and performance requirements D.Functional and security requirements - B.Functional and nonfunctional requirements Explanation Correct Answer: Functional requirements describe what the software must do, and nonfunctional requirements describe how the software must do these things—or what the software must be like. Incorrect Answers: A.Performance requirements are nonfunctional requirements. Performance requirements dictate how well the software must function, which is a nonfunctional requirement. D.A security requirement defines the behaviors and characteristics a system must possess in order to achieve and maintain an acceptable level of security by itself, and in its interactions with other systems. Security requirements are also nonfunctional requirements. Which of the following is an effective way that attackers can use an organization's bandwidth to hide data exfiltration? A.By exfiltrating data during periods of low use. B.By hiding data exfiltration during periods of peak use. C.By attaching sensitive data to otherwise innocuous data while exfiltrating it. D.By downloading information quickly before getting caught - B.By hiding data exfiltration during periods of peak use. Explanation Correct Answer: Patient attackers can hide data exfiltration during periods of peak use by using a low-andslow approach that can make them exceptionally difficult to detect if administrators are just looking at network traffic. Most attackers, however, will attempt to download sensitive information quickly and thus generate distinctive signals. Incorrect Answers: Each of these other methods will typically trigger alarms and alert administrators to data leaving the network. All of the following are common vulnerabilities that plague most systems within an organization, EXCEPT: A.Weak passwords B.Misconfigured firewall rules C.Missing patches or updates D.Need for compensating controls - D.Need for compensating controls Explanation Correct Answer: The need for compensating controls is not a vulnerability; it is actually a mitigation for vulnerabilities that are not adequately addressed. A compensating control is added to compensate for a weakness in an existing control, to make the control stronger. Incorrect Answers: All of these other choices are common vulnerabilities found in most organizations and affect a variety of systems. During a penetration test exercise, which type of team is responsible for defending the network against the penetration testers and simulated attacks? A.Red team B.Green team C.Blue team D.White team - C.Blue team Explanation Correct Answer: The blue team is the focus of the exercise, as they are defending the network being tested. Their response capabilities and procedures reflect how effective the penetration testing team, also known as the red team, is in its attacks. Incorrect Answers: The red team is the penetration testing team, the blue team the defenders, the white team is composed of the exercise planners and coordinators, and green team is not a valid answer. A large number of ARP queries might indicate which of the following type of attack?