CompTIA
CySA+
Question Dumps
,Section 1 - Questions
Domain 1 - Security Operations
1. An organization is implementing security controls for its network. Which of the following is an
example of a detective security control?
A. Intrusion Detection System (IDS)
B. Firewall
C. Antivirus Software
D. Encryption
2. Which of the following is an example of a preventive security control?
A. Firewall
B. Intrusion Detection System (IDS)
C. Security Incident and Event Management (SIEM)
D. Antivirus Software
3. In the context of security operations, what is the purpose of a Security Information and Event
Management (SIEM) system?
A. Collect, analyze, and correlate log data
B. Block malicious traffic
C. Conduct vulnerability assessments
D. Encrypt sensitive data in transit
4. What is the purpose of a Security Operations Center (SOC) in an organization's cybersecurity strategy?
A. Monitor and respond to security incidents
B. Develop new security policies
C. Install and configure firewalls
D. Conduct vulnerability assessments
,5. Which of the following is a characteristic of Security Information and Event Management (SIEM)
systems?
A. Log aggregation and correlation
B. Preventing all security incidents
C. Conducting vulnerability assessments
D. Encrypting network traffic
6. What is the primary goal of security awareness training for employees in an organization?
A. Mitigate the risk of human error
B. Eliminate the need for technical controls
C. Block all external email attachments
D. Install and configure firewalls
7. What is the purpose of a honeypot in a cybersecurity strategy?
A. Attract and detect attackers
B. Block all network traffic
C. Monitor and record user activities
D. Encrypt sensitive data at rest
8. What is the primary purpose of a Security Baseline in a cybersecurity program?
A. Establish a secure starting point for systems
B. Identify and exploit vulnerabilities
C. Block all network traffic
D. Conduct penetration testing
9. In the context of security operations, what is the purpose of a Security Control Assessment (SCA)?
A. Evaluate the effectiveness of security controls
B. Monitor and respond to security incidents
C. Develop new security policies
3
, D. Conduct vulnerability assessments
10. What is the purpose of Security Information Sharing and Analysis Centers (ISACs) in the cybersecurity
community?
A. Facilitate collaboration and information sharing
B. Block all network traffic
C. Conduct penetration testing
D. Develop new security policies
11. Which of the following is an example of a security control that falls under the category of
administrative controls?
A. Security policies and procedures
B. Intrusion Detection System (IDS)
C. Encryption
D. Firewalls
12. What is the primary purpose of a Security Posture Assessment in a cybersecurity program?
A. Evaluate the overall security readiness
B. Identify and exploit vulnerabilities
C. Block all network traffic
D. Conduct penetration testing
13. Which SIEM functionality analyzes log data from various security tools to identify potential incidents?
A. SIEM correlation engine
B. Threat intelligence feed integration
C. Both A and B
D. Network traffic analysis
14. Select all that apply: Which tools are helpful for detecting suspicious network activity?
4
CySA+
Question Dumps
,Section 1 - Questions
Domain 1 - Security Operations
1. An organization is implementing security controls for its network. Which of the following is an
example of a detective security control?
A. Intrusion Detection System (IDS)
B. Firewall
C. Antivirus Software
D. Encryption
2. Which of the following is an example of a preventive security control?
A. Firewall
B. Intrusion Detection System (IDS)
C. Security Incident and Event Management (SIEM)
D. Antivirus Software
3. In the context of security operations, what is the purpose of a Security Information and Event
Management (SIEM) system?
A. Collect, analyze, and correlate log data
B. Block malicious traffic
C. Conduct vulnerability assessments
D. Encrypt sensitive data in transit
4. What is the purpose of a Security Operations Center (SOC) in an organization's cybersecurity strategy?
A. Monitor and respond to security incidents
B. Develop new security policies
C. Install and configure firewalls
D. Conduct vulnerability assessments
,5. Which of the following is a characteristic of Security Information and Event Management (SIEM)
systems?
A. Log aggregation and correlation
B. Preventing all security incidents
C. Conducting vulnerability assessments
D. Encrypting network traffic
6. What is the primary goal of security awareness training for employees in an organization?
A. Mitigate the risk of human error
B. Eliminate the need for technical controls
C. Block all external email attachments
D. Install and configure firewalls
7. What is the purpose of a honeypot in a cybersecurity strategy?
A. Attract and detect attackers
B. Block all network traffic
C. Monitor and record user activities
D. Encrypt sensitive data at rest
8. What is the primary purpose of a Security Baseline in a cybersecurity program?
A. Establish a secure starting point for systems
B. Identify and exploit vulnerabilities
C. Block all network traffic
D. Conduct penetration testing
9. In the context of security operations, what is the purpose of a Security Control Assessment (SCA)?
A. Evaluate the effectiveness of security controls
B. Monitor and respond to security incidents
C. Develop new security policies
3
, D. Conduct vulnerability assessments
10. What is the purpose of Security Information Sharing and Analysis Centers (ISACs) in the cybersecurity
community?
A. Facilitate collaboration and information sharing
B. Block all network traffic
C. Conduct penetration testing
D. Develop new security policies
11. Which of the following is an example of a security control that falls under the category of
administrative controls?
A. Security policies and procedures
B. Intrusion Detection System (IDS)
C. Encryption
D. Firewalls
12. What is the primary purpose of a Security Posture Assessment in a cybersecurity program?
A. Evaluate the overall security readiness
B. Identify and exploit vulnerabilities
C. Block all network traffic
D. Conduct penetration testing
13. Which SIEM functionality analyzes log data from various security tools to identify potential incidents?
A. SIEM correlation engine
B. Threat intelligence feed integration
C. Both A and B
D. Network traffic analysis
14. Select all that apply: Which tools are helpful for detecting suspicious network activity?
4
