COMPTIA CYSA+ WGU
PRACTICE EXAM QUESTIONS
WITH CORRECT DETAILED
ANSWERS | ALREADY GRADED
A+<RECENT VERSION>
1) Attack surface - answer the collection of all points from which an
adversary may attack is considered the attack surface.
2) Attack vector - answer represents specific points an adversary has
chosen for an attack.
3) Threat model - answer defines the behavior of the adversary.
4) Adversary capability set - answer list of items an adversary can use to
conduct their attack.
5) Ring 0 - answer operating in ring 0 is called 'kernel mode'.
,6) What should a vulnerability report include if a cybersecurity analyst
wants it to accurately reflect the assets scanned? - answer physical and
virtual hosts
7) Microsoft's gpo (group policy object) - answer collection of group
policy settings that defines what a system will look like and how it will
behave for a defined group of users. It allows an administrator to create a
policy and deploy it across many devices in the domain or network.
8) Banner grabbing - answer banner grabbing requires a connection to
the host to grab the banner successfully. This is an active reconnaissance
activity.
9) What is the purpose of removing the server header? - answer to
obscure information about the server's software.
10) What does the server header usually identify? - answer the type
and version of the web server.
11) False positive - answer when conducting a vulnerability scan, it
is common for the report to include some findings that are classified as
"low" priority or "for informational purposes only." these are most likely
false positives and can be ignored by the analyst when starting their
remediation efforts.
12) Cdn (content delivery network) - answer geographically
distributed network of proxy servers and their data centers that provide
high availability and performance by distributing the service spatially
relative to end-users.
13) Scoutsuite - answer open-source tool used to audit instances in
a multi-cloud env.
,14) Diamond model - answer the diamond model provides an
excellent methodology for communicating cyber events and allowing
analysts to derive mitigation strategies implicitly. The diamond model is
constructed around a graphical representation of an attacker's behavior.
15) Output encoding - answer output encoding involves translating
special characters into some different but equivalent form that is no
longer dangerous in the target interpreter, for example, translating the <
character into the < string when writing to an html page.
16) Blind sql injection - answer is a form of sql injection that
overcomes the lack of error messages. Without the error messages that
facilitate sql injection, the attacker constructs input strings that probe the
target through simple boolean sql expressions. The results are usually not
visible to the attacker.
17) Data serialization - answer converting data structures into a
format for storage.
18) Data deserialization - answer converting serialized data back
into original format.
19) Insecure deserialization - answer insecure deserialization is a
type of vulnerability that arises when untrusted data is used to abuse the
logic of an application's deserialization process, allowing an attacker to
execute code, manipulate objects, or perform injection attacks.
20) Application hardening - answer application hardening involves
taking actions to best secure the application from attack. This involves
removing any default or sample configurations, properly configuring
settings, and updating the application to the latest and more secure
version.
, 21) Fuzzing - answer fuzzing or fuzz testing is an automated
software testing technique that involves providing invalid, unexpected, or
random data as inputs to a computer program. The program is then
monitored for exceptions such as crashes, failing built-in code assertions,
or potential memory leaks.
22) Ldap and sso - answer ldap and sso can be used together for
user authentication and access control. Ldap is a directory service
protocol, while sso is a method that allows users to log in once to access
multiple applications. When used together, ldap can store user credentials
and information, and sso can use that information to grant users access to
different applications. Ldap is not a shared authentication protocol.
23) Shared authentication protocol - answer a shared authentication
protocol relies on a pre-established shared secret (like a password or key)
between two parties to verify each other's identities. This secret is used by
both parties to prove their authenticity, ensuring only authorized
individuals can access a network or resource.
24) Formal verification method - answer the process of validating
software design through mathematical modeling of expected inputs and
outputs.
25) Saml (security assertion markup language) - answer saml is an
xml-based open standard that defines how to securely exchange
authentication and authorization data between an identity provider (idp)
and a service provider (sp). It provides a standardized way for
applications to verify a user's identity after an initial login, enabling sso
functionality.
26) Sso (single sign-on) - answer authentication method where
users can access multiple resources on a network using a single account
credentials.
PRACTICE EXAM QUESTIONS
WITH CORRECT DETAILED
ANSWERS | ALREADY GRADED
A+<RECENT VERSION>
1) Attack surface - answer the collection of all points from which an
adversary may attack is considered the attack surface.
2) Attack vector - answer represents specific points an adversary has
chosen for an attack.
3) Threat model - answer defines the behavior of the adversary.
4) Adversary capability set - answer list of items an adversary can use to
conduct their attack.
5) Ring 0 - answer operating in ring 0 is called 'kernel mode'.
,6) What should a vulnerability report include if a cybersecurity analyst
wants it to accurately reflect the assets scanned? - answer physical and
virtual hosts
7) Microsoft's gpo (group policy object) - answer collection of group
policy settings that defines what a system will look like and how it will
behave for a defined group of users. It allows an administrator to create a
policy and deploy it across many devices in the domain or network.
8) Banner grabbing - answer banner grabbing requires a connection to
the host to grab the banner successfully. This is an active reconnaissance
activity.
9) What is the purpose of removing the server header? - answer to
obscure information about the server's software.
10) What does the server header usually identify? - answer the type
and version of the web server.
11) False positive - answer when conducting a vulnerability scan, it
is common for the report to include some findings that are classified as
"low" priority or "for informational purposes only." these are most likely
false positives and can be ignored by the analyst when starting their
remediation efforts.
12) Cdn (content delivery network) - answer geographically
distributed network of proxy servers and their data centers that provide
high availability and performance by distributing the service spatially
relative to end-users.
13) Scoutsuite - answer open-source tool used to audit instances in
a multi-cloud env.
,14) Diamond model - answer the diamond model provides an
excellent methodology for communicating cyber events and allowing
analysts to derive mitigation strategies implicitly. The diamond model is
constructed around a graphical representation of an attacker's behavior.
15) Output encoding - answer output encoding involves translating
special characters into some different but equivalent form that is no
longer dangerous in the target interpreter, for example, translating the <
character into the < string when writing to an html page.
16) Blind sql injection - answer is a form of sql injection that
overcomes the lack of error messages. Without the error messages that
facilitate sql injection, the attacker constructs input strings that probe the
target through simple boolean sql expressions. The results are usually not
visible to the attacker.
17) Data serialization - answer converting data structures into a
format for storage.
18) Data deserialization - answer converting serialized data back
into original format.
19) Insecure deserialization - answer insecure deserialization is a
type of vulnerability that arises when untrusted data is used to abuse the
logic of an application's deserialization process, allowing an attacker to
execute code, manipulate objects, or perform injection attacks.
20) Application hardening - answer application hardening involves
taking actions to best secure the application from attack. This involves
removing any default or sample configurations, properly configuring
settings, and updating the application to the latest and more secure
version.
, 21) Fuzzing - answer fuzzing or fuzz testing is an automated
software testing technique that involves providing invalid, unexpected, or
random data as inputs to a computer program. The program is then
monitored for exceptions such as crashes, failing built-in code assertions,
or potential memory leaks.
22) Ldap and sso - answer ldap and sso can be used together for
user authentication and access control. Ldap is a directory service
protocol, while sso is a method that allows users to log in once to access
multiple applications. When used together, ldap can store user credentials
and information, and sso can use that information to grant users access to
different applications. Ldap is not a shared authentication protocol.
23) Shared authentication protocol - answer a shared authentication
protocol relies on a pre-established shared secret (like a password or key)
between two parties to verify each other's identities. This secret is used by
both parties to prove their authenticity, ensuring only authorized
individuals can access a network or resource.
24) Formal verification method - answer the process of validating
software design through mathematical modeling of expected inputs and
outputs.
25) Saml (security assertion markup language) - answer saml is an
xml-based open standard that defines how to securely exchange
authentication and authorization data between an identity provider (idp)
and a service provider (sp). It provides a standardized way for
applications to verify a user's identity after an initial login, enabling sso
functionality.
26) Sso (single sign-on) - answer authentication method where
users can access multiple resources on a network using a single account
credentials.
