CYSA CompTIA Verified Multiple Choice and Conceptual Actual Emended
Exam Questions With Reviewed 100% Correct Detailed Answers
Guaranteed Pass!!Current Update
Question 1
A recent zero-day vulnerability is being
actively exploited, requires no user inter-
action or privilege escalation, and has a
significant impact to confidentiality and
integrity but not to availability. Which of
the following CVE metrics would be most
accurate for this zero-day threat? A. CVSS: 31/AV: N/AC: L/PR: N/UI: N/S:
A. CVSS: 31/AV: N/AC: L/PR: N/UI: N/S: U/C: H: K/A: L
U/C: H: K/A: L
B.
CVSS:31/AV:K/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L
C.
CVSS:31/AV:N/AC:L/PR:N/UI:H/S:U/C:L/I:N/A:H
D.
CVSS:31/AV:L/AC:L/PR:R/UI:R/S:U/C:H/I:L/A:H
Question 2
Which of the following tools would work
best to prevent the exposure of PII out-
side of an organization?
D. DLP
A. PAM
B. IDS
C. PKI
D. DLP
Question 3
An organization conducted a web appli-
cation vulnerability assessment against
the corporate website, and the following
output was observed:
C. Configure an Access-Control-Al- Which of the following tuning recom-
low-Origin header to authorized domains mendations should the security analyst
share?
A. Set an HttpOnlvflaq to force communi-
cation by HTTPS
B. Block requests without an
X-Frame-Options header
C. Configure an Access-Control-Al-
, CYSA CompTIA Verified Multiple Choice and Conceptual Actual Emended
Exam Questions With Reviewed 100% Correct Detailed Answers
Guaranteed Pass!!Current Update
low-Origin header to authorized domains
D. Disable the cross-origin resource
sharing header
Question 4
Which of the following items should be
included in a vulnerability scan report?
(Choose two.)
A. Lessons learned D. Affected hosts
B. Service-level agreement E. Risk score
C. Playbook
D. Affected hosts
E. Risk score
F. Education plan
Question 5
The Chief Executive Officer of an or-
ganization recently heard that exploita-
tion of new attacks in the industry was
happening approximately 45 days after a
patch was released. Which of the follow- A. A mean time to remediate of 30 days
ing would best protect this organization?
A. A mean time to remediate of 30 days
B. A mean time to detect of 45 days
C. A mean time to respond of 15 days
D. Third-party application testing
Question 7
company's user accounts have been
compromised. Users are also report-
ing that the company's internal portal
is sometimes only accessible through
HTTP, other times; it is accessible
through HTTPS. Which of the following
, CYSA CompTIA Verified Multiple Choice and Conceptual Actual Emended
Exam Questions With Reviewed 100% Correct Detailed Answers
Guaranteed Pass!!Current Update
most likely describes the observed activ-
ity?
A. There is an issue with the SSL cer-
tificate causinq port 443 to become un-
available for HTTPS access
B. An on-path attack is being performed
B. An on-path attack is being performed
by someone with internal access that
by someone with internal access that
forces users into port 80
forces users into port 80
C. The web server cannot handle an in-
creasing amount of HTTPS requests so
it forwards users to port 80
D. An error was caused by BGP due to
new rules applied over the company's
internal routers
Question 6
A security analyst recently joined the
team and is trying to determine which
scripting language is being used in a pro-
duction script to determine if it is mali-
cious. Given the following script:
A. PowerShel Which of the following scripting lan-
guages was used in the script?
A. PowerShel
B. Ruby
C. Python
D. Shell script
Question 8
A security analyst is tasked with priori-
tizing vulnerabilities for remediation. The
relevant company security policies are
shown below:
Security Policy 1006: Vulnerability Man-
agement
1. The Company shall use the CVSSv3.1
Base Score Metrics (Exploitability and
Impact) to prioritize the remediation of
security vulnerabilities.
, CYSA CompTIA Verified Multiple Choice and Conceptual Actual Emended
Exam Questions With Reviewed 100% Correct Detailed Answers
Guaranteed Pass!!Current Update
2. In situations where a choice must be
made between confidentiality and avail-
ability, the Company shall prioritize con-
fidentiality of data over availability of sys-
tems and data.
3. The Company shall prioritize patching
of publicly available systems and ser-
vices over patching of internally available
B. Name: CAP.SHIELD -CVSS
system.
3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
According to the security policy, which of
External System
the following vulnerabilities should be the
highest priority to patch?
A. Name: THOR.HAMMER
-CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Internal System
B. Name: CAP.SHIELD -CVSS
3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
External System
C
Question 9
Which of the following will most likely
ensure that mission-critical services are
available in the event of an incident?
A. Business continuity plan
A. Business continuity plan
B. Vulnerability management plan
C. Disaster recovery plan
D. Asset management plan
Question 10
The Chief Information Security Officer
wants to eliminate and reduce shadow IT
in the enterprise. Several high-risk cloud A. Deploy a CASB and enable policy en-
applications are used that increase the forcement
risk to the organization. Which of the fol-
lowing solutions will assist in reducing
the risk?
Exam Questions With Reviewed 100% Correct Detailed Answers
Guaranteed Pass!!Current Update
Question 1
A recent zero-day vulnerability is being
actively exploited, requires no user inter-
action or privilege escalation, and has a
significant impact to confidentiality and
integrity but not to availability. Which of
the following CVE metrics would be most
accurate for this zero-day threat? A. CVSS: 31/AV: N/AC: L/PR: N/UI: N/S:
A. CVSS: 31/AV: N/AC: L/PR: N/UI: N/S: U/C: H: K/A: L
U/C: H: K/A: L
B.
CVSS:31/AV:K/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L
C.
CVSS:31/AV:N/AC:L/PR:N/UI:H/S:U/C:L/I:N/A:H
D.
CVSS:31/AV:L/AC:L/PR:R/UI:R/S:U/C:H/I:L/A:H
Question 2
Which of the following tools would work
best to prevent the exposure of PII out-
side of an organization?
D. DLP
A. PAM
B. IDS
C. PKI
D. DLP
Question 3
An organization conducted a web appli-
cation vulnerability assessment against
the corporate website, and the following
output was observed:
C. Configure an Access-Control-Al- Which of the following tuning recom-
low-Origin header to authorized domains mendations should the security analyst
share?
A. Set an HttpOnlvflaq to force communi-
cation by HTTPS
B. Block requests without an
X-Frame-Options header
C. Configure an Access-Control-Al-
, CYSA CompTIA Verified Multiple Choice and Conceptual Actual Emended
Exam Questions With Reviewed 100% Correct Detailed Answers
Guaranteed Pass!!Current Update
low-Origin header to authorized domains
D. Disable the cross-origin resource
sharing header
Question 4
Which of the following items should be
included in a vulnerability scan report?
(Choose two.)
A. Lessons learned D. Affected hosts
B. Service-level agreement E. Risk score
C. Playbook
D. Affected hosts
E. Risk score
F. Education plan
Question 5
The Chief Executive Officer of an or-
ganization recently heard that exploita-
tion of new attacks in the industry was
happening approximately 45 days after a
patch was released. Which of the follow- A. A mean time to remediate of 30 days
ing would best protect this organization?
A. A mean time to remediate of 30 days
B. A mean time to detect of 45 days
C. A mean time to respond of 15 days
D. Third-party application testing
Question 7
company's user accounts have been
compromised. Users are also report-
ing that the company's internal portal
is sometimes only accessible through
HTTP, other times; it is accessible
through HTTPS. Which of the following
, CYSA CompTIA Verified Multiple Choice and Conceptual Actual Emended
Exam Questions With Reviewed 100% Correct Detailed Answers
Guaranteed Pass!!Current Update
most likely describes the observed activ-
ity?
A. There is an issue with the SSL cer-
tificate causinq port 443 to become un-
available for HTTPS access
B. An on-path attack is being performed
B. An on-path attack is being performed
by someone with internal access that
by someone with internal access that
forces users into port 80
forces users into port 80
C. The web server cannot handle an in-
creasing amount of HTTPS requests so
it forwards users to port 80
D. An error was caused by BGP due to
new rules applied over the company's
internal routers
Question 6
A security analyst recently joined the
team and is trying to determine which
scripting language is being used in a pro-
duction script to determine if it is mali-
cious. Given the following script:
A. PowerShel Which of the following scripting lan-
guages was used in the script?
A. PowerShel
B. Ruby
C. Python
D. Shell script
Question 8
A security analyst is tasked with priori-
tizing vulnerabilities for remediation. The
relevant company security policies are
shown below:
Security Policy 1006: Vulnerability Man-
agement
1. The Company shall use the CVSSv3.1
Base Score Metrics (Exploitability and
Impact) to prioritize the remediation of
security vulnerabilities.
, CYSA CompTIA Verified Multiple Choice and Conceptual Actual Emended
Exam Questions With Reviewed 100% Correct Detailed Answers
Guaranteed Pass!!Current Update
2. In situations where a choice must be
made between confidentiality and avail-
ability, the Company shall prioritize con-
fidentiality of data over availability of sys-
tems and data.
3. The Company shall prioritize patching
of publicly available systems and ser-
vices over patching of internally available
B. Name: CAP.SHIELD -CVSS
system.
3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
According to the security policy, which of
External System
the following vulnerabilities should be the
highest priority to patch?
A. Name: THOR.HAMMER
-CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Internal System
B. Name: CAP.SHIELD -CVSS
3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
External System
C
Question 9
Which of the following will most likely
ensure that mission-critical services are
available in the event of an incident?
A. Business continuity plan
A. Business continuity plan
B. Vulnerability management plan
C. Disaster recovery plan
D. Asset management plan
Question 10
The Chief Information Security Officer
wants to eliminate and reduce shadow IT
in the enterprise. Several high-risk cloud A. Deploy a CASB and enable policy en-
applications are used that increase the forcement
risk to the organization. Which of the fol-
lowing solutions will assist in reducing
the risk?
