CompTIA Cybersecurity Analyst (CySA+) Certification - CS0-001 FREE EXAM DUMPS QUESTIONS & ANSWERS

Which of the following has the GREATEST impact to the data retention policies of an organization?
Correct Answer: B Vote an answer
A security administrator uses FTK to take an image of a hard drive that is under investigation. Which of the following processes are used to ensure the image is the same as the original disk? (Choose two.)
Correct Answer: A,C Vote an answer
A cybersecurity analyst develops a regular expression to find data within traffic that will alarm on a hit.

The SIEM alarms on seeing this data in cleartext between the web server and the database server.

Which of the following types of data would the analyst MOST likely to be concerned with, and to which type of data classification does it belong?
Correct Answer: C Vote an answer
A cyber incident response team finds a vulnerability on a company website that allowed an attacker to inject malicious code into its web application. There have been numerous unsuspecting users visiting the infected page, and the malicious code executed on the victim's browser has led to stolen cookies, hijacked sessions, malware execution, and bypassed access control. Which of the following exploits is the attacker conducting on the company's website?
Correct Answer: C Vote an answer
A newly discovered malware has a known behavior of connecting outbound to an external destination on port 27500 for the purposes of exfiltrating data. The following are four snippets taken from running netstat -an on separate Windows workstations:




Based on the above information, which of the following is MOST likely to be exposed to this malware?
Correct Answer: D Vote an answer
A cybersecurity analyst has several SIEM event logs to review for possible APT activity. The analyst was given several items that include lists of indicators for both IP addresses and domains. Which of the following actions is the BEST approach for the analyst to perform?
Correct Answer: C Vote an answer
The software development team pushed a new web application into production for the accounting department. Shortly after the application was published, the head of the accounting department informed IT operations that the application was not performing as intended. Which of the following SDLC best practices was missed?
Correct Answer: D Vote an answer
In the development stage of the incident response policy, the security analyst needs to determine the stakeholders for the policy. Who of the following would be the policy stakeholders?
Correct Answer: B Vote an answer
An insurance company employs quick-response team drivers that carry corporate-issued mobile devices with the insurance company's app installed on them. Devices are configuration-hardened by an MDM and kept up to date. The employees use the app to collect insurance claim information and process payments. Recently, a number of customers have filed complaints of credit card fraud against the insurance company, which occurred shortly after their payments were processed via the mobile app. The cyber-incident response team has been asked to investigate. Which of the following is MOST likely the cause?
Correct Answer: A Vote an answer
0
0
0
10