CertsTopics Logo

New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

CompTIA CySA+ CS0-001 Dumps PDF

Page: 9 / 17
Total 455 questions
Get CS0-001 Full Access Download CS0-001 PDF

CompTIA CSA+ Certification Exam Questions and Answers

Question 33

During a recent audit, there were a lot of findings similar to and including the following:

Which of the following would be the BEST way to remediate these findings and minimize similar findings in the future?

Options:

A.

Use an automated patch management solution.

B.

Remove the affected software programs from the servers.

C.

Run Microsoft Baseline Security Analyzer on all of the servers.

D.

Schedule regular vulnerability scans for all servers on the network.

Question 34

A malicious hacker wants to gather guest credentials on a hotel 802.11 network. Which of the following tools is the malicious hacker going to use to gain access to information found on the hotel network?

Options:

A.

Nikto

B.

Aircrak-ng

C.

Nessus

D.

tcpdump

Question 35

Policy allows scanning of vulnerabilities during production hours, but production servers have been crashing lately due to unauthorized scans performed by junior technicians. Which of the following is the BEST solution to avoid production server downtime due to these types of scans?

Options:

A.

Transition from centralized to agent-based scans.

B.

Require vulnerability scans be performed by trained personnel.

C.

Configure daily-automated detailed vulnerability reports.

D.

Implement sandboxing to analyze the results of each scan.

E.

Scan only as required for regulatory compliance.

Question 36

A cybersecurity analyst was asked to review several results of web vulnerability scan logs.

Given the following snippet of code:

Which of the following BEST describes the situation and recommendations to be made?

Options:

A.

The security analyst has discovered an embedded iframe pointing to source IP 65.240.22.1 network. The code should include the domain name. Recommend the entry be updated with the domain name.

B.

The security analyst has discovered an embedded iframe that is hidden from users accessing the web page. This code is correct. This is a design preference, and no vulnerabilities are present.

C.

The security analyst has discovered an embedded iframe pointing to source IP 65.240.22.1 network. The link is hidden and suspicious. Recommend the entry be removed from the web page.

D.

The security analyst has discovered an embedded iframe pointing to source IP 65.240.22.1 network. Recommend making the iframe visible. Fixing the code will correct the issue.

Page: 9 / 17
Total 455 questions
Get CS0-001 Full Access Download CS0-001 PDF