Winter Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

CompTIA CySA+ CS0-003 CompTIA Study Notes

Page: 9 / 27
Total 367 questions

CompTIA CyberSecurity Analyst CySA+ Certification Exam Questions and Answers

Question 33

During a tabletop exercise, engineers discovered that an ICS could not be updated due to hardware versioning incompatibility. Which of the following is the most likely cause of this issue?

Options:

A.

Legacy system

B.

Business process interruption

C.

Degrading functionality

D.

Configuration management

Question 34

An analyst is conducting routine vulnerability assessments on the company infrastructure. When performing these scans, a business-critical server crashes, and the cause is traced back to the vulnerability scanner. Which of the following is the cause of this issue?

Options:

A.

The scanner is running without an agent installed.

B.

The scanner is running in active mode.

C.

The scanner is segmented improperly.

D.

The scanner is configured with a scanning window.

Question 35

An employee is suspected of misusing a company-issued laptop. The employee has been suspended pending an investigation by human resources. Which of the following is the best step to preserve evidence?

Options:

A.

Disable the user's network account and access to web resources

B.

Make a copy of the files as a backup on the server.

C.

Place a legal hold on the device and the user's network share.

D.

Make a forensic image of the device and create a SRA-I hash.

Question 36

An analyst is reviewing a dashboard from the company’s SIEM and finds that an IP address known to be malicious can be tracked to numerous high-priority events in the last two hours. The dashboard indicates that these events relate to TTPs. Which of the following is the analyst most likely using?

Options:

A.

MITRE ATT&CK

B.

OSSTMM

C.

Diamond Model of Intrusion Analysis

D.

OWASP

Page: 9 / 27
Total 367 questions