CompTIA Cybersecurity Analyst (CySA+) - Module 1: Threat Management

Document Content and Description Below

CompTIA Cybersecurity Analyst (CySA+) - Module 1: Threat Management Which of the following is an alternate name for topology Discovery? Fingerprinting Footprinting Pivotprinting Sniffing -Ans... wer- Footprinting What process allows an analyst to discover the operating system and version of a system? Service Discovery Topology Discovery Log Review OS Fingerprinting -Answer- OS Fingerprinting In what order is an ACL processed? From top to bottom From bottom to top Most specific entry first Least specific entry first -Answer- From top to bottom What is the unwritten rule at the bottom of a firewall's ACL? Implicit Allow Implicit Deny Explicit Deny Explicit Allow -Answer- Implicit Deny Attackers may potentially collect company emails by searching Google. True False -Answer- True Which process would an attacker use to determine who in a company is most likely to be tricked into giving up company information? Social Engineering Phishing Social Media Profiling Email Harvesting -Answer- Social Media Profiling What type of Phishing is sent over a text message specifically? Vishing Spear Phishing SMiShing Whaling -Answer- SMiShing Internal DNS servers need to be protected from an attacker to prevent the leakage of email records within a company. True False -Answer- False Due to the amount of a network that is physically wired it is more difficult to prevent access to a physical network than a wireless one. True False -Answer- False Which of the following wireless protocols can be used to best supply security for a wireless network? WEP TKIP WPA2 WPA -Answer- WPA2 A virtual network is more secure network for which of the following reasons? They are easier to patch They can't spread viruses Virtual machines can't compromise their host They're easier to isolate -Answer- They're easier to isolate In which way can an IDS protect a network? (Choose all that apply) Reactively Proactively Actively Passively -Answer- Reactively & Passively Which of the following methods can be used to delay a scan to avoid detection? Sparse scanning Traceroute scan half-open scan Randomized scan -Answer- Sparse scanning Which tool can be used to test many different port states on a Linux or Windows device? Firewall Packet Analyze Netstat Syslog -Answer- Netstat Of the IDS/ IPS systems which will have the best ability to prevent an attack on a network scale? HIDS HIPS NIDS NIPS -Answer- NIPS Of the IDS/ IPS systems which will be best at protecting a system while minimizing service interruptions? HIDS HIPS NIDS NIPS -Answer- HIDS When reviewing a Syslog report which of the following severities would have the highest priority? 0 4 7 10 -Answer- 0 Which of the following Windows commands would allow the user to determine the path that traffic takes through the network. Traceroute Netstat NMAP Tracert -Answer- Tracert Spear phishing is when an attacker goes after corporate data by calling up the CEO or other upper-level employees. True False -Answer- False Employees need not be trained in current social engineering attacks as plenty of other countermeasures exist to prevent somebody from falling victim to one of these attacks such as email filters. True False -Answer- False [Show More]

Last updated: 1 year ago

Preview 1 out of 12 pages