CS0-002試験無料問題集（371題）「CompTIA Cybersecurity Analyst (CySA+) Certification 認定」

出題：1

An organization wants to consolidate a number of security technologies throughout the organization and standardize a workflow for identifying security issues prioritizing the severity and automating a response Which of the following would best meet the organization's needs'?

A. CI/CD

B. SIEM

C. SOAR

D. MaaS

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

Which of the following BEST explains the function of trusted firmware updates as they relate to hardware assurance?

A. Trusted firmware updates provide organizations with security specifications, open-source libraries, and custom toots for embedded devices.

B. Trusted firmware updates provide organizations with secure code signing, distribution, installation. and attestation for embedded devices.

C. Trusted firmware updates provide organizations with remote code execution, distribution, maintenance, and extended warranties for embedded devices

D. Trusted firmware updates provide organizations with development, compilation, remote access, and customization for embedded devices.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

A systems administrator believes a user's workstation has been compromised. The workstation's performance has been lagging significantly for the past several hours. The administrator runs the task list
/ v command and receives the following output:

Which of the following should a security analyst recognize as an indicator of compromise?

A. The abnormal behavior of paint.exe

B. dwm.exe being executed under the user context

C. svchost.exe being executed as SYSTEM

D. The high usage of vscode. exe * 32

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

An incident response team detected malicious software that could have gained access to credit card dat a. The incident response team was able to mitigate significant damage and implement corrective actions. By having incident response mechanisms in place. Which of the following should be notified for lessons learned?

A. The legal team

B. Company leadership

C. The human resources department

D. Customers

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

During a review of the vulnerability scan results on a server, an information security analyst notices the following:

The MOST appropriate action for the analyst to recommend to developers is to change the web server so:

A. It only accepts TLSvl 2

B. SSL/TLS is offloaded to a WAF and load balancer

C. It no longer accepts the vulnerable cipher suites

D. It only accepts cipher suites using AES and SHA

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：6

A security analyst needs to recommend the best approach to test a new application that simulates abnormal user behavior to find software bugs. Which of the following would best accomplish this task?

A. Fuzzing tools with polymorphic methods

B. A dynamic analysis using a dictionary to simulate user inputs

C. A static analysis to find libraries with flaws handling user inputs

D. Reverse engineering to circumvent software protections

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

Which of me following are reasons why consumer IoT devices should be avoided in an enterprise environment? (Select TWO)

A. The devices may have weak or known passwords.

B. Message queuing telemetry transport does not support encryption.

C. The devices may cause a dramatic Increase in wireless network traffic.

D. The devices may utilize unsecure network protocols.

E. The devices are not compatible with TLS 12.

F. Multiple devices may interface with the functions of other loT devices.

正解：A,D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

A technician working at company.com received the following email:

After looking at the above communication, which of the following should the technician recommend to the security team to prevent exposure of sensitive information and reduce the risk of corporate data being stored on non-corporate assets?

A. A rule should be placed on the DLP to flag employee IDs and serial numbers.

B. A VPN should be used to allow technicians to troubleshoot computer issues securely.

C. Forwarding of corporate email should be disallowed by the company.

D. An email banner should be implemented to identify emails coming from external sources.

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：9

A user reports a malware alert to the help desk. A technician verities the alert, determines the workstation is classified as a low-severity device, and uses network controls to block access. The technician then assigns the ticket to a security analyst who will complete the eradication and recovery processes. Which of the following should the security analyst do next?

A. Isolate the workstation and issue a new computer to the user.

B. Document the procedures and walk through the incident training guide.

C. Sanitize the workstation and verify countermeasures are restored.

D. Reverse engineer the malware to determine its purpose and risk to the organization.

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：10

A security analyst is performing a Diamond Model analysis of an incident the company had last quarter. A potential benefit of this activity is that it can identify:

A. which systems were exploited more frequently.

B. which analysts require more training.

C. possible evidence that is missing during forensic analysis.

D. the time spent by analysts on each of the incidents.

E. detection and prevention capabilities to improve.

正解：E 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：11

A company wants to ensure confidential data from its storage media files is sanitized so the drives cannot oe reused. Which of the following is the BEST approach?

A. Formatting

B. Degaussing

C. Encrypting

D. Shredding

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：12

An organization has the following policies:
*Services must run on standard ports.
*Unneeded services must be disabled.
The organization has the following servers:
*192.168.10.1 - web server
*192.168.10.2 - database server
A security analyst runs a scan on the servers and sees the following output:

Which of the following actions should the analyst take?

A. Disable SSH on both servers.

B. Disable MSSQL on 192.168.10.2.

C. Disable DNS on 192.168.10.2.

D. Disable HTTPS on 192.168.10.1.

E. Disable IIS on 192.168.10.1.

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：13

A new prototype for a company's flagship product was leaked on the internet As a result, the management team has locked out all USB drives Optical drive writers are not present on company computers The sales team has been granted an exception to share sales presentation files with third parties Which of the following would allow the IT team to determine which devices are USB enabled?

A. Data loss prevention

B. Device encryption

C. Asset tagging

D. SIEMIogs

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：14

A security analyst is reviewing a new Internet portal that will be used for corporate employees to obtain their pay statements. Corporate policy classifies pay statement information as confidential, and it must be protected by MFA.
Which of the following would best fulfill the MFA requirement while keeping the portal accessible from the internet?

A. Obtaining home public IP addresses of corporate employees to implement source IP restrictions and requiring a username and password

B. Requiring the internet portal to be accessible from only the corporate SSO internet endpoint and requiring a smart card and PIN

C. Distributing a shared password that must be provided before the internet portal loads and requiring a username and password

D. Moving the internet portal server to a DMZ that is only accessible from the corporate VPN and requiring a username and password

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：15

During an audit several customer order forms were found to contain inconsistencies between the actual price of an item and the amount charged to the customer Further investigation narrowed the cause of the issue to manipulation of the public-facing web form used by customers to order products Which of the following would be the BEST way to locate this issue?

A. Deploy MFA for access to the web server

B. Run a static code scan

C. Reduce the session timeout threshold

D. Implement input validation

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

CS0-002試験無料問題集「CompTIA Cybersecurity Analyst (CySA+) Certification 認定」