Practice Exams:

Free CS0-002 Exam Braindumps

Pass your CompTIA Cybersecurity Analyst (CySA+) Certification Exam exam with these free Questions and Answers

Page 17 of 75
PDF with 372 Questions
QUESTION 76

- (Exam Topic 2)
A security analyst for a large pharmaceutical company was given credentials from a threat intelligence resources organisation for Internal users, which contain usernames and valid passwords for company accounts. Which of the following is the FIRST action the analyst should take as part of security operations monitoring?

  1. A. Run scheduled antivirus scans on all employees' machines to look for malicious processes.
  2. B. Reimage the machines of all users within the group in case of a malware infection.
  3. C. Change all the user passwords to ensure the malicious actors cannot use them.
  4. D. Search the event logs for event identifiers that indicate Mimikatz was used.

Correct Answer: D

QUESTION 77

- (Exam Topic 3)
A security analyst needs to determine the best method for securing access to a top-secret datacenter Along with an access card and PIN code, which of the following additional authentication methods would be BEST to enhance the datacenter's security?

  1. A. Physical key
  2. B. Retinal scan
  3. C. Passphrase
  4. D. Fingerprint

Correct Answer: D

QUESTION 78

- (Exam Topic 3)
A security officer needs to find the most cost-effective solution to the current data privacy and protection gap found in the last security assessment. Which of the following is the BEST recommendation?

  1. A. Require users to sign NDAs
  2. B. Create a data minimization plan.
  3. C. Add access control requirements.
  4. D. Implement a data loss prevention solution.

Correct Answer: B

QUESTION 79

- (Exam Topic 3)
Which of the following is a difference between SOAR and SCAP?

  1. A. SOAR can be executed taster and with fewer false positives than SCAP because of advanced heunstics
  2. B. SOAR has a wider breadth of capability using orchestration and automation, while SCAP is more limited in scope
  3. C. SOAR is less expensive because process and vulnerability remediation is more automated than what SCAP does
  4. D. SOAR eliminates the need for people to perform remediation, while SCAP relies heavily on security analysts

Correct Answer: D

QUESTION 80

- (Exam Topic 1)
Which of the following technologies can be used to house the entropy keys for task encryption on desktops and laptops?

  1. A. Self-encrypting drive
  2. B. Bus encryption
  3. C. TPM
  4. D. HSM

Correct Answer: A

Page 17 of 75
PDF with 372 Questions

Post your Comments and Discuss CompTIA CS0-002 exam with other Community members: