Practice Exams:

Free CS0-002 Exam Braindumps

Pass your CompTIA Cybersecurity Analyst (CySA+) Certification Exam exam with these free Questions and Answers

Page 22 of 75
PDF with 372 Questions
QUESTION 101

- (Exam Topic 1)
A security analyst received an email with the following key: Xj3XJ3LLc
A second security analyst received an email with following key: 3XJ3xjcLLC
The security manager has informed the two analysts that the email they received is a key that allows access to the company’s financial segment for maintenance. This is an example of:

  1. A. dual control
  2. B. private key encryption
  3. C. separation of duties
  4. D. public key encryption
  5. E. two-factor authentication

Correct Answer: A

QUESTION 102

- (Exam Topic 3)
An analyst is responding 10 an incident involving an attack on a company-owned mobile device that was being used by an employee to collect data from clients in the held. Maiware was loaded on the device via the installation of a third-party software package The analyst has baselined the device Which of the following should the analyst do to BEST mitigate future attacks?

  1. A. Implement MDM
  2. B. Update the maiware catalog
  3. C. Patch the mobile device's OS
  4. D. Block third-party applications

Correct Answer: A

QUESTION 103

- (Exam Topic 2)
A security analyst is generating a list of recommendations for the company's insecure API. Which of the following is the BEST parameter mitigation rec

  1. A. Implement parameterized queries.
  2. B. Use effective authentication and authorization methods.
  3. C. Validate all incoming data.
  4. D. Use TLs for all data exchanges.

Correct Answer: D

QUESTION 104

- (Exam Topic 2)
A security analyst reviews a recent network capture and notices encrypted inbound traffic on TCP port 465 was coming into the company's network from a database server. Which of the following will the security analyst MOST likely identify as the reason for the traffic on this port?

  1. A. The server is receiving a secure connection using the new TLS 1.3 standard
  2. B. Someone has configured an unauthorized SMTP application over SSL
  3. C. The traffic is common static data that Windows servers send to Microsoft
  4. D. A connection from the database to the web front end is communicating on the port

Correct Answer: B

QUESTION 105

- (Exam Topic 1)
A development team signed a contract that requires access to an on-premises physical server. Access must be restricted to authorized users only and cannot be connected to the Internet.
Which of the following solutions would meet this requirement?

  1. A. Establish a hosted SSO.
  2. B. Implement a CASB.
  3. C. Virtualize the server.
  4. D. Air gap the server.

Correct Answer: D

Page 22 of 75
PDF with 372 Questions

Post your Comments and Discuss CompTIA CS0-002 exam with other Community members: