Practice Exams:

Free CS0-002 Exam Braindumps

Pass your CompTIA Cybersecurity Analyst (CySA+) Certification Exam exam with these free Questions and Answers

Page 25 of 75
PDF with 372 Questions
QUESTION 116

- (Exam Topic 1)
As part of a review of modern response plans, which of the following is MOST important for an organization lo understand when establishing the breach notification period?

  1. A. Organizational policies
  2. B. Vendor requirements and contracts
  3. C. Service-level agreements
  4. D. Legal requirements

Correct Answer: D

QUESTION 117

- (Exam Topic 1)
An organization developed a comprehensive modern response policy Executive management approved the policy and its associated procedures. Which of the following activities would be MOST beneficial to evaluate personnel's familiarity with incident response procedures?

  1. A. A simulated breach scenario evolving the incident response team
  2. B. Completion of annual information security awareness training by ail employees
  3. C. Tabtetop activities involving business continuity team members
  4. D. Completion of lessons-learned documentation by the computer security incident response team
  5. E. External and internal penetration testing by a third party

Correct Answer: A

QUESTION 118

- (Exam Topic 3)
A security analyst is researching ways to improve the security of a company's email system to mitigate emails that are impersonating company executives. Which of the following would be BEST for the analyst to configure to achieve this objective?

  1. A. A TXT record on the name server for SPF
  2. B. DNSSEC keys to secure replication
  3. C. Domain Keys identified Man
  4. D. A sandbox to check incoming mad

Correct Answer: B

QUESTION 119

- (Exam Topic 3)
Which of the following is the software development process by which function, usability, and scenarios are tested against a known set of base requirements?

  1. A. Security regression testing
  2. B. Code review
  3. C. User acceptance testing
  4. D. Stress testing

Correct Answer: C
"User acceptance testing (UAT) is the last phase of the software testing process. During UAT, actual software users test the software to make sure it can handle required tasks in real-world scenarios, according to specifications." https://www.plutora.com/blog/uat-user-acceptance-testing

QUESTION 120

- (Exam Topic 2)
A security analyst needs to develop a brief that will include the latest incidents and the attack phases of the incidents. The goal is to support threat intelligence and identify whether or not the incidents are linked.
Which of the following methods would be MOST appropriate to use?

  1. A. An adversary capability model
  2. B. The MITRE ATT&CK framework
  3. C. The Cyber Kill Chain
  4. D. The Diamond Model of Intrusion Analysis

Correct Answer: C

Page 25 of 75
PDF with 372 Questions

Post your Comments and Discuss CompTIA CS0-002 exam with other Community members: