Summer Certification Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

CompTIA CySA+ CS0-003 Full Course Free

Page: 22 / 37
Total 487 questions

CompTIA CyberSecurity Analyst CySA+ Certification Exam Questions and Answers

Question 85

An analyst finds that an IP address outside of the company network that is being used to run network and vulnerability scans across external-facing assets. Which of the following steps of an attack framework is the analyst witnessing?

Options:

A.

Exploitation

B.

Reconnaissance

C.

Command and control

D.

Actions on objectives

Question 86

A company receives a penetration test report summary from a third party. The report summary indicates a proxy has some patches that need to be applied. The proxy is sitting in a rack and is not being

used, as the company has replaced it with a new one. The CVE score of the vulnerability on the proxy is a 9.8. Which of the following best practices should the company follow with this proxy?

Options:

A.

Leave the proxy as is.

B.

Decomission the proxy.

C.

Migrate the proxy to the cloud.

D.

Patch the proxy

Question 87

Which of the following is the best reason to implement an MOU?

Options:

A.

To create a business process for configuration management

B.

To allow internal departments to understand security responsibilities

C.

To allow an expectation process to be defined for legacy systems

D.

To ensure that all metrics on service levels are properly reported

Question 88

A Chief Information Security Officer wants to map all the attack vectors that the company faces each day. Which of the following recommendations should the company align their security controls around?

Options:

A.

OSSTMM

B.

Diamond Model Of Intrusion Analysis

C.

OWASP

D.

MITRE ATT & CK

Page: 22 / 37
Total 487 questions