CompTIA CySA+ Cybersecurity Analyst Certification Passport (Exam CS0-002) by Bobby E. Rogers

Author:Bobby E. Rogers [Bobby E. Rogers]
Language: eng
Format: epub
Publisher: McGraw-Hill
Published: 2020-12-31T16:00:00+00:00

3.1 QUESTIONS

1. Rico is a cybersecurity analyst who is trying to perform analysis on unusual traffic patterns. The traffic does not match any known patterns and is not within the normal baseline of the organization’s network traffic. Which of the following types of analysis would be best suited for Rico to use to match this abnormal traffic with characteristics of known attack methods?

A. Signature-based analysis

B. behavioral-based analysis

C. Heuristic analysis

D. Trend analysis

2. Barney is a cybersecurity analyst who is attempting to configure network devices to prevent any potential malware from broadcasting outside the organization’s network to an Internet command-and-control server. When he first analyzes a potential piece of malware, he sees that it is configured to send messages to a specific domain, which he promptly blocks. Several weeks later, he detects that same piece of malware on the network, as well as network traffic that indicates it is messaging a malicious server on the Internet. Which the following techniques did the malware most likely used to achieve this?

A. User and entity behavior analytics

B. Domain generation algorithm

C. Sender Policy Framework

D. Embedded links

3. You are a cybersecurity analyst who is looking at a large volume of network traffic data, collected over a period of two years, in an effort to determine why bandwidth usage increased over that time period. What type of analysis are you conducting?

A. Historical analysis

B. Traffic analysis

C. User and entity behavior analytics

D. Heuristics analysis

4. You are a cybersecurity analyst who has been tasked to review logs from over 200 individual hosts that make up your network. After two weeks of trying and failing to visit every single host to review their logs, you decide to come up with a better solution. Which of the following is the best solution for examining large numbers of logs in a central location?

A. Syslog server

B. SIEM system

C. Web application firewall

D. Proxy server

5. Amie is upgrading the organization’s e-mail server and wants to include several security technologies in the implementation. She is looking at a specific technology that provides a method for recipients to verify messages by publishing the organization’s public key to DNS records, which can be queried and verified by e-mail recipients. Which of the following technologies is Amie considering?

A. Digital signatures

B. Domain-based Message Authentication, Reporting, and Conformance (DMARC)

C. Sender Policy Framework (SPF)

D. Domain Keys Identified Mail (DKIM)

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.