CS0-001 by CompTIA Actual Free Exam Questions And Answers

Question 1

A security analyst is reviewing the following log after enabling key-based authentication.

Given the above information, which of the following steps should be performed NEXT to secure the system?

A. Disable anonymous SSH logins.

B. Disable password authentication for SSH.

C. Disable remote root SSH logins.

D. Disable SSHv1.

Discussion 0

Correct Answer: B Vote an answer

Question 2

Which of the following BEST describes the offensive participants in a tabletop exercise?

A. Operations team

B. System administrators

C. Red team

D. Blue team

E. Security analysts

Discussion 0

Correct Answer: C Vote an answer

Question 3

A cybersecurity analyst was hired to resolve a security issue within a company after it was reported that many employee account passwords had been compromised. Upon investigating the incident, the cybersecurity analyst found that a brute force attack was launched against the company.
Which of the following remediation actions should the cybersecurity analyst recommend to senior management to address these security issues?

A. Implement DLP solution.

B. Require security awareness training.

C. Prohibit password reuse using a GPO.

D. Deploy multifactor authentication.

Discussion 0

Correct Answer: D Vote an answer

Question 4

A security analyst performed a review of an organization's software development life cycle. The analyst reports that the life cycle does not contain in a phase in which team members evaluate and provide critical feedback on another developer's code. Which of the following assessment techniques is BEST for describing the analyst's report?

A. Architectural evaluation

B. Peer review

C. Waterfall

D. Whitebox testing

Discussion 0

Correct Answer: B Vote an answer

Question 5

Which of the following commands would a security analyst use to make a copy of an image for forensics use?

A. wget

B. rm

C. dd

D. touch

Discussion 0

Correct Answer: C Vote an answer

Question 6

A cybersecurity analyst is currently using Nessus to scan several FTP servers. Upon receiving the results of the scan, the analyst needs to further test to verify that the vulnerability found exists. The analyst uses the following snippet of code:

Which of the following vulnerabilities is the analyst checking for?

A. Format string attack

B. Default passwords

C. Buffer overflow

D. SQL injection

Discussion 0

Correct Answer: D Vote an answer

Question 7

A security analyst at a large financial institution is evaluating the security posture of a smaller financial company. The analyst is performing the evaluation as part of a due diligence process prior to a potential acquisition. With which of the following threats should the security analyst be MOST concerned? (Choose two.)

A. The industry regulator may decide that the acquisition will result in unfair competitive advantage if the acquisition were to take place.

B. The company being acquired may already be compromised and this could pose a risk to the parent company's assets.

C. The parent company is only going through this process to identify and steal the intellectual property of the smaller company.

D. Breach of confidentiality and market risks can occur if the potential acquisition is leaked to the press.

E. Employees at the company being acquired will be hostile to the security analyst and may not provide honest answers.

F. Employees at the company being acquired will be hostile to the security analyst and may not provide honest answers.

Discussion 0

Correct Answer: B,D Vote an answer

Question 8

A security analyst Is reviewing the most recent company scan results. Multiple Linux systems do not return any results. A comparison of the previous report, however, shows these same systems had several open vulnerabilities. Which of the following steps should the security analyst take NEXT?

A. Submit the remediation report to management to illustrate progress.

B. Ensure kernel access Is granted to the scanner for authentication.

C. Ensure the systems are available to the scanner.

D. Submit the results to operations for validation of remediation.

Discussion 0

Correct Answer: D Vote an answer

Question 9

An analyst performed the following activities:
1. Review the security logs.
2. Install a surveillance camera.
3. Analyst trend reports.
Which of the following job responsibilities is the analyst performing? (select TWO.)

A. Detect a security incident.

B. Implement monitoring controls

C. Encrypt the devices.

D. Reduce attack surface of the system.

E. Implement network devices

F. Prevent unauthorized access.

Discussion 0

Correct Answer: B,F Vote an answer

Question 10

An analyst was investigating the attack that took place on the network. A user was able to access the system without proper authentication. Which of the following will the analyst recommend, related to management approaches, in order to control access? (Choose three.)

Discussion 0

Correct Answer: A,D,E Vote an answer

CompTIA Cybersecurity Analyst (CySA+) Certification - CS0-001 Exam Practice Test

Contact Us

Useful Links

Latest Updated