CompTIA CySA+ Practice Test Exam CS0–001
An organization has recently experienced a data breach. A forensic analysis confirmed the attacker found a
... [Show More] legacy web server that had not been used in over a year and was not regularly patched. After a
discussion with the security team, management decided to initiate a program of network reconnaissance and penetration testing. They want
to start the process by scanning the network for active hosts and open ports. Which of the following tools is
BEST suited for this job?
A. Ping
B. Nmap
C. Netstat
D. ifconfig
E. Wireshark
F. L0phtCrack - B. Nmap
A medical organization recently started accepting payments over the phone. The manager is concerned
about the impact of the storage of different types of data. Which of the following types of data incurs the
highest regulatory constraints?
A. PHI
B. PCI
C. PII
D. IP - B. PCI
An organization wants to remediate vulnerabilities associated with its web servers. An initial vulnerability
scan has been performed, and analysts are reviewing the results. Before starting any remediation, the
analysts want to remove false positives to avoid spending time on issues that are not actual vulnerabilities. Which of the following would
be an indicator of a likely false positive?
A. Reports indicate that findings are informational.
B. Any items labeled `low' are considered informational only.
C. The scan result version is different from the automated asset inventory.
D. `HTTPS' entries indicate the web page is encrypted securely. - B. Any items labeled `low' are considered informational only.
An insurance company employs quick-response team drivers that carry corporate-issued mobile devices
with the insurance company's app installed on them. Devices are configuration-hardened by an MDM and
kept up to date. The employees use the app to collect insurance claim information and process payments. Recently, a number of customers have filed complaints of credit card fraud against the insurance company, which occurred shortly after their payments were processed via the mobile app. The cyber-incident response team has been asked to investigate.
Which of the following is MOST likely the cause?
A. The MDM server is misconfigured.
B. The app does not employ TLS.
C. USB tethering is enabled.
D. 3G and less secure cellular technologies are not restricted. - B. The app does not employ TLS.
A cybersecurity consultant found common vulnerabilities across the following services used by multiple servers at an organization: VPN, SSH, and HTTPS. Which of the following is the MOST likely reason for the discovered vulnerabilities?
A. Leaked PKI private key
B. Vulnerable version of OpenSSL
C. Common initialization vector
D. Weak level of encryption entropy
E. Vulnerable implementation of PEAP - D. Weak level of encryption entropy
A recent audit included a vulnerability scan that found critical patches released 60 days prior were not
applied to servers in the environment. The infrastructure team was able to isolate the issue and determined it was due to a service being disabled on the server running the automated patch management application. Which of the following would be the MOST efficient way to avoid similar audit findings in the future?
A. Implement a manual patch management application package to regain greater control over the
process.
B. Create a patch management policy that requires all servers to be patched within 30 days of patch
release.
C. Implement service monitoring to validate that tools are functioning properly.
D. Set services on the patch management server to automatically run on start-up. - D. Set services on the patch management server to automatically run on start-up.
Which of the following could be directly impacted by an unpatched vulnerability in vSphere ESXi? [Show Less]