Comptia CySA+ CS0-001 Certification Review Questions and answers for free Online

General Knowledge
General Aptitude
General English
Networking
Interview Questions
- .NET
- Java
- ASP.NET
- C++
- Perl
- Python
- Ruby and Rails
- Struts
- Core Java
- Hibernate
- DB2
- MS SQL Server
- MySQL
- Oracle
- SQL
- DBMS
- Data Warehousing
- Data structures and Algorithms
- CCNA
- CCNP Routing
- CCNP Switching
- Internetworking
- Border Gateway Protocol
- MCSE
- Exchange Server
- Windows Server 2008
- DNS & Active Directory
- Firewall Questions
- Unix
- Linux Server Administrator
- Linux System Administrator
- Linux File Manipulation
Database

Home
Security
Comptia Cybersecurity (Cysa+)

Which one of the following objectives is not one of the three main objectives that information security professionals must achieve to protect their organizations against cybersecurity threats?

A.
Integrity
B.
Nonrepudiation
C.
Availability
D.
Confidentiality

Answer & Explanation
Report

Answer : [B]
Explanation :

The three primary objectives of cybersecurity professionals are confidentiality, integrity, and availability.

Report

Name

Tommy is assessing the security of several database servers in his datacenter and realizes that one of them is missing a critical Oracle security patch. What type of situation has Tommy detected?

A.
Risk
B.
Vulnerability
C.
Hacker
D.
Threat

Answer & Explanation
Report

Answer : [B]
Explanation :

In this scenario, Tommy identified a deficiency in the security of his web server that renders it vulnerable to attack. This is a security vulnerability. Tommy has not yet identified a specific risk because he has not identified a threat (such as a hacker) that might exploit this vulnerability.

Report

Name

Ben is preparing to conduct a cybersecurity risk assessment for his organization. If he chooses to follow the standard process proposed by NIST, which one of the following steps would come first?

A.
Determine likelihood
B.
Determine impact
C.
Identify threats
D.
Identify vulnerabilities

Answer & Explanation
Report

Answer : [C]
Explanation :

The NIST risk assessment process says that organizations should identify threats before identifying vulnerabilities or determining the likelihood and impact of risks.

Report

Name

Cindy is conducting a cybersecurity risk assessment and is considering the impact that a failure of her city’s power grid might have on the organization. What type of threat is she considering?

A.
Adversarial
B.
Accidental
C.
Structural
D.
Environmental

Answer & Explanation
Report

Answer : [D]
Explanation :

Widespread infrastructure failures, such as those affecting the power grid or telecommunications circuits, are considered man-made disasters and fall under the category of environmental threats.

Report

Name

Which one of the following categories of threat requires that cybersecurity analysts consider the capability, intent, and targeting of the threat source?

A.
Adversarial
B.
Accidental/li>
C.
Structural
D.
Environmental

Answer & Explanation
Report

Answer : [A]
Explanation :

Adversarial threat analysis requires examining the capability of the threat source, the intent of the threat source, and the likelihood that the threat will target the organization.

Report

Name

Pages
1
2
3
4
5
6
7
8
9
10
11
12
13
14

Sitemap