Advanced Comptia CSA+ Certification exam CS0-001 questions and answers for experienced professionals Page 11 -- Infibee

Feedback

Home

General Knowledge
General Aptitude
General English
Networking
Interview Questions
- .NET
- Java
- ASP.NET
- C++
- Perl
- Python
- Ruby and Rails
- Struts
- Core Java
- Hibernate
- DB2
- MS SQL Server
- MySQL
- Oracle
- SQL
- DBMS
- Data Warehousing
- Data structures and Algorithms
- CCNA
- CCNP Routing
- CCNP Switching
- Internetworking
- Border Gateway Protocol
- MCSE
- Exchange Server
- Windows Server 2008
- DNS & Active Directory
- Firewall Questions
- Unix
- Linux Server Administrator
- Linux System Administrator
- Linux File Manipulation
Database

Home
Security
Comptia Cybersecurity (Cysa+)

51.

Which one of the following metrics is not included in the calculation of the CVSS exploitability score?

A.
Access vector
B.
Vulnerability age
C.
Access complexity
D.
Authentication

Answer & Explanation
Report

Answer : [B]
Explanation :

The CVSS exploitability score is computed using the access vector, access complexity, and authentication metrics.

Report

Name

52.

Kevin recently identified a new security vulnerability and computed its CVSS base score as 6.5. Which risk category would this vulnerability fall into?

A.
Low
B.
Medium
C.
High
D.
Critical

Answer & Explanation
Report

Answer : [C]
Explanation :

Vulnerabilities with a CVSS score higher than 6.0 but less than 10.0 fall into the High risk category.

Report

Name

53.

Tara recently analyzed the results of a vulnerability scan report and found that a vulnerability reported by the scanner did not exist because the system was actually patched as specified. What type of error occurred?

A.
False positive
B.
False negative
C.
True positive
D.
True negative

Answer & Explanation
Report

Answer : [A]
Explanation :

A false positive error occurs when the vulnerability scanner reports a vulnerability that does not actually exist.

Report

Name

54.

Which one of the following is not a common source of information that may be correlated with vulnerability scan results?

A.
Logs
B.
Database tables
C.
SIEM
D.
Configuration management system

Answer & Explanation
Report

Answer : [B]
Explanation :

It is unlikely that a database table would contain information relevant to assessing a vulnerability scan report. Logs, SIEM reports, and configuration management systems are much more likely to contain relevant information.

Report

Name

55.

Which one of the following operating systems should be avoided on production networks?

A.
Windows Server 2003
B.
Red Hat Enterprise Linux 7
C.
CentOS 7
D.
Ubuntu 16

Answer & Explanation
Report

Answer : [A]
Explanation :

Microsoft discontinued support for Windows Server 2003, and it is likely that the operating system contains unpatchable vulnerabilities.

Report

Name

Pages
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

Sitemap