Top 75 Realtime practical comptia CySA+ CS0-001 questions and answers for candidates who are preparing Comptia certificaion exam. Page 15 -- Infibee

Feedback

Home

General Knowledge
General Aptitude
General English
Networking
Interview Questions
- .NET
- Java
- ASP.NET
- C++
- Perl
- Python
- Ruby and Rails
- Struts
- Core Java
- Hibernate
- DB2
- MS SQL Server
- MySQL
- Oracle
- SQL
- DBMS
- Data Warehousing
- Data structures and Algorithms
- CCNA
- CCNP Routing
- CCNP Switching
- Internetworking
- Border Gateway Protocol
- MCSE
- Exchange Server
- Windows Server 2008
- DNS & Active Directory
- Firewall Questions
- Unix
- Linux Server Administrator
- Linux System Administrator
- Linux File Manipulation
Database

Home
Security
Comptia Cybersecurity (Cysa+)

71.

Which one of the following parties is not commonly the target of external communications during an incident?

A.
The perpetrator
B.
Law enforcement
C.
Vendors
D.
Information sharing partners

Answer & Explanation
Report

Answer : [A]
Explanation :

CSIRT members do not normally communicate directly with the perpetrator of a cybersecurity incident.

Report

Name

72.

Robert is finishing a draft of a proposed incident response policy for his organization. Who would be the most appropriate person to sign the policy?

A.
CEO
B.
Director of security
C.
CIO
D.
CSIRT leader

Answer & Explanation
Report

Answer : [A]
Explanation :

The incident response policy provides the CSIRT with the authority needed to do their job. Therefore, it should be approved by the highest possible level of authority within the organization, preferably the CEO.

Report

Name

73.

Which one of the following is not an objective of the containment, eradication, and recovery phase of incident response?

A.
Detect an incident in progress
B.
Implement a containment strategy
C.
Identify the attackers
D.
Eradicate the effects of the incident

Answer & Explanation
Report

Answer : [A]
Explanation :

Detection of a potential incident occurs during the detection and analysis phase of incident response. The other activities listed are all objectives of the containment, eradication, and recovery phase.

Report

Name

74.

Renee is responding to a security incident that resulted in the unavailability of a website critical to her company’s operations. She is unsure of the amount of time and effort that it will take to recover the website. How should Renee classify the recoverability effort?

A.
Regular
B.
Supplemented
C.
Extended
D.
Not recoverable

Answer & Explanation
Report

Answer : [C]
Explanation :

Extended recoverability effort occurs when the time to recovery is unpredictable. In those cases, additional resources and outside help are typically needed.

Report

Name

75.

Which one of the following is an example of an attrition attack?

A.
SQL injection
B.
Theft of a laptop
C.
User installs file sharing software
D.
Brute-force password attack

Answer & Explanation
Report

Answer : [D]
Explanation :

An attrition attack employs brute-force methods to compromise, degrade, or destroy systems, networks, or services —for example, a DDoS attack intended to impair or deny access to a service or application or a brute-force attack against an authentication mechanism.

Report

Name

Pages
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

Sitemap