Free Practice Questions for CompTIA Cybersecurity Analyst (CySA+) Certification Exam (CS0-002)

QUESTION 61

- (Exam Topic 1)
Because some clients have reported unauthorized activity on their accounts, a security analyst is reviewing network packet captures from the company's API server. A portion of a capture file is shown below:
POST /services/v1_0/Public/Members.svc/soap
192.168.1.22 - - api.somesite.com 200 0 1006 1001 0 192.168.1.22
POST /services/v1_0/Public/Members.svc/soap
<Password123
somebody@companyname.com 192.168.5.66 - - api.somesite.com 200 0 11558 1712 2024 192.168.4.89
POST /services/v1_0/Public/Members.svc/soap
~~516.7.446.605~~ < 192>POST /services/v1_0/Public/Members.svc/soap
~~http://www.w3.org/2001/XMLSchema-instance">~~
kmL4krg2CwwWBan5BReGv5Djb7syxXTNKcWFuSjd 0
4 ''1=1 13026046Which of the following MOST likely explains how the clients' accounts were compromised?

A. The clients' authentication tokens were impersonated and replayed.

B. The clients' usernames and passwords were transmitted in cleartext.

C. An XSS scripting attack was carried out on the server.

D. A SQL injection attack was carried out on the server.

Correct Answer: B

QUESTION 62

- (Exam Topic 1)
As part of an exercise set up by the information security officer, the IT staff must move some of the network systems to an off-site facility and redeploy them for testing. All staff members must ensure their respective systems can power back up and match their gold image. If they find any inconsistencies, they must formally document the information.
Which of the following BEST describes this test?

A. Walk through

B. Full interruption

C. Simulation

D. Parallel

Correct Answer: C

QUESTION 63

- (Exam Topic 1)
A development team is testing a new application release. The team needs to import existing client PHI data records from the production environment to the test environment to test accuracy and functionality.
Which of the following would BEST protect the sensitivity of this data while still allowing the team to perform the testing?

A. Deidentification

B. Encoding

C. Encryption

D. Watermarking

Correct Answer: A

QUESTION 64

- (Exam Topic 3)
You are a penetration tester who is reviewing the system hardening guidelines for a company. Hardening guidelines indicate the following.
There must be one primary server or service per device.
Only default port should be used
Non- secure protocols should be disabled.
The corporate internet presence should be placed in a protected subnet Instructions :
Using the available tools, discover devices on the corporate network and the services running on these devices.
You must determine
ip address of each device
The primary server or service each device
The protocols that should be disabled based on the hardening guidelines

Solution:
Answer below images

Does this meet the goal?

A. Yes

B. No

Correct Answer: A

QUESTION 65

- (Exam Topic 3)
After examining a header and footer file, a security analyst begins reconstructing files by scanning the raw data bytes of a hard disk and rebuilding them. Which of the following techniques is the analyst using?

A. Header analysis

B. File carving

C. Metadata analysis

D. Data recovery

Correct Answer: B

CS0-002 Dumps

CS0-002 Free Practice Test

CompTIA CS0-002: CompTIA Cybersecurity Analyst (CySA+) Certification Exam

Practice Test