CompTIA CS0-002 - CompTIA CySA+ Certification Exam (CS0-002) Exam
Page: 1 / 85
Total 422 questions
Question #1 (Topic: Single Topic)
Which of the following is the software development process by which function, usability, and scenarios are tested against a known set of base requirements?
A. Security regression testing
B. Code review
C. User acceptance testing
D. Stress testing
Answer: D
Question #2 (Topic: Single Topic)
A security analyst discovers the following firewall log entries during an incident:

Which of the following is MOST likely occurring?

Which of the following is MOST likely occurring?
A. Banner grabbing
B. Port scanning
C. Beaconing
D. Data exfiltration
Answer: C
Question #3 (Topic: Single Topic)
A security analyst is revising a company's MFA policy to prohibit the use of short message service (SMS) tokens. The Chief Information Officer has questioned
this decision and asked for justification. Which of the following should the analyst provide as justification for the new policy?
this decision and asked for justification. Which of the following should the analyst provide as justification for the new policy?
A. SMS relies on untrusted, third-party carrier networks.
B. SMS tokens are limited to eight numerical characters.
C. SMS is not supported on all handheld devices in use.
D. SMS is a cleartext protocol and does not support encryption.
Answer: D
Question #4 (Topic: Single Topic)
During an incident response procedure, a security analyst collects a hard drive to analyze a possible vector of compromise. There is a Linux swap partition on the
hard drive that needs to be checked. Which of the following should the analyst use to extract human-readable content from the partition?
hard drive that needs to be checked. Which of the following should the analyst use to extract human-readable content from the partition?
A. strings
B. head
C. fsstat
D. dd
Answer: D
Question #5 (Topic: Single Topic)
A consultant is evaluating multiple threat intelligence feeds to assess potential risks for a client. Which of the following is the BEST approach for the consultant to
consider when modeling the client's attack surface?
consider when modeling the client's attack surface?
A. Ask for external scans from industry peers, look at the open ports, and compare information with the client.
B. Discuss potential tools the client can purchase to reduce the likelihood of an attack.
C. Look at attacks against similar industry peers and assess the probability of the same attacks happening.
D. Meet with the senior management team to determine if funding is available for recommended solutions.
Answer: A