Skip survey header

CySA+ Practice Quiz: C00-003 Quiz 3

Enjoy the following 10 question quiz from TestOut.

1. A local city council tasked its Information Technology (IT) department to implement an international-scale cybersecurity framework. The requirement is coming from their cyber security insurance vendor. The vendor warned that this set of frameworks is not freely available.

Which industry framework should the IT department investigate?
2. A small vendor is working to sell their point-of-sale register product to a large pharmacy chain. Before the vendor can complete the sale, they must attest to their controls designed to prevent fraud and protect consumer financial data.

Which industry framework should the vendor adopt in product planning and implementation?
3. Security guards are included in which control category?

4. A mortgage underwriter specializing in circus equipment loans implements a SOAR system for cybersecurity. Which security control functional type best describes this situation?
5. A security analyst is trying to explain attack methodology frameworks in the context of protecting cloud-based applications and data. Which of the following solutions can help the analyst in achieving this objective?
6. A security analyst is responsible for ensuring that an organization does not leak sensitive information. Which of the following concepts would be most helpful in achieving this objective?
7. There is strong evidence that a machine is compromised on your company network, but you have not determined which computer. You are going to try to pinpoint the host by scanning for any network devices that are in promiscuous mode.

Which of the following Nmap scripts would you use?
8. Which of the following protocols is most secure?
9. A security analyst monitors a company's network for potential security threats. They notice some abnormal behavior in a business-critical application.

Which type of activity is the analyst most likely observing?
10. A company has recently upgraded to the latest version of their web application. During a review of the logs, the security analyst notices an unauthorized change made to the web application by an unknown user.

Which of the following logs would most likely provide information about the unauthorized change?
This free quiz was provided by:



 
0%