CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
ComptiA CySA+ 2023 Questions and answer - Part 21
1. Company A permits visiting business partners from Company B to utilize Ethernet ports available in Company As conference rooms. This access is provided toallow partners the ability to establish VPNs back to Company Bs network. The security architect for Company A wants to ensure partners from Company B are ableto gain direct Internet access from available ports only, while Company A employees can gain access to the Company A internal network from those same ports.Which of the following can be employed to allow this?
A) ACL
B) MAC
C) SAML
D) NAC
E) SIEM
2. A system administrator recently deployed and verified the installation of a critical patch issued by the companys primary OS vendor. This patch was supposed toremedy a vulnerability that would allow an adversary to remotely execute code from over the network. However, the administrator just ran a vulnerabilityassessment of networked systems, and each of them still reported having the same vulnerability. Which of the following is the MOST likely explanation for this?
A) The patch did not remediate the vulnerability.
B) The administrator did not wait long enough after applying the patch to run the assessment.
C) The vulnerability assessment returned false positives.
D) The administrator entered the wrong IP range for the assessment.
3. Due to new regulations, a company has decided to institute an organizational vulnerability management program and assign the function to the security team.Which of the following frameworks would BEST support the program? (Select two.)(Select 2answers)
A) COBIT
B) ISO 27000 series
C) ITIL
D) OWASP
E) NIST
4. A cybersecurity analyst is completing an organizations vulnerability report and wants it to reflect assets accurately. Which of the following items should be in thereport?
A) Organizational governance
B) Asset isolation
C) Processor utilization
D) Log disposition
E) Virtual hosts
5. A business-critical application is unable to support the requirements in the current password policy because it does not allow the use of special characters.Management does not want to accept the risk of a possible security incident due to weak password standards. Which of the following is an appropriate means tolimit the risks related to the application?
A) A compensating control
B) Encrypting authentication traffic
C) Altering the password policy
D) Creating new account management procedures
A) ACL
B) MAC
C) SAML
D) NAC
E) SIEM
2. A system administrator recently deployed and verified the installation of a critical patch issued by the companys primary OS vendor. This patch was supposed toremedy a vulnerability that would allow an adversary to remotely execute code from over the network. However, the administrator just ran a vulnerabilityassessment of networked systems, and each of them still reported having the same vulnerability. Which of the following is the MOST likely explanation for this?
A) The patch did not remediate the vulnerability.
B) The administrator did not wait long enough after applying the patch to run the assessment.
C) The vulnerability assessment returned false positives.
D) The administrator entered the wrong IP range for the assessment.
3. Due to new regulations, a company has decided to institute an organizational vulnerability management program and assign the function to the security team.Which of the following frameworks would BEST support the program? (Select two.)(Select 2answers)
A) COBIT
B) ISO 27000 series
C) ITIL
D) OWASP
E) NIST
4. A cybersecurity analyst is completing an organizations vulnerability report and wants it to reflect assets accurately. Which of the following items should be in thereport?
A) Organizational governance
B) Asset isolation
C) Processor utilization
D) Log disposition
E) Virtual hosts
5. A business-critical application is unable to support the requirements in the current password policy because it does not allow the use of special characters.Management does not want to accept the risk of a possible security incident due to weak password standards. Which of the following is an appropriate means tolimit the risks related to the application?
A) A compensating control
B) Encrypting authentication traffic
C) Altering the password policy
D) Creating new account management procedures
1. Right Answer: D
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: C,E
Explanation:
4. Right Answer: E
Explanation:
5. Right Answer: B
Explanation:
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: C,E
Explanation:
4. Right Answer: E
Explanation:
5. Right Answer: B
Explanation:
Tags:
comptia it exams it certification exams it certifications 2023 comptia exam comptia certification comptia questions comptia a+ comptia exam prep comptia 2023 compti prep materials comptia practice exams questions and answers practice tests test question test comptia a+ comptia a+ 1001 comptioa a+ 1002 comptia casp comptia cloud comptia cysa comptia it fundamentals comptia linux comptia network+ comptia security+ linux essentials0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment