1. Home
  2. CompTIA
  3. CS0-002

CompTIA Cybersecurity Analyst (CySA+)

Exam Details

  • Exam Code
    :CS0-002
  • Exam Name
    :CompTIA Cybersecurity Analyst (CySA+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1059 Q&As
  • Last Updated
    :Apr 17, 2025

CompTIA CompTIA Certifications CS0-002 Questions & Answers

  • Question 661:

    A customer notifies a security analyst that a web application is vulnerable to information disclosure The analyst needs to indicate the seventy of the vulnerability based on its CVSS score, which the analyst needs to calculate When analyzing the vulnerability the analyst realizes that tor the attack to be successful, the Tomcat configuration file must be modified.

    Which of the following values should the security analyst choose when evaluating the CVSS score?

    A. Network

    B. Physical

    C. Adjacent

    D. Local

  • Question 662:

    The IT department is concerned about the possibility of a guest device infecting machines on the corporate network or taking down the company's singe internet connection. Which of the following should a security analyst recommend to BEST meet the requirements outlined by the IT Department?

    A. Require the guest machines to install the corporate-owned EDR solution.

    B. Configure NAC to only alow machines on the network that are patched and have active antivirus.

    C. Place a firewall In between the corporate network and the guest network

    D. Configure the IPS with rules that will detect common malware signatures traveling from the guest network.

  • Question 663:

    Which of the following is MOST dangerous to the client environment during a vulnerability assessment penetration test?

    A. There is a longer period of time to assess the environment.

    B. The testing is outside the contractual scope

    C. There is a shorter period of time to assess the environment

    D. No status reports are included with the assessment.

  • Question 664:

    Which of the following BEST describes HSM?

    A. A computing device that manages cryptography, decrypts traffic, and maintains library calls

    B. A computing device that manages digital keys, performs encryption/decryption functions, and maintains other cryptographic functions

    C. A computing device that manages physical keys, encrypts devices, and creates strong cryptographic functions D. A computing device that manages algorithms, performs entropy functions, and maintains digital signatures

  • Question 665:

    Which of the following is a reason to use a risk-based cybersecurity framework?

    A. A risk-based approach always requires quantifying each cyber nsk faced by an organization

    B. A risk-based approach better allocates an organization's resources against cyberthreats and vulnerabilities

    C. A risk-based approach is driven by regulatory compliance and es required for most organizations

    D. A risk-based approach prioritizes vulnerability remediation by threat hunting and other qualitative-based processes

  • Question 666:

    A security analyst is concerned the number of security incidents being reported has suddenly gone down. Daily business interactions have not changed, and no following should the analyst review FIRST?

    A. The DNS configuration

    B. Privileged accounts

    C. The IDS rule set

    D. The firewall ACL

  • Question 667:

    A security analyst found an old version of OpenSSH running on a DMZ server and determined the following piece of code could have led to a command execution through an integer overflow;

    Which of the following controls must be in place to prevent this vulnerability?

    A. Convert all integer numbers in strings to handle the memory buffer correctly.

    B. Implement float numbers instead of integers to prevent integer overflows.

    C. Use built-in functions from libraries to check and handle long numbers properly.

    D. Sanitize user inputs, avoiding small numbers that cannot be handled in the memory.

  • Question 668:

    A security officer needs to find the most cost-effective solution to the current data privacy and protection gap found in the last security assessment. Which of the following is the BEST recommendation?

    A. Require users to sign NDAs

    B. Create a data minimization plan.

    C. Add access control requirements

    D. Implement a data loss prevention solution

  • Question 669:

    During routine monitoring a security analyst identified the following enterpnse network traffic: Packet capture output:

    Which of the following BEST describes what the security analyst observed?

    A. 66.187.224.210 set up a DNS hijack with 192.168.12.21.

    B. 192.168.12.21 made a TCP connection to 66 187 224 210

    C. 192.168.12.21 made a TCP connection to 209 132 177 50

    D. 209.132.177.50 set up a TCP reset attack to 192 168 12 21

  • Question 670:

    A threat hurting team received a new loC from an ISAC that follows a threat actor's profile and activities. Which of the following should be updated NEXT?

    A. The whitelist

    B. The DNS

    C. The blocklist

    D. The IDS signature

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CS0-002 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.