1. Home
  2. CompTIA
  3. CS0-002

CompTIA Cybersecurity Analyst (CySA+)

Exam Details

  • Exam Code
    :CS0-002
  • Exam Name
    :CompTIA Cybersecurity Analyst (CySA+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1059 Q&As
  • Last Updated
    :Apr 17, 2025

CompTIA CompTIA Certifications CS0-002 Questions & Answers

  • Question 681:

    Which of the following APT adversary archetypes represent non-nation-state threat actors? (Select TWO)

    A. Kitten

    B. Panda

    C. Tiger

    D. Jackal

    E. Bear

    F. Spider

  • Question 682:

    During the security assessment of a new application, a tester attempts to log in to the application but receives the following message incorrect password for given username. Which of the following can the tester recommend to decrease the likelihood that a malicious attacker will receive helpful information?

    A. Set the web page to redirect to an application support page when a bad password is entered.

    B. Disable error messaging for authentication

    C. Recognize that error messaging does not provide confirmation of the correct element of authentication

    D. Avoid using password-based authentication for the application

  • Question 683:

    Which of the following BEST describes what an organizations incident response plan should cover regarding how the organization handles public or private disclosures of an incident?

    A. The disclosure section should focus on how to reduce the likelihood customers will leave due to the incident.

    B. The disclosure section should contain the organization's legal and regulatory requirements regarding disclosures.

    C. The disclosure section should include the names and contact information of key employees who are needed for incident resolution

    D. The disclosure section should contain language explaining how the organization will reduce the likelihood of the incident from happening m the future.

  • Question 684:

    A security analyst sees the following OWASP ZAP output from a scan that was performed against a modern version of Windows while testing for client-side vulnerabilities:

    Alert Detail Low (Medium) Web Browser XSS Protection not enabled Description: Web browser XSS protection not enabled, or disabled by the configuration of the HTTP Response header

    URL: https://domain.com/sun/ray

    Which of the following is the MOST likely solution to the listed vulnerability?

    A. Enable the browser's XSS filter.

    B. Enable Windows XSS protection

    C. Enable the browser's protected pages mode

    D. Enable server-side XSS protection

  • Question 685:

    The help desk is having difficulty keeping up with all onboarding and offboarding requests. Managers often submit, requests for new users at the last minute. causing the help desk to scramble to create accounts across many different Interconnected systems. Which of the following solutions would work BEST to assist the help desk with the onboarding and offboarding process while protecting the company's assets?

    A. MFA

    B. CASB

    C. SSO

    D. RBAC

  • Question 686:

    A security analyst is reviewing a firewall usage report that contains traffic generated over the last 30 minutes in order to locate unusual traffic patterns:

    Which of the following source IP addresses does the analyst need to investigate further?

    A. 10.18.76.179

    B. 10.50.180.49

    C. 192.168.48.147

    D. 192.168.100.5

  • Question 687:

    Which of the following BEST describes how logging and monitonng work when entering into a public cloud relationship with a service provider?

    A. Logging and monitonng are not needed in a public cloud environment

    B. Logging and monitonng are done by the data owners

    C. Logging and monitonng duties are specified in the SLA and contract

    D. Logging and monitonng are done by the service provider

  • Question 688:

    A company wants to configure the environment to allow passive network monitonng. To avoid disrupting the sensitive network, which of the following must be supported by the scanner's NIC to assist with the company's request?

    A. Port bridging

    B. Tunnel all mode

    C. Full-duplex mode

    D. Port mirroring

    E. Promiscuous mode

  • Question 689:

    An organization has a policy that requires servers to be dedicated to one function and unneeded services to be disabled. Given the following output from an Nmap scan of a web server:

    Which of the following ports should be closed?

    A. 22

    B. 80

    C. 443

    D. 1433

  • Question 690:

    A security analyst at exampte.com receives a SIEM alert for an IDS signature and reviews the associated packet capture and TCP stream: Winch of the following actions should the security analyst lake NEXT?

    A. Review the known Apache vulnerabilities to determine if a compromise actually occurred

    B. Contact the application owner for connect example local tor additional information

    C. Mark the alert as a false positive scan coming from an approved source.

    D. Raise a request to the firewall team to block 203.0.113.15.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CS0-002 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.