Skip to main content
E-Book

$26.99

CompTIA CySA+ Practice Tests: Exam CS0-001

Mike Chapple, David Seidl

ISBN: 978-1-119-43319-4 January 2018 480 Pages

Description

1,000 practice questions for smart CompTIA CySA+ preparation

CompTIA CySA+ Practice Tests provides invaluable preparation for the Cybersecurity Analyst exam CS0-001. With 1,000 questions covering 100% of the exam objectives, this book offers a multitude of opportunities for the savvy CySA+ candidate. Prepare more efficiently by working through questions before you begin studying, to find out what you already know—and focus study time only on what you don't. Test yourself periodically to gauge your progress along the way, and finish up with a 'dry-run' of the exam to avoid surprises on the big day. These questions are organized into four full-length tests, plus two bonus practice exams that show you what to expect and help you develop your personal test-taking strategy. Each question includes full explanations to help you understand the reasoning and approach, and reduces the chance of making the same error twice.

The CySA+ exam tests your knowledge and skills related to threat management, vulnerability management, cyber incident response, and security architecture and tools. You may think you're prepared, but are you absolutely positive? This book gives you an idea of how you are likely to perform on the actual exam—while there's still time to review.

  • Test your understanding of all CySA+ exam domains
  • Pinpoint weak areas in need of review
  • Assess your level of knowledge before planning your study time
  • Learn what to expect on exam day

The CompTIA CySA+ certification validates your skill set in the cybersecurity arena. As security becomes more and more critical, the demand for qualified professionals will only rise. CompTIA CySA+ Practice Tests is an invaluable tool for the comprehensive Cybersecurity Analyst preparation that helps you earn that career-making certification.

Introduction xix

Chapter 1 Domain 1: Threat Management 1

Chapter 2 Domain 2: Vulnerability Management 63

Chapter 3 Domain 3: Cyber Incident Response 139

Chapter 4 Domain 4: Security Architecture and Tool Sets 193

Chapter 5 Practice Exam 1 251

Chapter 6 Practice Exam 2 277

Appendix Answers to Review Questions 307

Chapter 1: Domain 1: Threat Management 308

Chapter 2: Domain 2: Vulnerability Management 330

Chapter 3: Domain 3: Cyber Incident Response 353

Chapter 4: Domain 4: Security Architecture and Tool Sets 377

Chapter 5: Practice Exam 1 399

Chapter 6: Practice Exam 2 408

Index 419

 

http://www.mvisu.al/?page=go/sybextestprep Sybex Online Test Prep & Certification Products
Errata in text
Download
CompTIA Discount Voucher
The CompTIA Discount Voucher is now hosted within the test bank. Please login to the test bank to access the voucher.
Download
ChapterPageDetailsDatePrint Run
131Errata in text
Chapter 1
p. 31
Question #103
INCORRECT:
B. Use netstat -lt.
CORRECT:
B. Use netstat -ap.
15/2/2019

4247Errata in text
Question 207
INCORRECT:
Which one of the following hash functions is the strongest cryptographic
supported by RADIUS?
CORRECT:
Which of the following is the strongest cryptographic hash function
supported by RADIUS?
19-Jun-18

bapp01319Errata in text
Appendix Answers to Review Questions
Chapter 1
p. 319
INCORRECT:
103. B. netstat can be used to list listening ports. The -l flag displays listening ports, while -t limits it to TCP ports. As you might expect, -u works for UDP ports.
CORRECT:
103. B. netstat can be used to list listening ports. The -a flag displays all listening ports, while -p will also show programs such as Time_wait, Established, Close_wait.
15/2/2019

Appendix330Errata in text
Appendix - Answers to Review Questions
p. 330
Chapter 1: Domain 1: Threat Management
Answer # 211
INCORRECT:
B. DNS poisoning uses modified DNS cache entries to redirect
unsuspecting users to alternate IP addresses. This may be intentional if
the DNS server owner wants to ensure that specific sites are blocked,
but it can also be leveraged by attackers who manage to either take
control of the DNS server or who manage to spoof or modify DNS updates.

CORRECT:
B. Alex should implement a network access control (NAC) solution that
requires GPS location. Geographic IP location will not help when users
do not receive IP addresses until they connect to the network!
8-Feb-19

bapp01338Errata in text
Appendix Answers to Review Questions
Chapter 2
p. 338
INCORRECT:
73. B.
CORRECT:
73. C.
15/2/2019

bapp01347Errata in text
Appendix Answers to Review Questions
Chapter 2
p. 347
INCORRECT:
157. A.
CORRECT:
157. C.
15/2/2019

bapp01349Errata in text
Appendix Answers to Review Questions
Chapter 2
p. 349
INCORRECT:
167. A. The server with IP address 10.0.102.58 is the only server on the list that contains a level 5 vulnerability?
CORRECT:
167. A. The server with IP address 10.0.102.58 is the only server amongst the possible answers that has a level 5 vulnerability?
15/2/2019

BM475Errata in text
Please replace the Cert Mike back-of-book ad. The attachment is given in the download section.
3-Jul-18

bapp01379Errata in text
Appendix Answers to Review Questions
Chapter 4
p. 379
INCORRECT:
16. C. The Gramm-Leach-Bliley Act (GLBA) includes regulations covering the cybersecurity programs at financial institutions, including banks. The Health Insurance Portability and Accountability Act (HIPAA) covers healthcare providers, insurers, and health information clearinghouses. The Family Educational Rights and Privacy Act (FERPA) applies to educational institutions. The Sarbanes-Oxley Act (SOX) applies to publicly traded companies.
CORRECT:
16. C. Load balancing technology helps protect the web site from disruption caused by the failure of a single server. If one server goes down, the other servers in the load balanced pool will continue to serve the site. RAID technology protects a server against a disk failure and would be an effective availability control, but would not be as effective as load balancing multiple servers. Web application firewalls and intrusion prevention systems may provide effective defenses against manmade availability threats, but would not protect against equipment failure.
15/2/2019