CompTIA CS0-003 CompTIA Cybersecurity Analyst (CySA+) Exam Practice Test

Page: 1 / 14
Total 327 questions
Question 1

Which of the following will most likely cause severe issues with authentication and logging?

Answer : D

Time synchronization issues can cause severe problems with authentication and logging. If system clocks are not properly synchronized, it can lead to discrepancies in log timestamps, making it difficult to correlate events across different systems. Additionally, time-related discrepancies can affect authentication mechanisms that rely on time-based tokens, such as those used in multifactor authentication, leading to failures and security gaps.

Question 2

An organization has a critical financial application hosted online that does not allow event logging to send to the corporate SIEM. Which of the following is the best option for the security analyst to configure to improve the efficiency of security operations?

Answer : C

Question 3

A development team is preparing to roll out a beta version of a web application and wants to quickly test for vulnerabilities, including SQL injection, path traversal, and cross-site scripting. Which of the following tools would the security team most likely recommend to perform this test?

Answer : C

OWASP ZAP (Zed Attack Proxy) is a tool recommended for quickly testing web applications for vulnerabilities, including SQL injection, path traversal, and cross-site scripting. It is an open-source web application security scanner that helps identify security issues in web applications during the development and testing phases.

Question 4

A cybersecurity analyst has been assigned to the threat-hunting team to create a dynamic detection strategy based on behavioral analysis and attack patterns. Which of the following best describes what the analyst will be creating?

Answer : C

The analyst will be creating TTPs (Tactics, Techniques, and Procedures). TTPs describe the behavior, methods, and patterns used by attackers during a cyber attack. By focusing on TTPs, the analyst can develop a dynamic detection strategy that identifies malicious activities based on the observed behavior and patterns, rather than relying on static indicators like signatures or IOCs (Indicators of Compromise).

Question 5

Results of a SOC customer service evaluation indicate high levels of dissatisfaction with the inconsistent services provided after regular work hours. To address this, the SOC lead drafts a document establishing customer expectations regarding the SOC's performance and quality of services. Which of the following documents most likely fits this description?

Answer : D

A Service-Level Agreement (SLA) is a document that establishes customer expectations regarding the performance and quality of services provided by the SOC (Security Operations Center). It defines the level of service expected, including aspects like response times, availability, and support after regular work hours. An SLA helps in setting clear expectations and improving customer satisfaction by outlining the standards and commitments of the service provider.

Question 6

An MSSP received several alerts from customer 1, which caused a missed incident response deadline for customer 2. Which of the following best describes the document that was violated?

Answer : C

The document that was violated in this scenario is the SLA (Service Level Agreement). An SLA is a formal agreement between a service provider and a customer that defines the level of service expected. It includes specific metrics such as response times and resolution times. Missing an incident response deadline for customer 2 due to alerts from customer 1 indicates a breach of the agreed-upon service levels outlined in the SLA.

Question 7

An analyst investigated a website and produced the following:

Starting Nmap 7.92 ( ) at 2022-07-21 10:21 CDT

Nmap scan report for (

Host is up (0.054s latency).

rDNS record for

Not shown: 95 filtered tcp ports (no-response)


22/tcp open ssh OpenSSH 7.4 (protocol 2.0)

25/tcp closed smtp

80/tcp open http Apache httpd 2.4.6

113/tcp closed ident

443/tcp open ssl/http Apache httpd 2.4.6

Service Info: Host:

Service detection performed. Please report any incorrect results at https://nmap .org/submit/ .

Nmap done: 1 IP address (1 host up) scanned in 20.52 seconds

Which of the following syntaxes did the analyst use to discover the application versions on this vulnerable website?

Answer : C

Page:    1 / 14   
Total 327 questions