CompTIA CySA+ CS0-003 Deck 4

Question 1

Honeypots

Answer 1

A host, network, or file set up with the purpose of luring attackers away from assets of actual value and/or discovering attack strategies and weaknesses in the security configuration.

Question 2

High-Interaction Honeypots

Answer 2

A design to mimic real production systems, making it difficult for attackers to tell the difference between the honeypot and a real system. This aims to capture more detailed attack information than can be accomplished by using a low-interaction honeypot, allowing security teams to understand an attacker better.

Question 3

Active Decoys

Answer 3

A system designed to distract potential attackers away from an organization’s critical systems and data. It creates a false environment that looks like a real system, complete with fake data, applications, and other elements. The decoy system is closely monitored to detect malicious activity and provide early warning and detailed insight into an attacker’s tactics and techniques.

Question 4

Intrusion Detection Systems

Answer 4

A security appliance or software that analyzes data from a packet sniffer to identify traffic that violates policies or rules.

Question 5

System Hardening

Answer 5

A process of making a host or app configuration secure by reducing its attack surface, through running only necessary services, installing monitoring software to protect against malware and intrusions, and establishing a maintenance schedule to ensure the system is patched to be secure against software exploits.

Question 6

Virtualization

Answer 6

A computing environment where multiple independent operating systems can be installed to a single hardware platform and run simultaneously.

Question 7

Containers (VM)

Answer 7

An operating system virtualization deployment containing everything required to run a service, application, or microservice.

Question 8

Microservices

Answer 8

A software architecture where components of the solution are conceived as highly decoupled services not dependent on a single platform type or technology.

Question 9

Application Virtualization

Answer 9

A software delivery model where the code runs on a server and is streamed to a client.

Question 10

Cloud Deployment

Answer 10

Classifying the ownership and management of a cloud as public, private, community, or hybrid.

Question 11

Public cloud

Answer 11

Cloud that is deployed for shared use by multiple independent tenants.

Question 12

Private Cloud

Answer 12

Cloud that is deployed for use by a single entity.

Question 13

Hybrid Cloud

Answer 13

Cloud deployment that uses both private and public elements.

Question 14

Serverless

Answer 14

A software architecture that runs functions within virtualized runtime containers in a cloud rather than on dedicated server instances.

Question 15

(VPC) Virtual Private Cloud

Answer 15

A private network segment made available to a single cloud consumer on a public cloud.

Question 16

(SDN) Software-defined networking

Answer 16

APIs and compatible hardware/virtual appliances allowing for programmable network appliances and systems.

Question 17

(SASE) Secure Access Service Edge

Answer 17

A networking and security architecture that provides secure access to cloud applications and services while reducing complexity. It combines security services like firewalls, identity and access management, and secure web gateway with networking services such as SD-WAN.

Question 18

In which Linux directory are configuration files typically located?

Answer 18

/etc

Question 19

Which type of cloud deployment model is the most common?

Answer 19

Hybrid

Question 20

What term describes how many organizations’ networks no longer have a clearly defined “inside” and “outside” boundary?

Answer 20

Deperimeterization

Question 21

(2FA)

Answer 21

Two-Factor Authentication

Question 22

(2FA) Two-Factor Authentication

Answer 22

Strong authentication mechanism that requires a user to submit two different types of credential, such as a fingerprint scan plus PIN. Often, the second credential is transmitted via a second trusted device or account. This is also referred to as 2-step verification.

Question 23

Out-Of-Band Mechanisms

Answer 23

Use of a communication channel that is different than the one currently being used.

Question 24

In-band Authentication

Answer 24

Use of a communication channel that is the same as the one currently being used.

Question 25

Standalone Server

Answer 25

A server that is not integrated into a Microsoft Active Directory domain.

Question 26

(SSO) Single sign-on

Answer 26

Authentication technology that enables a user to authenticate once and receive authorizations for multiple services.

Question 27

(PAM)

Answer 27

Privileged Access Management

Question 28

(SSO)

Answer 28

Single sign-on

Question 29

(PAM) Privileged Access Management

Answer 29

Policies, procedures, and support software for managing accounts and credentials with administrative permissions.

Question 30

Federation

Answer 30

A process that provides a shared login capability across multiple systems and enterprises. It essentially connects the identity management services of multiple systems.

Question 31

OpenID

Answer 31

An identity federation method that enables users to be authenticated on cooperating websites by a third-party authentication service.

Question 32

(SAML)

Answer 32

Security Assertion Markup Language

Question 33

(SAML) Security Assertion Markup Language

Answer 33

An XML-based data format used to exchange authentication information between a client and a service.

Question 34

(SOAP)

Answer 34

Simple Object Access Protocol

Question 35

(SOAP) Simple Object Access Protocol

Answer 35

An XML-based web services protocol that is used to exchange messages.