Logo ExamsQA
Exit
Official Bank 0/428

CompTIA CySA+ exam (CS0-003) - CompTIA Actual Exam Questions

Last updated on April 15, 2026

97% Exam Compliance
428 Total Questions
1
Question

Which of the following is an important aspect that should be included in the lessons-learned step after an incident?

Options
A

Identify any improvements or changes in the incident response plan or procedures
B

Determine if an internal mistake was made and who did it so they do not repeat the error
C

Present all legal evidence collected and turn it over to iaw enforcement
D

Discuss the financial impact of the incident to determine if security controls are well spent
Discussion (0 comments)

to join the discussion

Community Discussion

No discussions yet. Be the first to ask!

2
Question

A security administrator needs to import Pll data records from the production environment to the test environment for testing purposes. Which of the following would best protect data confidentiality?

Options
A

Data masking
B

Hashing
C

Watermarking
D

Encoding
Discussion (0 comments)

to join the discussion

Community Discussion

No discussions yet. Be the first to ask!

3
Question

A cybersecurity analyst notices unusual network scanning activity coming from a country that the company does not do business with. Which of the following is the best mitigation technique?

Options
A

Geoblock the offending source country
B

Block the IP range of the scans at the network firewall.
C

Perform a historical trend analysis and look for similar scanning activity.
D

Block the specific IP address of the scans at the network firewall
Discussion (0 comments)

to join the discussion

Community Discussion

No discussions yet. Be the first to ask!

4
Question

After identifying a threat, a company has decided to implement a patch management program to remediate vulnerabilities. Which of the following risk management principles is the company exercising?

Options
A

Transfer
B

Accept
C

Mitigate
D

Avoid
Discussion (0 comments)

to join the discussion

Community Discussion

No discussions yet. Be the first to ask!

5
Question

A security analyst needs to secure digital evidence related to an incident. The security analyst must ensure that the accuracy of the data cannot be repudiated. Which of the following should be implemented?

Options
A

Offline storage
B

Evidence collection
C

Integrity validation
D

Legal hold
Discussion (0 comments)

to join the discussion

Community Discussion

No discussions yet. Be the first to ask!

Finish Practice?

Are you sure you want to finish? This will end your practice session.