SkillTestPro | CompTIA CySA+ Practice Test 4

CompTIA CySA+ Practice Test 4

CompTIA CySA+ Practice Test

1 / 10

After a privilege escalation incident, you’re briefing developers. Which recommendation prevents recurrence?

Implement input validation and sanitize user data

Increase firewall timeouts

Reduce log retention periods

Share full memory dumps

Lower IDS sensitivity

2 / 10

A scan flags a server with a default admin account enabled. Which command disables it on a Linux system?

userdel admin

passwd -l admin

chage -E 0 admin

usermod -s /bin/false admin

chmod 000 /home/admin

3 / 10

A phishing campaign targets employees. Which log should you analyze to detect successful logins from unfamiliar IPs?

/var/log/messages

/var/log/boot.log

/var/log/secure

/var/log/cron

/var/log/dpkg.log

4 / 10

A DDoS attack overwhelms a server. Which command monitors real-time network bandwidth usage on Linux?

ping -c 1000 8.8.8.8

ip link show

lsblk

dmesg | grep net

iftop

5 / 10

A scan detects a server with an exposed .git directory. Which immediate action reduces risk?

Update the web server software

Block port 443

Run nmap -p 80 to verify

Remove or restrict access to /var/www/.git with chmod 700

Disable directory listing globally

6 / 10

An endpoint protection tool flags a suspicious script execution. Which Windows command retrieves the script’s command-line arguments?

dir /s

wmic process where "name='cmd.exe'" get CommandLine

taskkill /IM cmd.exe

sfc /verifyonly

get-process

7 / 10

A legal team needs a summary of a data leak for litigation. Which element ensures compliance focus?

Full packet capture data

Employee workstation IDs

Estimated financial impact of the breach

SIEM dashboard screenshots

Raw vulnerability scan outputs

8 / 10

A suspected insider threat deleted critical logs. Which command checks for recent file deletions on a Linux system?

ls -ld /var/log/ | grep "deleted"*

journalctl --since "1 hour ago" | grep rm

find /var/log -mtime -1 -exec ls -l {} ;

auditctl -w /var/log -p wa

cat /proc/syslog

9 / 10

A vulnerability scan reports a server with a misconfigured file permission allowing world-write access. Which command corrects this?

chown root /etc/secretfile

chmod 777 /etc/secretfile

mv /etc/secretfile /root

rm /etc/secretfile

chmod 640 /etc/secretfile

10 / 10

A network monitor flags a spike in UDP traffic to an external IP. Which command identifies the source application on a Linux host?

lsof -iUDP

ifconfig

route -n

who

uptime

Your score is

The average score is 0%