SkillTestPro | CompTIA CySA+ Practice Test 5

CompTIA CySA+ Practice Test 5

CompTIA CySA+ Practice Test

1 / 10

After a social engineering incident, you’re training staff. Which recommendation reduces future risk?

Increase password length

Disable email filters

Share incident logs with all staff

Verify sender identity before acting on emails

Reduce security awareness sessions

2 / 10

A scan detects a server with an outdated kernel vulnerable to privilege escalation (CVE-2023-5678). What’s the priority?

Reboot into safe mode

Block all inbound traffic

Update the kernel with yum update kernel or equivalent

Run uname -r to confirm

Disable user accounts

3 / 10

A web server logs show repeated POST requests with encoded payloads. Which tool decodes these for analysis?

nmap

telnet

curl

dig

base64 -d

4 / 10

A crypto-miner is detected on a server. Which command identifies the miner’s network connections on Linux?

ss -tuln

lsblk

dmesg | grep miner

who

find / -name "miner"

5 / 10

A scan flags a server with an insecure SNMP community string ("public"). Which action resolves this?

Disable SNMP entirely

Block port 161 with a firewall

Run snmpwalk to verify

Update /etc/snmp/snmpd.conf to use a unique string and restrict access

Switch to a different protocol

6 / 10

An alert indicates a host scanning internal IPs. Which command captures the scanning activity on a Linux system?

netstat -an

ping -c 100 192.168.1.50

ip route

whoami

tcpdump -i eth0 -nn src host 192.168.1.50 -w scan.pcap

7 / 10

A security audit requires a report on firewall effectiveness. Which metric best demonstrates this to auditors?

Total number of rules applied

Percentage of blocked malicious traffic

Raw packet logs

Firewall uptime statistics

CPU usage during scans

8 / 10

A compromised server shows signs of lateral movement. Which command identifies active user sessions on Windows?

dir

qwinsta

tasklist /svc

sfc /scannow

chkdsk /f

9 / 10

A scan reveals a server with an exposed Redis instance lacking authentication. Which mitigation should you apply?

Block port 6379 with a firewall

Uninstall Redis

Run nmap -p 6379 to confirm

Edit /etc/redis/redis.conf to set requirepass strongpassword

Switch to a different database

10 / 10

A network sensor detects beaconing to a suspicious IP every 60 seconds. Which command tracks this behavior on a Linux host?

ip addr show

who -u

watch -n 60 netstat -tn

ls -l /proc

uptime

Your score is

The average score is 0%