Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CySA+ Study for Pass Certification Exam !!! > CySA+ Study for PASS Certification Exam !!! > Flashcards

CySA+ Study for PASS Certification Exam !!! Flashcards

1
Q

??? has basic infrastructure building blocks customers may use to design and implement their own service offerings; including compute processing, storage, networking, etc … can assemble basic cloud offerings to create services; customer has great control over infrastructure w/monitoring, management, and security. Customer responsibilities include maintaining and upgrading the OS and software running in the environment and physical environment, enforcing isolation and cloud infrastructure.

A

IaaS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

??? service provider operates an infrastructure that is fully managed and configurable to run customer apps. Customers then deploy apps that they either developed themselves or purchased from vendors onto service providers platform, where they run minimal customer management. Allows customers to execute code w/o managing the underlying servers but customers usually need to be involved in provisioning certain levels of infrastructure etc …

A

PaaS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

??? provide a customer with complete app that is built and maintained by service provider and runs in an infrastructure that is either operated or procured by the service provider. Customer typically accesses service through web browser and performs only limited app configs. Almost all responsibility of operating the service is in hands of cloud service provider …

A

SaaS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

process of automating the provisioning, management, and deprovisioning of infrastructure services through scripted code rather than human intervention.

A

IaC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

multicloud auditing tool that reaches into users accounts w/cloud service providers and retrieves config info using those services API’s. It deeply probes the service config and searches for potential security issues.

Pacu : cloud-focused exploitation framework similar to Metasploit. Works specifically with AWS accounts and used for helping attackers determine what they can do w/the access they have to the AWS account.

Prowler : security config test tool similar to ScoutSuite. Performs deeper testing of some parameters but limited to scanning AWS environments.

A

info

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

??? : running separate physical infrastructures or networks, System isolation ensures infrastructure is separated and an air gap ensures no connection at all between the infrastructures.

??? : provides alternative to virtualizing entire system, but permits apps to run in own environ. w/their own components, like libraries, config files, etc in a dedicated container.

??? : runs desktop OS like Windows 10 on central hardware and streams the desktops across the network to systems.

A

Physical Segmentation / Containerization (Virtualization) / VDI

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

??? offensive actions taken to counter adversaries.

A

Active Defense

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

??? : enforce confidentiality, integrity, and availability in a digital space; include firewalls, IDS/IPS, network segmentation, authentication and authorization systems etc anything that provides technical capabilities through technical means.

??? : includes processes that we put in place to manage tech. in secure manner; include user access reviews, log monitoring, and vulnerability management.

??? : procedural mechanisms that focus on mechanics of risk management process; ex of admin controls include periodic risk assessments, security planning exercises, service acquisition, project management practices, etc …

A

Technical Controls / Operational Controls / Managerial Controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

??? : processes and procedures, like those in incident response plans, account creation and management, and awareness and training efforts.

??? : locks, fences, fire extinguishers etc …

??? : firewalls, training, security guards, fences, guard dogs, etc …

??? : alarms, notifications, detection of an incident etc …

??? : patching, anti-malware software, system restore from backups, etc … either remediate or act to limit how much damage can result from an incident.

A

Administrative Controls / Physical Controls / Preventive Controls / Detective Controls / Corrective Controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

??? set of claims made about an individual or account holder that are made about one party to another party (like service provider, app, or system) are a key to authentication, authorization, and accounting (AAA). Attributes include name, address, title, contact info, and other details about individual.

A

Identities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CySA+ Study for Pass Certification Exam !!! (9 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions