CompTIA CySA+ Practice Questions: Threat and Vulnerability Management

5 free, exam-style CompTIA CySA+ (CS0-003) practice questions covering Threat and Vulnerability Management. Each question shows the correct answer and a clear explanation. Ready for the real thing? Take the full timed quiz below.

🚀 Take the full CompTIA CySA+ quiz 📘 CompTIA CySA+ study guide

Q1. During a vulnerability scan, you identify a system running SMBv1. What is the PRIMARY risk associated with this finding?

A.Increased bandwidth usage
B.Potential exploitation via EternalBlue✓ Correct
C.Incompatibility with modern systems
D.Higher CPU utilization

Explanation: SMBv1 is vulnerable to critical exploits like EternalBlue which can lead to wormable ransomware attacks. Learn more.

Q2. Which technique would be MOST effective for detecting living-off-the-land binaries being used maliciously?

A.Signature-based antivirus
B.Behavioral analysis✓ Correct
C.Port scanning
D.Vulnerability scanning

Explanation: Behavioral analysis can detect when legitimate tools are being used in suspicious ways. Learn more.

Q3. What is the PRIMARY purpose of a malware sandbox?

A.To permanently store malware samples
B.To safely execute and analyze suspicious files✓ Correct
C.To encrypt malicious payloads
D.To block all network traffic

Explanation: Sandboxes provide isolated environments to study malware behavior safely. Learn more.

Q4. When analyzing a suspicious email attachment, what is the SAFEST method to determine if it's malicious?

A.Open it on a test machine
B.Submit to a sandbox analysis tool✓ Correct
C.Forward to colleagues for review
D.Check the file extension

Explanation: Sandbox analysis executes files in an isolated environment to observe behavior safely. Learn more.

Q5. What is the PRIMARY purpose of a malware sandbox?

A.Store malware
B.Safely analyze files✓ Correct
C.Encrypt payloads
D.Block traffic

Explanation: Sandboxes provide isolated environments to study malware safely. Learn more.