Appendix: Answers to Review Questions

Answers to Chapter 1: Domain 1.0: Threat and Vulnerability Management

  1. B. Open source intelligence is freely available information that does not require a subscription fee. Closed source and proprietary intelligence are synonyms and do involve payments to the providers. Vulnerability feeds may be considered threat intelligence, but they normally come with subscription fees.
  2. A. Although it may seem strange, a DNS brute-force attack that queries a list of IPs, common subdomains, or other lists of targets will often bypass intrusion detection and prevention systems that do not pay particular attention to DNS queries. Cynthia may even be able to find a DNS server that is not protected by the organization's ...

Get CompTIA CySA+ Practice Tests, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial