Certification Practice Exam Questions And

CompTIA Cybersecurity Analyst (CySA+) Certification Practice Exam Questions And Correct Answers (Verified Answers) Plus Rationales 2026 Q&A | Instant Download Pdf

Coverage: Threat Management, Vulnerability Management, Security

Architecture, Tools, and Incident Response

• Which of the following best describes the primary goal of threat

intelligence?

• To identify vulnerabilities within the network
• To provide actionable information about potential threats
• To perform vulnerability scanning
• To ensure compliance with security policies

Rationale: Threat intelligence focuses on collecting and analyzing

information that can help predict, prevent, and respond to potential cyber threats. 1 / 4

• What is the purpose of a SIEM system in cybersecurity operations?
• To block malicious network traffic
• To collect, correlate, and analyze security event data
• To perform vulnerability scanning
• To create encryption keys

Rationale: SIEM (Security Information and Event Management) systems

aggregate logs from multiple sources and analyze them for anomalies and threats.

• Which type of malware disguises itself as legitimate software?
• Worm
• Rootkit
• Trojan
• Spyware

Rationale: A Trojan horse appears legitimate but performs malicious

actions once executed.

• Which of the following tools would be most appropriate for analyzing

network traffic in real-time?

• Wireshark
• Nessus 2 / 4

• OpenVAS
• Nmap

Rationale: Wireshark captures and analyzes packets in real-time to identify

anomalies or malicious activity.

• Which of the following describes a zero-day vulnerability?
• A vulnerability that is exploited before a patch is available
• A vulnerability identified during a penetration test
• A misconfiguration on a web server
• A phishing attack that uses a known exploit

Rationale: Zero-day vulnerabilities are newly discovered and exploited

before developers release a fix.

• What is the purpose of network segmentation in cybersecurity?
• To improve internet bandwidth
• To limit the spread of attacks within a network
• To reduce encryption overhead
• To increase network latency

Rationale: Network segmentation isolates critical assets, reducing lateral

movement opportunities for attackers.

• / 4

• What does the principle of least privilege ensure?
• Users have only the access necessary to perform their job duties
• Users can access all resources for convenience
• Administrators can bypass all controls
• All users share the same access level

Rationale: The principle of least privilege restricts access to only what is

essential for each user, minimizing potential damage from compromised accounts.

• Which of the following attacks is designed to make a network resource

unavailable to users?

• Phishing
• SQL Injection
• Denial-of-Service (DoS)
• Man-in-the-Middle

Rationale: A DoS attack overwhelms a system with excessive requests,

rendering it inaccessible to legitimate users.

• What is the primary purpose of vulnerability scanning?
• To test system performance
• To identify security weaknesses in systems and networks
• To perform social engineering
• To encrypt sensitive data
• / 4