Special Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

CS0-003 Exam Dumps - CompTIA CyberSecurity Analyst CySA+ Certification Exam

Go to page:
Question # 89

Which of the following is described as a method of enforcing a security policy between cloud customers and cloud services?

A.

CASB

B.

DMARC

C.

SIEM

D.

PAM

Full Access
Question # 90

A security analyst must preserve a system hard drive that was involved in a litigation request Which of the following is the best method to ensure the data on the device is not modified?

A.

Generate a hash value and make a backup image.

B.

Encrypt the device to ensure confidentiality of the data.

C.

Protect the device with a complex password.

D.

Perform a memory scan dump to collect residual data.

Full Access
Question # 91

Which of the following would help an analyst to quickly find out whether the IP address in a SIEM alert is a known-malicious IP address?

A.

Join an information sharing and analysis center specific to the company's industry.

B.

Upload threat intelligence to the IPS in STIX/TAXII format.

C.

Add data enrichment for IPS in the ingestion pipleline.

D.

Review threat feeds after viewing the SIEM alert.

Full Access
Question # 92

New employees in an organization have been consistently plugging in personal webcams despite the company policy prohibiting use of personal devices. The SOC manager discovers that new employees are not aware of the company policy. Which of the following will the SOC manager most likely recommend to help ensure new employees are accountable for following the company policy?

A.

Human resources must email a copy of a user agreement to all new employees

B.

Supervisors must get verbal confirmation from new employees indicating they have read the user agreement

C.

All new employees must take a test about the company security policy during the cjitoardmg process

D.

All new employees must sign a user agreement to acknowledge the company security policy

Full Access
Question # 93

Which of the following in the digital forensics process is considered a critical activity that often includes a graphical representation of process and operating system events?

A.

Registry editing

B.

Network mapping

C.

Timeline analysis

D.

Write blocking

Full Access
Question # 94

An analyst finds that an IP address outside of the company network that is being used to run network and vulnerability scans across external-facing assets. Which of the following steps of an attack framework is the analyst witnessing?

A.

Exploitation

B.

Reconnaissance

C.

Command and control

D.

Actions on objectives

Full Access
Question # 95

The analyst reviews the following endpoint log entry:

Which of the following has occurred?

A.

Registry change

B.

Rename computer

C.

New account introduced

D.

Privilege escalation

Full Access
Question # 96

During an incident, some loCs of possible ransomware contamination were found in a group of servers in a segment of the network. Which of the following steps should be taken next?

A.

Isolation

B.

Remediation

C.

Reimaging

D.

Preservation

Full Access
Go to page: