Special Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

CS0-003 Exam Dumps - CompTIA CyberSecurity Analyst CySA+ Certification Exam

Go to page:
Question # 105

A security administrator needs to import Pll data records from the production environment to the test environment for testing purposes. Which of the following would best protect data confidentiality?

A.

Data masking

B.

Hashing

C.

Watermarking

D.

Encoding

Full Access
Question # 106

An analyst is investigating a phishing incident and has retrieved the following as part of the investigation:

cmd.exe /c c:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -WindowStyle Hidden -ExecutionPolicy Bypass -NoLogo -NoProfile -EncodedCommand

Which of the following should the analyst use to gather more information about the purpose of this command?

A.

Echo the command payload content into 'base64 -d'.

B.

Execute the command from a Windows VM.

C.

Use a command console with administrator privileges to execute the code.

D.

Run the command as an unprivileged user from the analyst workstation.

Full Access
Question # 107

Exploit code for a recently disclosed critical software vulnerability was publicly available (or download for several days before being removed. Which of the following CVSS v.3.1 temporal metrics was most impacted by this exposure?

A.

Remediation level

B.

Exploit code maturity

C.

Report confidence

D.

Availability

Full Access
Question # 108

Which of the following is the most likely reason for an organization to assign different internal departmental groups during the post-incident analysis and improvement process?

A.

To expose flaws in the incident management process related to specific work areas

B.

To ensure all staff members get exposure to the review process and can provide feedback

C.

To verify that the organization playbook was properly followed throughout the incident

D.

To allow cross-training for staff who are not involved in the incident response process

Full Access
Question # 109

To minimize the impact of a security incident in a heavily regulated company, a cybersecurity analyst has configured audit settings in the organization's cloud services. Which of the following security controls has the analyst configured?

A.

Preventive

B.

Corrective

C.

Directive

D.

Detective

Full Access
Question # 110

A security analyst reviews the following Arachni scan results for a web application that stores PII data:

Which of the following should be remediated first?

A.

SQL injection

B.

RFI

C.

XSS

D.

Code injection

Full Access
Question # 111

You are a cybersecurity analyst tasked with interpreting scan data from Company As servers You must verify the requirements are being met for all of the servers and recommend changes if you find they are not

The company's hardening guidelines indicate the following

• TLS 1 2 is the only version of TLS

running.

• Apache 2.4.18 or greater should be used.

• Only default ports should be used.

INSTRUCTIONS

using the supplied data. record the status of compliance With the company’s guidelines for each server.

The question contains two parts: make sure you complete Part 1 and Part 2. Make recommendations for Issues based ONLY on the hardening guidelines provided.

Part 1:

AppServ1:

AppServ2:

AppServ3:

AppServ4:

Part 2:

Full Access
Question # 112

An analyst views the following log entries:

The organization has a partner vendor with hosts in the 216.122.5.x range. This partner vendor is required to have access to monthly reports and is the only external vendor with authorized access. The organization prioritizes incident investigation according to the following hierarchy: unauthorized data disclosure is more critical than denial of service attempts.

which are more important than ensuring vendor data access.

Based on the log files and the organization's priorities, which of the following hosts warrants additional investigation?

A.

121.19.30.221

B.

134.17.188.5

C.

202.180.1582

D.

216.122.5.5

Full Access
Go to page: