Special Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

CS0-003 Exam Dumps - CompTIA CyberSecurity Analyst CySA+ Certification Exam

Go to page:
Question # 113

While reviewing web server logs, a security analyst found the following line:

Which of the following malicious activities was attempted?

A.

Command injection

B.

XML injection

C.

Server-side request forgery

D.

Cross-site scripting

Full Access
Question # 114

A security analyst performs a vulnerability scan. Based on the metrics from the scan results, the analyst must prioritize which hosts to patch. The analyst runs the tool and receives the following output:

Which of the following hosts should be patched first, based on the metrics?

A.

host01

B.

host02

C.

host03

D.

host04

Full Access
Question # 115

The vulnerability analyst reviews threat intelligence regarding emerging vulnerabilities affecting workstations that are used within the company:

Which of the following vulnerabilities should the analyst be most concerned about, knowing that end users frequently click on malicious links sent via email?

A.

Vulnerability A

B.

Vulnerability B

C.

Vulnerability C

D.

Vulnerability D

Full Access
Question # 116

A vulnerability management team is unable to patch all vulnerabilities found during their weekly scans. Using the third-party scoring system described below, the team patches the most urgent vulnerabilities:

Additionally, the vulnerability management team feels that the metrics Smear and Channing are less important than the others, so these will be lower in priority. Which of the following vulnerabilities should be patched first, given the above third-party scoring system?

A.

InLoud:Cobain: YesGrohl: NoNovo: YesSmear: YesChanning: No

B.

TSpirit:Cobain: YesGrohl: YesNovo: YesSmear: NoChanning: No

C.

ENameless:Cobain: YesGrohl: NoNovo: YesSmear: NoChanning: No

D.

PBleach:Cobain: YesGrohl: NoNovo: NoSmear: NoChanning: Yes

Full Access
Question # 117

A healthcare organization must develop an action plan based on the findings from a risk

assessment. The action plan must consist of:

· Risk categorization

· Risk prioritization

. Implementation of controls

INSTRUCTIONS

Click on the audit report, risk matrix, and SLA expectations documents to review their

contents.

On the Risk categorization tab, determine the order in which the findings must be

prioritized for remediation according to the risk rating score. Then, assign a categorization to each risk.

On the Controls tab, select the appropriate control(s) to implement for each risk finding.

Findings may have more than one control implemented. Some controls may be used

more than once or not at all.

If at any time you would like to bring back the initial state of the simulation, please click

the Reset All button.

Full Access
Question # 118

A vulnerability scan shows several vulnerabilities. At the same time, a zero-day vulnerability with a CVSS score of 10 has been identified on a web server. Which of the following actions should the security analyst take first?

A.

Contact the web systems administrator and request that they shut down the asset.

B.

Monitor the patch releases for all items and escalate patching to the appropriate team.

C.

Run the vulnerability scan again to verify the presence of the critical finding and the zero-day vulnerability.

D.

Forward the advisory to the web security team and initiate the prioritization strategy for the other vulnerabilities.

Full Access
Question # 119

Which of the following best explains the importance of communicating with staff regarding the official public communication plan related to incidents impacting the organization?

A.

To establish what information is allowed to be released by designated employees

B.

To designate an external public relations firm to represent the organization

C.

To ensure that all news media outlets are informed at the same time

D.

To define how each employee will be contacted after an event occurs

Full Access
Question # 120

An analyst is reviewing a dashboard from the company’s SIEM and finds that an IP address known to be malicious can be tracked to numerous high-priority events in the last two hours. The dashboard indicates that these events relate to TTPs. Which of the following is the analyst most likely using?

A.

MITRE ATT&CK

B.

OSSTMM

C.

Diamond Model of Intrusion Analysis

D.

OWASP

Full Access
Go to page: