Special Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

CS0-003 Exam Dumps - CompTIA CyberSecurity Analyst CySA+ Certification Exam

Go to page:
Question # 33

Which of the following is a benefit of the Diamond Model of Intrusion Analysis?

A.

It provides analytical pivoting and identifies knowledge gaps.

B.

It guarantees that the discovered vulnerability will not be exploited again in the future.

C.

It provides concise evidence that can be used in court

D.

It allows for proactive detection and analysis of attack events

Full Access
Question # 34

A Chief Information Security Officer wants to implement security by design, starting …… vulnerabilities, including SQL injection, FRI, XSS, etc. Which of the following would most likely meet the requirement?

A.

Reverse engineering

B.

Known environment testing

C.

Dynamic application security testing

D.

Code debugging

Full Access
Question # 35

A user is flagged for consistently consuming a high volume of network bandwidth over the past week. During the investigation, the security analyst finds traffic to the following websites:

Date/Time

URL

Destination Port

Bytes In

Bytes Out

12/24/2023 14:00:25

youtube.com

80

450000

4587

12/25/2023 14:09:30

translate.google.com

80

2985

3104

12/25/2023 14:10:00

tiktok.com

443

675000

105

12/25/2023 16:00:45

netflix.com

443

525900

295

12/26/2023 16:30:45

grnail.com

443

1250

525984

12/31/2023 17:30:25

office.com

443

350000

450

12/31/2023 17:35:00

youtube.com

443

300

350000

Which of the following data flows should the analyst investigate first?

A.

netflix.com

B.

youtube.com

C.

tiktok.com

D.

grnail.com

E.

translate.google.com

F.

office.com

Full Access
Question # 36

A recent zero-day vulnerability is being actively exploited, requires no user interaction or privilege escalation, and has a significant impact to confidentiality and integrity but not to availability. Which of the following CVE metrics would be most accurate for this zero-day threat?

A.

CVSS: 31/AV: N/AC: L/PR: N/UI: N/S: U/C: H/1: K/A: L

B.

CVSS:31/AV:K/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L

C.

CVSS:31/AV:N/AC:L/PR:N/UI:H/S:U/C:L/I:N/A:H

D.

CVSS:31/AV:L/AC:L/PR:R/UI:R/S:U/C:H/I:L/A:H

Full Access
Question # 37

A high volume of failed RDP authentication attempts was logged on a critical server within a one-hour period. All of the attempts originated from the same remote IP address and made use of a single valid domain user account. Which of the following would be the most effective mitigating control to reduce the rate of success of this brute-force attack?

A.

Enabling a user account lockout after a limited number of failed attempts

B.

Installing a third-party remote access tool and disabling RDP on all devices

C.

Implementing a firewall block for the remote system's IP address

D.

Increasing the verbosity of log-on event auditing on all devices

Full Access
Question # 38

A SOC analyst is analyzing traffic on a network and notices an unauthorized scan. Which of the following types of activities is being observed?

A.

Potential precursor to an attack

B.

Unauthorized peer-to-peer communication

C.

Rogue device on the network

D.

System updates

Full Access
Question # 39

An organization's website was maliciously altered.

INSTRUCTIONS

Review information in each tab to select the source IP the analyst should be concerned

about, the indicator of compromise, and the two appropriate corrective actions.

Full Access
Question # 40

While reviewing the web server logs, a security analyst notices the following snippet:

.. \ .. / .. \ .. /boot.ini

Which of the following Is belng attempted?

A.

Directory traversal

B.

Remote file inclusion

C.

Cross-site scripting

D.

Remote code execution

E.

Enumeration of /etc/passwd

Full Access
Go to page: