ExamGecko
Login
Home / CompTIA / CS0-003 / List of questions
Ask Question

CompTIA CS0-003 Practice Test - Questions Answers, Page 13

Add to Whishlist

List of questions

Question 121

Report Export Collapse

Which of the following best describes the process of requiring remediation of a known threat within a given time frame?

Become a Premium Member for full access
  Unlock Premium Member

Question 122

Report Export Collapse

A systems administrator notices unfamiliar directory names on a production server. The administrator reviews the directory listings and files, and then concludes the server has been

compromised. Which of the following steps should the administrator take next?

Become a Premium Member for full access
  Unlock Premium Member

Question 123

Report Export Collapse

A software developer has been deploying web applications with common security risks to include insufficient logging capabilities. Which of the following actions would be most effective to reduce risks associated with the application development?

Become a Premium Member for full access
  Unlock Premium Member

Question 124

Report Export Collapse

A security audit for unsecured network services was conducted, and the following output was generated:

CompTIA CS0-003 image Question 124 94745 10022024175105000000

Which of the following services should the security team investigate further? (Select two).

Become a Premium Member for full access
  Unlock Premium Member

Question 125

Report Export Collapse

While reviewing web server logs, a security analyst found the following line:

<IMG SRC='vbscript:msgbox('test')'>

Which of the following malicious activities was attempted?

Become a Premium Member for full access
  Unlock Premium Member

Question 126

Report Export Collapse

Which of the following is often used to keep the number of alerts to a manageable level when establishing a process to track and analyze violations?

Become a Premium Member for full access
  Unlock Premium Member

Question 127

Report Export Collapse

Which of the following is described as a method of enforcing a security policy between cloud customers and cloud services?

Become a Premium Member for full access
  Unlock Premium Member

Question 128

Report Export Collapse

After completing a review of network activity. the threat hunting team discovers a device on the network that sends an outbound email via a mail client to a non-company email address daily at 10:00 p.m. Which of the following is potentially occurring?

Become a Premium Member for full access
  Unlock Premium Member

Question 129

Report Export Collapse

Approximately 100 employees at your company have received a Phishing email. AS a security analyst. you have been tasked with handling this Situation.

CompTIA CS0-003 image Question 129 94750 10022024175105000000

CompTIA CS0-003 image Question 129 94750 10022024175105000000

CompTIA CS0-003 image Question 129 94750 10022024175105000000

Review the information provided and determine the following:

1- HOW many employees Clicked on the link in the Phishing email?

2- on how many workstations was the malware installed?

3- what is the executable file name of the malware?

CompTIA CS0-003 image Question 129 94750 10022024175105000000

Become a Premium Member for full access
  Unlock Premium Member

Question 130

Report Export Collapse

You are a cybersecurity analyst tasked with interpreting scan data from Company As servers You must verify the requirements are being met for all of the servers and recommend changes if you find they are not

The company's hardening guidelines indicate the following

* TLS 1 2 is the only version of TLS running.

* Apache 2.4.18 or greater should be used.

* Only default ports should be used.

INSTRUCTIONS

using the supplied data. record the status of compliance With the company's guidelines for each server.

The question contains two parts: make sure you complete Part 1 and Part 2. Make recommendations for Issues based ONLY on the hardening guidelines provided.

Part 1:

CompTIA CS0-003 image Question 130 94751 10022024175105000000

AppServ2:

CompTIA CS0-003 image Question 130 94751 10022024175105000000

AppServ3:

CompTIA CS0-003 image Question 130 94751 10022024175105000000

AppServ4:

CompTIA CS0-003 image Question 130 94751 10022024175105000000

CompTIA CS0-003 image Question 130 94751 10022024175105000000

Part 2:

CompTIA CS0-003 image Question 130 94751 10022024175105000000

CompTIA CS0-003 image Question 130 94751 10022024175105000000

Become a Premium Member for full access
  Unlock Premium Member
Total 431 questions
Go to page: of 44
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

An XSS vulnerability was reported on one of the public websites of a company. The security department confirmed the finding and needs to provide a recommendation to the application owner. Which of the following recommendations will best prevent this vulnerability from being exploited? (Select two).
An organization is conducting a pilot deployment of an e-commerce application. The application's source code is not available. Which of the following strategies should an analyst recommend to evaluate the security of the software?
The Chief Information Security Officer is directing a new program to reduce attack surface risks and threats as part of a zero trust approach. The IT security team is required to come up with priorities for the program. Which of the following is the best priority based on common attack frameworks?
While reviewing web server logs, an analyst notices several entries with the same time stamps, but all contain odd characters in the request line. Which of the following steps should be taken next?
An analyst is reviewing a dashboard from the company's SIEM and finds that an IP address known to be malicious can be tracked to numerous high-priority events in the last two hours. The dashboard indicates that these events relate to TTPs. Which of the following is the analyst most likely using?
The Chief Information Security Officer (CISO) of a large management firm has selected a cybersecurity framework that will help the organization demonstrate its investment in tools and systems to protect its data. Which of the following did the CISO most likely select?
Which of the following characteristics ensures the security of an automated information system is the most effective and economical?
An organization identifies a method to detect unexpected behavior, crashes, or resource leaks in a system by feeding invalid, unexpected, or random data to stress the application. Which of the following best describes this testing methodology?
An analyst is designing a message system for a bank. The analyst wants to include a feature that allows the recipient of a message to prove to a third party that the message came from the sender Which of the following information security goals is the analyst most likely trying to achieve?
After a security assessment was done by a third-party consulting firm, the cybersecurity program recommended integrating DLP and CASB to reduce analyst alert fatigue. Which of the following is the best possible outcome that this effort hopes to achieve?