ExamGecko
Login
Home / CompTIA / CS0-003 / List of questions
Ask Question

CompTIA CS0-003 Practice Test - Questions Answers, Page 36

Add to Whishlist

List of questions

Question 351

Report Export Collapse

Which of the following is the best reason to implement an MOU?

Become a Premium Member for full access
  Unlock Premium Member

Question 352

Report Export Collapse

Which of the following is the best framework for assessing how attackers use techniques over an infrastructure to exploit a target's information assets?

Become a Premium Member for full access
  Unlock Premium Member

Question 353

Report Export Collapse

In the last hour, a high volume of failed RDP authentication attempts has been logged on a critical server. All of the authentication attempts originated from the same remote IP address and made use of a single valid domain user account. Which of the following mitigating controls would be most effective to reduce the rate of success of this brute-force attack? (Select two)

Become a Premium Member for full access
  Unlock Premium Member

Question 354

Report Export Collapse

A SOC receives several alerts indicating user accounts are connecting to the company's identity provider through non-secure communications. User credentials for accessing sensitive, business-critical systems could be exposed. Which of the following logs should the SOC use when determining malicious intent?

Become a Premium Member for full access
  Unlock Premium Member

Question 355

Report Export Collapse

A network security analyst for a large company noticed unusual network activity on a critical system. Which of the following tools should the analyst use to analyze network traffic to search for malicious activity?

Become a Premium Member for full access
  Unlock Premium Member

Question 356

Report Export Collapse

An analyst is reviewing a dashboard from the company's SIEM and finds that an IP address known to be malicious can be tracked to numerous high-priority events in the last two hours. The dashboard indicates that these events relate to TTPs. Which of the following is the analyst most likely using?

Become a Premium Member for full access
  Unlock Premium Member

Question 357

Report Export Collapse

A Chief Information Security Officer wants to lock down the users' ability to change applications that are installed on their Windows systems. Which of the following is the best enterprise-level solution?

Become a Premium Member for full access
  Unlock Premium Member

Question 358

Report Export Collapse

A Chief Information Security Officer (CISO) has determined through lessons learned and an associated after-action report that staff members who use legacy applications do not adequately understand how to differentiate between non-malicious emails and phishing emails. Which of the following should the CISO include in an action plan to remediate this issue?

Become a Premium Member for full access
  Unlock Premium Member

Question 359

Report Export Collapse

Which of the following is most appropriate to use with SOAR when the security team would like to automate actions across different vendor platforms?

Become a Premium Member for full access
  Unlock Premium Member

Question 360

Report Export Collapse

A security analyst runs the following command:

# nmap -T4 -F 192.168.30.30

Starting nmap 7.6

Host is up (0.13s latency)

PORT STATE SERVICE

23/tcp open telnet

443/tcp open https

636/tcp open ldaps

Which of the following should the analyst recommend first to harden the system?

Become a Premium Member for full access
  Unlock Premium Member
Total 437 questions
Go to page: of 44
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

An XSS vulnerability was reported on one of the public websites of a company. The security department confirmed the finding and needs to provide a recommendation to the application owner. Which of the following recommendations will best prevent this vulnerability from being exploited? (Select two).
An organization is conducting a pilot deployment of an e-commerce application. The application's source code is not available. Which of the following strategies should an analyst recommend to evaluate the security of the software?
The Chief Information Security Officer is directing a new program to reduce attack surface risks and threats as part of a zero trust approach. The IT security team is required to come up with priorities for the program. Which of the following is the best priority based on common attack frameworks?
While reviewing web server logs, an analyst notices several entries with the same time stamps, but all contain odd characters in the request line. Which of the following steps should be taken next?
An analyst is reviewing a dashboard from the company's SIEM and finds that an IP address known to be malicious can be tracked to numerous high-priority events in the last two hours. The dashboard indicates that these events relate to TTPs. Which of the following is the analyst most likely using?
The Chief Information Security Officer (CISO) of a large management firm has selected a cybersecurity framework that will help the organization demonstrate its investment in tools and systems to protect its data. Which of the following did the CISO most likely select?
Which of the following characteristics ensures the security of an automated information system is the most effective and economical?
An organization identifies a method to detect unexpected behavior, crashes, or resource leaks in a system by feeding invalid, unexpected, or random data to stress the application. Which of the following best describes this testing methodology?
An analyst is designing a message system for a bank. The analyst wants to include a feature that allows the recipient of a message to prove to a third party that the message came from the sender Which of the following information security goals is the analyst most likely trying to achieve?
After a security assessment was done by a third-party consulting firm, the cybersecurity program recommended integrating DLP and CASB to reduce analyst alert fatigue. Which of the following is the best possible outcome that this effort hopes to achieve?