ExamGecko
Login
Home / CompTIA / CS0-003 / List of questions
Ask Question

CompTIA CS0-003 Practice Test - Questions Answers, Page 38

Add to Whishlist

List of questions

Question 371

Report Export Collapse

An analyst receives an alert for suspicious IIS log activity and reviews the following entries:

2024-05-23 15:57:05 10.203.10.16 HEAT / - 80 - 10.203.10.17 DirBuster-1.0-RC1+(http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)

...

Which of the following will the analyst infer from the logs?

Become a Premium Member for full access
  Unlock Premium Member

Question 372

Report Export Collapse

Which of the following is the appropriate phase in the incident response process to perform a vulnerability scan to determine the effectiveness of corrective actions?

Become a Premium Member for full access
  Unlock Premium Member

Question 373

Report Export Collapse

Which of the following risk management decisions should be considered after evaluating all other options?

Become a Premium Member for full access
  Unlock Premium Member

Question 374

Report Export Collapse

A security analyst reviews a SIEM alert related to a suspicious email and wants to verify the authenticity of the message:

SPF = PASS

DKIM = FAIL

DMARC = FAIL

Which of the following did the analyst most likely discover?

Become a Premium Member for full access
  Unlock Premium Member

Question 375

Report Export Collapse

Which of the following is a KPI that is used to monitor or report on the effectiveness of an incident response reporting and communication program?

Become a Premium Member for full access
  Unlock Premium Member

Question 376

Report Export Collapse

Which of the following ensures that a team receives simulated threats to evaluate incident response performance and coordination?

Become a Premium Member for full access
  Unlock Premium Member

Question 377

Report Export Collapse

The Chief Information Security Officer wants the same level of security to be present whether a remote worker logs in at home or at a coffee shop. Which of the following should be recommended as a starting point?

Become a Premium Member for full access
  Unlock Premium Member

Question 378

Report Export Collapse

Which of the following is the best use of automation in cybersecurity?

Become a Premium Member for full access
  Unlock Premium Member

Question 379

Report Export Collapse

A user is flagged for consistently consuming a high volume of network bandwidth over the past week. During the investigation, the security analyst finds traffic to the following websites:

Date/Time

URL

Destination Port

Bytes In

Bytes Out

12/24/2023 14:00:25

youtube.com

80

450000

4587

12/25/2023 14:09:30

translate.google.com

80

2985

3104

12/25/2023 14:10:00

tiktok.com

443

675000

105

12/25/2023 16:00:45

netflix.com

443

525900

295

12/26/2023 16:30:45

grnail.com

443

1250

525984

12/31/2023 17:30:25

office.com

443

350000

450

12/31/2023 17:35:00

youtube.com

443

300

350000

Which of the following data flows should the analyst investigate first?

Become a Premium Member for full access
  Unlock Premium Member

Question 380

Report Export Collapse

A security analyst reviews a packet capture and identifies the following output as anomalous:

13:49:57.553161 TP10.203.10.17.45701>10.203.10.22.12930:Flags[FPU],seq108331482,win1024,urg0,length0

13:49:57.553162 IP10.203.10.17.45701>10.203.10.22.48968:Flags[FPU],seq108331482,win1024,urg0,length0

...

Which of the following activities explains the output?

Become a Premium Member for full access
  Unlock Premium Member
Total 431 questions
Go to page: of 44
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

An XSS vulnerability was reported on one of the public websites of a company. The security department confirmed the finding and needs to provide a recommendation to the application owner. Which of the following recommendations will best prevent this vulnerability from being exploited? (Select two).
An organization is conducting a pilot deployment of an e-commerce application. The application's source code is not available. Which of the following strategies should an analyst recommend to evaluate the security of the software?
The Chief Information Security Officer is directing a new program to reduce attack surface risks and threats as part of a zero trust approach. The IT security team is required to come up with priorities for the program. Which of the following is the best priority based on common attack frameworks?
While reviewing web server logs, an analyst notices several entries with the same time stamps, but all contain odd characters in the request line. Which of the following steps should be taken next?
An analyst is reviewing a dashboard from the company's SIEM and finds that an IP address known to be malicious can be tracked to numerous high-priority events in the last two hours. The dashboard indicates that these events relate to TTPs. Which of the following is the analyst most likely using?
The Chief Information Security Officer (CISO) of a large management firm has selected a cybersecurity framework that will help the organization demonstrate its investment in tools and systems to protect its data. Which of the following did the CISO most likely select?
Which of the following characteristics ensures the security of an automated information system is the most effective and economical?
An organization identifies a method to detect unexpected behavior, crashes, or resource leaks in a system by feeding invalid, unexpected, or random data to stress the application. Which of the following best describes this testing methodology?
An analyst is designing a message system for a bank. The analyst wants to include a feature that allows the recipient of a message to prove to a third party that the message came from the sender Which of the following information security goals is the analyst most likely trying to achieve?
After a security assessment was done by a third-party consulting firm, the cybersecurity program recommended integrating DLP and CASB to reduce analyst alert fatigue. Which of the following is the best possible outcome that this effort hopes to achieve?