Summer Certification Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Changed CS0-003 Exam Questions

Page: 30 / 37
Total 487 questions

CompTIA CyberSecurity Analyst CySA+ Certification Exam Questions and Answers

Question 117

A systems administrator is reviewing after-hours traffic flows from data-center servers and sees regular outgoing HTTPS connections from one of the servers to a public IP address. The server should not be making outgoing connections after hours. Looking closer, the administrator sees this traffic pattern around the clock during work hours as well. Which of the following is the most likely explanation?

Options:

A.

C2 beaconing activity

B.

Data exfiltration

C.

Anomalous activity on unexpected ports

D.

Network host IP address scanning

E.

A rogue network device

Question 118

A security analyst recently used Arachni to perform a vulnerability assessment of a newly developed web application. The analyst is concerned about the following output:

[+] XSS: In form input ' txtSearch ' with action

[-] XSS: Analyzing response #1...

[-] XSS: Analyzing response #2...

[-] XSS: Analyzing response #3...

[+] XSS: Response is tainted. Looking for proof of the vulnerability.

Which of the following is the most likely reason for this vulnerability?

Options:

A.

The developer set input validation protection on the specific field of search.aspx.

B.

The developer did not set proper cross-site scripting protections in the header.

C.

The developer did not implement default protections in the web application build.

D.

The developer did not set proper cross-site request forgery protections.

Question 119

After updating the email client to the latest patch, only about 15% of the workforce is able to use email. Windows 10 users do not experience issues, but Windows 11 users have constant issues. Which of the

following did the change management team fail to do?

Options:

A.

Implementation

B.

Testing

C.

Rollback

D.

Validation

Question 120

There are several reports of sensitive information being disclosed via file sharing services. The company would like to improve its security posture against this threat. Which of the following security controls would best support the company in this scenario?

Options:

A.

Implement step-up authentication for administrators

B.

Improve employee training and awareness

C.

Increase password complexity standards

D.

Deploy mobile device management

Page: 30 / 37
Total 487 questions