Summer Certification Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

CompTIA CySA+ CS0-003 Reddit Questions

Page: 32 / 37
Total 487 questions

CompTIA CyberSecurity Analyst CySA+ Certification Exam Questions and Answers

Question 125

A recent zero-day vulnerability is being actively exploited, requires no user interaction or privilege escalation, and has a significant impact to confidentiality and integrity but not to availability. Which of the following CVE metrics would be most accurate for this zero-day threat?

Options:

A.

CVSS: 31/AV: N/AC: L/PR: N/UI: N/S: U/C: H/1: K/A: L

B.

CVSS:31/AV:K/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L

C.

CVSS:31/AV:N/AC:L/PR:N/UI:H/S:U/C:L/I:N/A:H

D.

CVSS:31/AV:L/AC:L/PR:R/UI:R/S:U/C:H/I:L/A:H

Question 126

A security analyst has received an incident case regarding malware spreading out of control on a customer ' s network. The analyst is unsure how to respond. The configured EDR has automatically obtained a sample of the malware and its signature. Which of the following should the analyst perform next to determine the type of malware, based on its telemetry?

Options:

A.

Cross-reference the signature with open-source threat intelligence.

B.

Configure the EDR to perform a full scan.

C.

Transfer the malware to a sandbox environment.

D.

Log in to the affected systems and run necstat.

Question 127

A vulnerability management team is unable to patch all vulnerabilities found during their weekly scans. Using the third-party scoring system described below, the team patches the most urgent vulnerabilities:

Additionally, the vulnerability management team feels that the metrics Smear and Channing are less important than the others, so these will be lower in priority. Which of the following vulnerabilities should be patched first, given the above third-party scoring system?

Options:

A.

InLoud:Cobain: YesGrohl: NoNovo: YesSmear: YesChanning: No

B.

TSpirit:Cobain: YesGrohl: YesNovo: YesSmear: NoChanning: No

C.

ENameless:Cobain: YesGrohl: NoNovo: YesSmear: NoChanning: No

D.

PBleach:Cobain: YesGrohl: NoNovo: NoSmear: NoChanning: Yes

Question 128

A list of loCs released by a government security organization contains the SHA-256 hash for a Microsoft-signed legitimate binary, svchost. exe. Which of the following best describes the result if security teams add this indicator to their detection signatures?

Options:

A.

This indicator would fire on the majority of Windows devices.

B.

Malicious files with a matching hash would be detected.

C.

Security teams would detect rogue svchost. exe processesintheirenvironment.

D.

Security teams would detect event entries detailing executionofknown-malicioussvchost. exe processes.

Page: 32 / 37
Total 487 questions