Summer Certification Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

CS0-003 Questions Bank

Page: 19 / 37
Total 487 questions

CompTIA CyberSecurity Analyst CySA+ Certification Exam Questions and Answers

Question 73

Which of the following best describes the importance of KPIs in an incident response exercise?

Options:

A.

To identify the personal performance of each analyst

B.

To describe how incidents were resolved

C.

To reveal what the team needs to prioritize

D.

To expose which tools should be used

Question 74

An auditor is reviewing an evidence log associated with a cybercrime. The auditor notices that a gap exists between individuals who were responsible for holding onto and transferring the evidence between individuals responsible for the investigation. Which of the following best describes the evidence handling process that was not properly followed?

Options:

A.

Validating data integrity

B.

Preservation

C.

Legal hold

D.

Chain of custody

Question 75

An analyst needs to provide recommendations based on a recent vulnerability scan:

Which of the following should the analyst recommend addressing to ensure potential vulnerabilities are identified?

Options:

A.

SMB use domain SID to enumerate users

B.

SYN scanner

C.

SSL certificate cannot be trusted

D.

Scan not performed with admin privileges

Question 76

During an incident, a security analyst discovers a large amount of Pll has been emailed externally from an employee to a public email address. The analyst finds that the external email is the employee ' s

personal email. Which of the following should the analyst recommend be done first?

Options:

A.

Place a legal hold on the employee ' s mailbox.

B.

Enable filtering on the web proxy.

C.

Disable the public email access with CASB.

D.

Configure a deny rule on the firewall.

Page: 19 / 37
Total 487 questions