Summer Certification Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Exactprep CS0-003 Questions

Page: 29 / 37
Total 487 questions

CompTIA CyberSecurity Analyst CySA+ Certification Exam Questions and Answers

Question 113

An incident response team is working with law enforcement to investigate an active web server compromise. The decision has been made to keep the server running and to implement compensating controls for a period of time. The web service must be accessible from the internet via the reverse proxy and must connect to a database server. Which of the following compensating controls will help contain the adversary while meeting the other requirements? (Select two).

Options:

A.

Drop the tables on the database server to prevent data exfiltration.

B.

Deploy EDR on the web server and the database server to reduce the adversaries capabilities.

C.

Stop the httpd service on the web server so that the adversary can not use web exploits

D.

use micro segmentation to restrict connectivity to/from the web and database servers.

E.

Comment out the HTTP account in the / etc/passwd file of the web server

F.

Move the database from the database server to the web server.

Question 114

During an incident involving phishing, a security analyst needs to find the source of the malicious email. Which of the following techniques would provide the analyst with this information?

Options:

A.

Header analysis

B.

Packet capture

C.

SSL inspection

D.

Reverse engineering

Question 115

An organization has activated the CSIRT. A security analyst believes a single virtual server was compromised and immediately isolated from the network. Which of the following should the CSIRT conduct next?

Options:

A.

Take a snapshot of the compromised server and verify its integrity

B.

Restore the affected server to remove any malware

C.

Contact the appropriate government agency to investigate

D.

Research the malware strain to perform attribution

Question 116

A recent penetration test discovered that several employees were enticed to assist attackers by visiting specific websites and running downloaded files when prompted by phone calls. Which of the following would best address this issue?

Options:

A.

Increasing training and awareness for all staff

B.

Ensuring that malicious websites cannot be visited

C.

Blocking all scripts downloaded from the internet

D.

Disabling all staff members ' ability to run downloaded applications

Page: 29 / 37
Total 487 questions