Summer Certification Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Last Attempt CS0-003 Questions

Page: 11 / 37
Total 487 questions

CompTIA CyberSecurity Analyst CySA+ Certification Exam Questions and Answers

Question 41

An analyst receives an alert for suspicious IIS log activity and reviews the following entries:

2024-05-23 15:57:05 10.203.10.16 HEAT / - 80 - 10.203.10.17

...

Which of the following will the analyst infer from the logs?

Options:

A.

An attacker is performing network lateral movement.

B.

An attacker is conducting reconnaissance of the website.

C.

An attacker is exfiltrating data from the network.

D.

An attacker is cloning the website.

Question 42

A company that has a geographically diverse workforce and dynamic IPs wants to implement a vulnerability scanning method with reduced network traffic. Which of the following would best meet this requirement?

Options:

A.

External

B.

Agent-based

C.

Non-credentialed

D.

Credentialed

Question 43

Which of the following are the most relevant factors related to vulnerability management reporting and communication within an organization?

Options:

A.

Risk assessment, asset inventory, business impact analysis, and business continuity plans

B.

Patch availability, mean time to remediate, dependencies, and disaster recovery plans

C.

False-positive rates, alert volume and characteristics, mean time to detect, and skills inventory

D.

Risk severity levels, timelines, dependencies, and remediation ownership

Question 44

Which of the following would help to minimize human engagement and aid in process improvement in security operations?

Options:

A.

OSSTMM

B.

SIEM

C.

SOAR

D.

QVVASP

Page: 11 / 37
Total 487 questions