最新的CompTIA Cybersecurity Analyst (CySA+) Certification - CS0-003免費考試真題
問題1
A vulnerability analyst is writing a report documenting the newest, most critical vulnerabilities identified in the past month. Which of the following public MITRE repositories would be best to review?
正確答案: B
說明:(僅 VCESoft 成員可見)
問題2
The analyst reviews the following endpoint log entry:

Which of the following has occurred?

Which of the following has occurred?
正確答案: B
說明:(僅 VCESoft 成員可見)
問題3
During an incident, some loCs of possible ransomware contamination were found in a group of servers in a segment of the network. Which of the following steps should be taken next?
正確答案: A
說明:(僅 VCESoft 成員可見)
問題4
There are several reports of sensitive information being disclosed via file sharing services. The company would like to improve its security posture against this threat. Which of the following security controls would best support the company in this scenario?
正確答案: B
說明:(僅 VCESoft 成員可見)
問題5
A company that has a geographically diverse workforce and dynamic IPs wants to implement a vulnerability scanning method with reduced network traffic. Which of the following would best meet this requirement?
正確答案: C
說明:(僅 VCESoft 成員可見)
問題6
A systems administrator is reviewing after-hours traffic flows from data center servers and sees regular, outgoing HTTPS connections from one of the servers to a public IP address. The server should not be making outgoing connections after hours. Looking closer, the administrator sees this traffic pattern around the clock during work hours as well. Which of the following is the most likely explanation?
正確答案: B
說明:(僅 VCESoft 成員可見)
問題7
A SOC manager reviews metrics from the last four weeks to investigate a recurring availability issue. The manager finds similar events correlating to the times of the reported issues.
Which of the following methods would the manager most likely use to resolve the issue?
Which of the following methods would the manager most likely use to resolve the issue?
正確答案: B
說明:(僅 VCESoft 成員可見)
問題8
The Chief Information Security Officer wants to eliminate and reduce shadow IT in the enterprise. Several high-risk cloud applications are used that increase the risk to the organization. Which of the following solutions will assist in reducing the risk?
正確答案: C
說明:(僅 VCESoft 成員可見)
問題9
The threat intelligence team is using the MITRE ATT & CK framework to map threat actors' TTPs to the team's internal reference library. Which of the following best describes the reason visualization and stage alignment are helpful for the incident response team?
正確答案: B
說明:(僅 VCESoft 成員可見)
問題10
A company classifies security groups by risk level. Any group with a high-risk classification requires multiple levels of approval for member or owner changes. Which of the following inhibitors to remediation is the company utilizing?
正確答案: D
說明:(僅 VCESoft 成員可見)
問題11
A security analyst reviews the following Arachni scan results for a web application that stores PII data:

Which of the following should be remediated first?

Which of the following should be remediated first?
正確答案: C
說明:(僅 VCESoft 成員可見)
問題12
A penetration tester is conducting a test on an organization ' s software development website. The penetration tester sends the following request to the web interface:

Which of the following exploits is most likely being attempted?

Which of the following exploits is most likely being attempted?
正確答案: B
說明:(僅 VCESoft 成員可見)
問題13
An employee accessed a website that caused a device to become infected with invasive malware. The incident response analyst has:
* created the initial evidence log.
* disabled the wireless adapter on the device.
* interviewed the employee, who was unable to identify the website that was accessed
* reviewed the web proxy traffic logs.
Which of the following should the analyst do to remediate the infected device?
* created the initial evidence log.
* disabled the wireless adapter on the device.
* interviewed the employee, who was unable to identify the website that was accessed
* reviewed the web proxy traffic logs.
Which of the following should the analyst do to remediate the infected device?
正確答案: B
說明:(僅 VCESoft 成員可見)
問題14
A company is concerned with finding sensitive file storage locations that are open to the public. The current internal cloud network is flat. Which of the following is the best solution to secure the network?
正確答案: B
說明:(僅 VCESoft 成員可見)
問題15
Which of the following best describes the reporting metric that should be utilized when measuring the degree to which a system, application, or user base is affected by an uptime availability outage?
正確答案: A
說明:(僅 VCESoft 成員可見)

