CS0-003

A security analyst received a malicious binary file to analyze. Which of the following is the best technique to perform the analysis?A . Code analysis B. Static analysis C. Reverse engineering D. FuzzingView AnswerAnswer: C Explanation: Reverse engineering is a technique that involves analyzing a binary file to understand its...

A security program was able to achieve a 30% improvement in MTTR by integrating security controls into a SIEM. The analyst no longer had to jump between tools. Which of the following best describes what the security program did?A . Data enrichment B. Security control plane C. Threat feed combination...

Which of the following items should be included in a vulnerability scan report? (Choose two.)A . Lessons learned B. Service-level agreement C. Playbook D. Affected hosts E. Risk score F. Education planView AnswerAnswer: D, E Explanation: A vulnerability scan report should include information about the affected hosts, such as their...

A company's user accounts have been compromised. Users are also reporting that the company's internal portal is sometimes only accessible through HTTP, other times; it is accessible through HTTPS. Which of the following most likely describes the observed activity?A . There is an issue with the SSL certificate causinq port...

The security team reviews a web server for XSS and runs the following Nmap scan: Which of the following most accurately describes the result of the scan?A . An output of characters > and " as the parameters used m the attempt B. The vulnerable parameter ID hccp://l72.31.15.2/1.php?id-2 and unfiltered...

Which of the following phases of the Cyber Kill Chain involves the adversary attempting to establish communication with a successfully exploited target?A . Command and control B. Actions on objectives C. Exploitation D. DeliveryView AnswerAnswer: A Explanation: Command and control (C2) is a phase of the Cyber Kill Chain that...

A recent zero-day vulnerability is being actively exploited, requires no user interaction or privilege escalation, and has a significant impact to confidentiality and integrity but not to availability. Which of the following CVE metrics would be most accurate for this zero-day threat?A . CVSS: 31/AV: N/AC: L/PR: N/UI: N/S: U/C:...

A company is implementing a vulnerability management program and moving from an on-premises environment to a hybrid IaaS cloud environment. Which of the following implications should be considered on the new hybrid environment?A . The current scanners should be migrated to the cloud B. Cloud-specific misconfigurations may not be detected...

An organization has experienced a breach of customer transactions. Under the terms of PCI DSS, which of the following groups should the organization report the breach to?A . PCI Security Standards Council B. Local law enforcement C. Federal law enforcement D. Card issuerView AnswerAnswer: D Explanation: Under the terms of...

A company's user accounts have been compromised. Users are also reporting that the company's internal portal is sometimes only accessible through HTTP, other times; it is accessible through HTTPS. Which of the following most likely describes the observed activity?A . There is an issue with the SSL certificate causinq port...