CS0-003 V1

An older CVE with a vulnerability score of 7.1 was elevated to a score of 9.8 due to a widely available exploit being used to deliver ransomware. Which of the following factors would an analyst most likely communicate as the reason for this escalation?A . Scope B. Weaponization C. CVSS...

Which of the following items should be included in a vulnerability scan report? (Choose two.)A . Lessons learned B. Service-level agreement C. Playbook D. Affected hosts E. Risk score F. Education planView AnswerAnswer: D, E Explanation: A vulnerability scan report should include information about the affected hosts, such as their...

The Chief Executive Officer of an organization recently heard that exploitation of new attacks in the industry was happening approximately 45 days after a patch was released. Which of the following would best protect this organization?A . A mean time to remediate of 30 days B. A mean time to...

Which of the following phases of the Cyber Kill Chain involves the adversary attempting to establish communication with a successfully exploited target?A . Command and control B. Actions on objectives C. Exploitation D. DeliveryView AnswerAnswer: A Explanation: Command and control (C2) is a phase of the Cyber Kill Chain that...

Which of the following is the first step that should be performed when establishing a disaster recovery plan?A . Agree on the goals and objectives of the plan B. Determine the site to be used during a disaster C Demonstrate adherence to a standard disaster recovery process D. Identity applications...

An analyst is reviewing a vulnerability report and must make recommendations to the executive team. The analyst finds that most systems can be upgraded with a reboot resulting in a single downtime window. However, two of the critical systems cannot be upgraded due to a vendor appliance that the company...

A company is implementing a vulnerability management program and moving from an on-premises environment to a hybrid IaaS cloud environment. Which of the following implications should be considered on the new hybrid environment?A . The current scanners should be migrated to the cloud B. Cloud-specific misconfigurations may not be detected...

During security scanning, a security analyst regularly finds the same vulnerabilities in a critical application. Which of the following recommendations would best mitigate this problem if applied along the SDLC phase?A . Conduct regular red team exercises over the application in production B. Ensure that all implemented coding libraries are...

The Chief Information Security Officer wants to eliminate and reduce shadow IT in the enterprise. Several high-risk cloud applications are used that increase the risk to the organization. Which of the following solutions will assist in reducing the risk?A . Deploy a CASB and enable policy enforcement B. Configure MFA...

An incident response team receives an alert to start an investigation of an internet outage. The outage is preventing all users in multiple locations from accessing external SaaS resources. The team determines the organization was impacted by a DDoS attack. Which of the following logs should the team review first?A...