CS0-003 V2

A user reports a malware alert to the help desk. A technician verities the alert, determines the workstation is classified as a low-severity device, and uses network controls to block access. The technician then assigns the ticket to a security analyst who will complete the eradication and recovery processes. Which...

An organization has activated the CSIRT. A security analyst believes a single virtual server was compromised and immediately isolated from the network. Which of the following should the CSIRT conduct next?A . Take a snapshot of the compromised server and verify its integrityB . Restore the affected server to remove...

New employees in an organization have been consistently plugging in personal webcams despite the company policy prohibiting use of personal devices. The SOC manager discovers that new employees are not aware of the company policy. Which of the following will the SOC manager most likely recommend to help ensure new...

Which of the following describes how a CSIRT lead determines who should be communicated with and when during a security incident?A . The lead should review what is documented in the incident response policy or planB . Management level members of the CSIRT should make that decisionC . The lead...

Joe, a leading sales person at an organization, has announced on social media that he is leaving his current role to start a new company that will compete with his current employer. Joe is soliciting his current employer's customers. However, Joe has not resigned or discussed this with his current...

A company that has a geographically diverse workforce and dynamic IPs wants to implement a vulnerability scanning method with reduced network traffic. Which of the following would best meet this requirement?A . ExternalB . Agent-basedC . Non-credentialedD . CredentialedView AnswerAnswer: B Explanation: Agent-based vulnerability scanning is a method that involves...

A company creates digitally signed packages for its devices. Which of the following best describes the method by which the security packages are delivered to the company's customers?A . Antitamper mechanismB . SELinuxC . Trusted firmware updatesD . eFuseView AnswerAnswer: C Explanation: Trusted firmware updates are a method by which...

A vulnerability management team is unable to patch all vulnerabilities found during their weekly scans. Using the third-party scoring system described below, the team patches the most urgent vulnerabilities: Additionally, the vulnerability management team feels that the metrics Smear and Channing are less important than the others, so these will...

Which of the following is the best way to begin preparation for a report titled "What We Learned" regarding a recent incident involving a cybersecurity breach?A . Determine the sophistication of the audience that the report is meant forB . Include references and sources of information on the first pageC...

A security analyst is supporting an embedded software team. Which of the following is the best recommendation to ensure proper error handling at runtime?A . Perform static code analysis.B . Require application fuzzing.C . Enforce input validation.D . Perform a code review.View AnswerAnswer: D Explanation: Performing a code review is...