CS0-003 V2

The Chief Information Security Officer is directing a new program to reduce attack surface risks and threats as part of a zero trust approach. The IT security team is required to come up with priorities for the program. Which of the following is the best priority based on common attack...

The security team reviews a web server for XSS and runs the following Nmap scan: Which of the following most accurately describes the result of the scan?A . An output of characters > and " as the parameters used m the attemptB . The vulnerable parameter ID hccp://l72.31.15.2/1.php?id-2 and unfiltered...

An incident response analyst notices multiple emails traversing the network that target only the administrators of the company. The email contains a concealed URL that leads to an unknown website in another country. Which of the following best describes what is happening? (Choose two.)A . BeaconinqB . Domain Name System...

An analyst notices there is an internal device sending HTTPS traffic with additional characters in the header to a known-malicious IP in another country. Which of the following describes what the analyst has noticed?A . BeaconingB . Cross-site scriptingC . Buffer overflowD . PHP traversalView AnswerAnswer: A Explanation:

Which of the following phases of the Cyber Kill Chain involves the adversary attempting to establish communication with a successfully exploited target?A . Command and controlB . Actions on objectivesC . ExploitationD . DeliveryView AnswerAnswer: A Explanation: Command and control (C2) is a phase of the Cyber Kill Chain that...

During an incident, an analyst needs to acquire evidence for later investigation. Which of the following must be collected first in a computer system, related to its volatility level?A . Disk contentsB . Backup dataC . Temporary filesD . Running processesView AnswerAnswer: D Explanation: The most volatile type of evidence...

An analyst has been asked to validate the potential risk of a new ransomware campaign that the Chief Financial Officer read about in the newspaper. The company is a manufacturer of a very small spring used in the newest fighter jet and is a critical piece of the supply chain...

A systems administrator is reviewing after-hours traffic flows from data-center servers and sees regular outgoing HTTPS connections from one of the servers to a public IP address. The server should not be making outgoing connections after hours. Looking closer, the administrator sees this traffic pattern around the clock during work...

A security analyst is writing a shell script to identify IP addresses from the same country. Which of the following functions would help the analyst achieve the objective?A . function w() { info=$(ping -c 1 $1 | awk -F “/” ‘END{print $1}’) && echo “$1 | $info” }B . function...

An analyst is reviewing a vulnerability report for a server environment with the following entries: Which of the following systems should be prioritized for patching first?A . 10.101.27.98B . 54.73.225.17C . 54.74.110.26D . 54.74.110.228View AnswerAnswer: D Explanation: The system that should be prioritized for patching first is 54.74.110.228, as it...