CS0-003 V2

Which of the following security operations tasks are ideal for automation?A . Suspicious file analysis: - Look for suspicious-looking graphics in a folder. - Create subfolders in the original folder based on category of graphics found. - Move the suspicious graphics to the appropriate subfolderB . Firewall IoC block actions:...

A security technician is testing a solution that will prevent outside entities from spoofing the company's email domain, which is compatia.org. The testing is successful, and the security technician is prepared to fully implement the solution. Which of the following actions should the technician take to accomplish this task?A ....

An incident response team receives an alert to start an investigation of an internet outage. The outage is preventing all users in multiple locations from accessing external SaaS resources. The team determines the organization was impacted by a DDoS attack. Which of the following logs should the team review first?A...

A company is implementing a vulnerability management program and moving from an on-premises environment to a hybrid IaaS cloud environment. Which of the following implications should be considered on the new hybrid environment?A . The current scanners should be migrated to the cloudB . Cloud-specific misconfigurations may not be detected...

Which of the following software assessment methods world peak times?A . Security regression testingB . Stress testingC . Static analysis testingD . Dynamic analysis testingE . User acceptance testingView AnswerAnswer: B Explanation: Stress testing is a software assessment method that tests how an application performs under peak times or extreme...

During an investigation, an analyst discovers the following rule in an executive's email client: The executive is not aware of this rule. Which of the following should the analyst do first to evaluate the potential impact of this security incident?A . Check the server logs to evaluate which emails were...

A security analyst discovers the company's website is vulnerable to cross-site scripting. Which of the following solutions will best remedy the vulnerability?A . Prepared statementsB . Server-side input validationC . Client-side input encodingD . Disabled JavaScript filteringView AnswerAnswer: B Explanation: Server-side input validation is a solution that can prevent cross-site...

A malicious actor has gained access to an internal network by means of social engineering. The actor does not want to lose access in order to continue the attack. Which of the following best describes the current stage of the Cyber Kill Chain that the threat actor is currently operating...

After conducting a cybersecurity risk assessment for a new software request, a Chief Information Security Officer (CISO) decided the risk score would be too high. The CISO refused the software request. Which of the following risk management principles did the CISO select?A . AvoidB . TransferC . AcceptD . MitigateView...

A security analyst discovers the accounting department is hosting an accounts receivable form on a public document service. Anyone with the link can access it. Which of the following threats applies to this situation?A . Potential data loss to external usersB . Loss of public/private key managementC . Cloud-based authentication...