CS0-003 exam

As a proactive threat-hunting technique, hunters must develop situational cases based on likely attack scenarios derived from the available threat intelligence information. After forming the basis of the scenario, which of the following may the threat hunter construct to establish a framework for threat assessment?A . Critical asset listB ....

A vulnerability management team is unable to patch all vulnerabilities found during their weekly scans. Using the third-party scoring system described below, the team patches the most urgent vulnerabilities: Additionally, the vulnerability management team feels that the metrics Smear and Channing are less important than the others, so these will...

A security analyst is supporting an embedded software team. Which of the following is the best recommendation to ensure proper error handling at runtime?A . Perform static code analysis.B . Require application fuzzing.C . Enforce input validation.D . Perform a code review.View AnswerAnswer: D Explanation: Performing a code review is...

A security analyst is trying to identify anomalies on the network routing. Which of the following functions can the analyst use on a shell script to achieve the objective most accurately?A . function x() { info=$(geoiplookup $1) && echo "$1 | $info" }B . function x() { info=$(ping -c 1...

A recent zero-day vulnerability is being actively exploited, requires no user interaction or privilege escalation, and has a significant impact to confidentiality and integrity but not to availability. Which of the following CVE metrics would be most accurate for this zero-day threat?A . CVSS: 31/AV: N/AC: L/PR: N/UI: N/S: U/C:...

A cybersecurity analyst is concerned about attacks that use advanced evasion techniques. Which of the following would best mitigate such attacks?A . Keeping IPS rules up to dateB . Installing a proxy serverC . Applying network segmentationD . Updating the antivirus softwareView AnswerAnswer: A Explanation: Keeping IPS rules up to...

Which of the following is the best action to take after the conclusion of a security incident to improve incident response in the future?A . Develop a call tree to inform impacted usersB . Schedule a review with all teams to discuss what occurredC . Create an executive summary to...

A security analyst received a malicious binary file to analyze. Which of the following is the best technique to perform the analysis?A . Code analysisB . Static analysisC . Reverse engineeringD . FuzzingView AnswerAnswer: C Explanation: Reverse engineering is a technique that involves analyzing a binary file to understand its...

Which of the following items should be included in a vulnerability scan report? (Choose two.)A . Lessons learnedB . Service-level agreementC . PlaybookD . Affected hostsE . Risk scoreF . Education planView AnswerAnswer: D, E Explanation: A vulnerability scan report should include information about the affected hosts, such as their...

Which of the following will most likely ensure that mission-critical services are available in the event of an incident?A . Business continuity planB . Vulnerability management planC . Disaster recovery planD . Asset management planView AnswerAnswer: C Explanation: