Tag - CS0-003 exam

A security analyst is trying to identify anomalies on the network routing. Which of the following functions can the analyst use on a shell script to achieve the objective most accurately?A . function x() { info=$(geoiplookup $1) && echo "$1 | $info" }B . function x() { info=$(ping -c 1...

A recent zero-day vulnerability is being actively exploited, requires no user interaction or privilege escalation, and has a significant impact to confidentiality and integrity but not to availability. Which of the following CVE metrics would be most accurate for this zero-day threat?A . CVSS: 31/AV: N/AC: L/PR: N/UI: N/S: U/C:...

A cybersecurity analyst is concerned about attacks that use advanced evasion techniques. Which of the following would best mitigate such attacks?A . Keeping IPS rules up to dateB . Installing a proxy serverC . Applying network segmentationD . Updating the antivirus softwareView AnswerAnswer: A Explanation: Keeping IPS rules up to...

Which of the following is the best action to take after the conclusion of a security incident to improve incident response in the future?A . Develop a call tree to inform impacted usersB . Schedule a review with all teams to discuss what occurredC . Create an executive summary to...

A security analyst received a malicious binary file to analyze. Which of the following is the best technique to perform the analysis?A . Code analysisB . Static analysisC . Reverse engineeringD . FuzzingView AnswerAnswer: C Explanation: Reverse engineering is a technique that involves analyzing a binary file to understand its...

Which of the following items should be included in a vulnerability scan report? (Choose two.)A . Lessons learnedB . Service-level agreementC . PlaybookD . Affected hostsE . Risk scoreF . Education planView AnswerAnswer: D, E Explanation: A vulnerability scan report should include information about the affected hosts, such as their...

Which of the following will most likely ensure that mission-critical services are available in the event of an incident?A . Business continuity planB . Vulnerability management planC . Disaster recovery planD . Asset management planView AnswerAnswer: C Explanation:

During an incident, an analyst needs to acquire evidence for later investigation. Which of the following must be collected first in a computer system, related to its volatility level?A . Disk contentsB . Backup dataC . Temporary filesD . Running processesView AnswerAnswer: D Explanation: The most volatile type of evidence...

An organization wants to move non-essential services into a cloud computing environment. The management team has a cost focus and would like to achieve a recovery time objective of 12 hours. Which of the following cloud recovery strategies would work best to attain the desired outcome?A . Duplicate all services...

During a company’s most recent incident, a vulnerability in custom software was exploited on an externally facing server by an APT. The lessons-learned report noted the following: • The development team used a new software language that was not supported by the security team's automated assessment tools. • During the...