Practice CS0-003 Exam Online

Question 1

An analyst is evaluating a vulnerability management dashboard. The analyst sees that a previously remediated vulnerability has reappeared on a database server. Which of the following is the most likely cause?

A : The finding is a false positive and should be ignored.

B : A rollback had been executed on the instance.

C : The vulnerability scanner was configured without credentials.

D : The vulnerability management software needs to be updated.

Answer: B

Question 2

A web application team notifies a SOC analyst that there are thousands of HTTP/404 events on the publicfacing web server. Which of the following is the next step for the analyst to take?

A : Instruct the firewall engineer that a rule needs to be added to block this external server

B : Escalate the event to an incident and notify the SOC manager of the activity

C : Notify the incident response team that there is a DDoS attack occurring

D : Identify the IP/hostname for the requests and look at the related activity

Answer: D

Question 3

Which of the following threat-modeling procedures is in the OWASP Web Security Testing Guide?

A : Review Of security requirements

B : Compliance checks

C : Decomposing the application

D : Security by design

Answer: C

Question 4

When starting an investigation, which of the following must be done first?

A : Notify law enforcement

B : Secure the scene

C : Seize all related evidence

D : Interview the witnesses

Answer: B

Question 5

During a recent site survey. an analyst discovered a rogue wireless access point on the network. Which of the following actions should be taken first to protect the network while preserving evidence?

A : Run a packet sniffer to monitor traffic to and from the access point.

B : Connect to the access point and examine its log files.

C : Identify who is connected to the access point and attempt to find the attacker.

D : Disconnect the access point from the network

Answer: D

Name:	CompTIA Cybersecurity Analyst (CySA+)
Exam Code:	CS0-003
Certification:	CompTIA Cybersecurity Analyst
Vendor:	CompTIA
Total Questions:	308
Last Updated:	Apr 25, 2024

CompTIA CS0-003