CS0-003 exam

A security program was able to achieve a 30% improvement in MTTR by integrating security controls into a SIEM. The analyst no longer had to jump between tools. Which of the following best describes what the security program did?A . Data enrichment B. Security control plane C. Threat feed combination...

Which of the following items should be included in a vulnerability scan report? (Choose two.)A . Lessons learned B. Service-level agreement C. Playbook D. Affected hosts E. Risk score F. Education planView AnswerAnswer: D, E Explanation: A vulnerability scan report should include information about the affected hosts, such as their...

A company's user accounts have been compromised. Users are also reporting that the company's internal portal is sometimes only accessible through HTTP, other times; it is accessible through HTTPS. Which of the following most likely describes the observed activity?A . There is an issue with the SSL certificate causinq port...

The security team reviews a web server for XSS and runs the following Nmap scan: Which of the following most accurately describes the result of the scan?A . An output of characters > and " as the parameters used m the attempt B. The vulnerable parameter ID hccp://l72.31.15.2/1.php?id-2 and unfiltered...

Which of the following phases of the Cyber Kill Chain involves the adversary attempting to establish communication with a successfully exploited target?A . Command and control B. Actions on objectives C. Exploitation D. DeliveryView AnswerAnswer: A Explanation: Command and control (C2) is a phase of the Cyber Kill Chain that...

A recent zero-day vulnerability is being actively exploited, requires no user interaction or privilege escalation, and has a significant impact to confidentiality and integrity but not to availability. Which of the following CVE metrics would be most accurate for this zero-day threat?A . CVSS: 31/AV: N/AC: L/PR: N/UI: N/S: U/C:...