CS0-003 exam

A SOC manager receives a phone call from an upset customer. The customer received a vulnerability report two hours ago: but the report did not have a follow-up remediation response from an analyst. Which of the following documents should the SOC manager review to ensure the team is meeting the...

A security analyst received a malicious binary file to analyze. Which of the following is the best technique to perform the analysis?A . Code analysis B. Static analysis C. Reverse engineering D. FuzzingView AnswerAnswer: C Explanation: Reverse engineering is a technique that involves analyzing a binary file to understand its...

Which of the following is the best metric for an organization to focus on given recent investments in SIEM, SOAR, and a ticketing system?A . Mean time to detect B. Number of exploits by tactic C. Alert volume D. Quantity of intrusion attemptsView AnswerAnswer: A Explanation: Mean time to detect...

A security analyst is trying to identify anomalies on the network routing. Which of the following functions can the analyst use on a shell script to achieve the objective most accurately?A . function x() { info=$(geoiplookup $1) && echo "$1 | $info" } B. function x() { info=$(ping -c 1...

A company that has a geographically diverse workforce and dynamic IPs wants to implement a vulnerability scanning method with reduced network traffic. Which of the following would best meet this requirement?A . External B. Agent-based C. Non-credentialed D. CredentialedView AnswerAnswer: B Explanation: Agent-based vulnerability scanning is a method that involves...

A recent zero-day vulnerability is being actively exploited, requires no user interaction or privilege escalation, and has a significant impact to confidentiality and integrity but not to availability. Which of the following CVE metrics would be most accurate for this zero-day threat?A . CVSS: 31/AV: N/AC: L/PR: N/UI: N/S: U/C:...