CS0-003 exam

A security analyst obtained the following table of results from a recent vulnerability assessment that was conducted against a single web server in the environment: Which of the following should be completed first to remediate the findings?A . Ask the web development team to update the page contentsB . Add...

As a proactive threat-hunting technique, hunters must develop situational cases based on likely attack scenarios derived from the available threat intelligence information. After forming the basis of the scenario, which of the following may the threat hunter construct to establish a framework for threat assessment?A . Critical asset listB ....

A new cybersecurity analyst is tasked with creating an executive briefing on possible threats to the organization. Which of the following will produce the data needed for the briefing?A . Firewall logsB . Indicators of compromiseC . Risk assessmentD . Access control listsView AnswerAnswer: B Explanation: Indicators of compromise (IoCs)...

A security analyst who works in the SOC receives a new requirement to monitor for indicators of compromise. Which of the following is the first action the analyst should take in this situation?A . Develop a dashboard to track the indicators of compromise.B . Develop a query to search for...

Which of the following is the first step that should be performed when establishing a disaster recovery plan?A . Agree on the goals and objectives of the planB . Determine the site to be used during a disaster C Demonstrate adherence to a standard disaster recovery processC . Identity applications...

Which of the following is an important aspect that should be included in the lessons-learned step after an incident?A . Identify any improvements or changes in the incident response plan or proceduresB . Determine if an internal mistake was made and who did it so they do not repeat the...

The Chief Information Security Officer is directing a new program to reduce attack surface risks and threats as part of a zero trust approach. The IT security team is required to come up with priorities for the program. Which of the following is the best priority based on common attack...

The security team reviews a web server for XSS and runs the following Nmap scan: Which of the following most accurately describes the result of the scan?A . An output of characters > and " as the parameters used m the attemptB . The vulnerable parameter ID hccp://l72.31.15.2/1.php?id-2 and unfiltered...

An incident response analyst notices multiple emails traversing the network that target only the administrators of the company. The email contains a concealed URL that leads to an unknown website in another country. Which of the following best describes what is happening? (Choose two.)A . BeaconinqB . Domain Name System...

An analyst notices there is an internal device sending HTTPS traffic with additional characters in the header to a known-malicious IP in another country. Which of the following describes what the analyst has noticed?A . BeaconingB . Cross-site scriptingC . Buffer overflowD . PHP traversalView AnswerAnswer: A Explanation: