CS0-003 exam

Which of the following would a security analyst most likely use to compare TTPs between different known adversaries of an organization?A . MITRE ATTACKB . Cyber Kill ChamC . OWASPD . STIXTAXIIView AnswerAnswer: A Explanation: MITRE ATT&CK is a framework and knowledge base that describes the tactics, techniques, and procedures...

An organization conducted a web application vulnerability assessment against the corporate website, and the following output was observed: Which of the following tuning recommendations should the security analyst share?A . Set an HttpOnlvflaq to force communication by HTTPSB . Block requests without an X-Frame-Options headerC . Configure an Access-Control-Allow-Origin header...

A product manager is working with an analyst to design a new application that will perform as a data analytics platform and will be accessible via a web browser. The product manager suggests using a PaaS provider to host the application. Which of the following is a security concern when...

A company's user accounts have been compromised. Users are also reporting that the company's internal portal is sometimes only accessible through HTTP, other times; it is accessible through HTTPS. Which of the following most likely describes the observed activity?A . There is an issue with the SSL certificate causinq port...

A security analyst who works in the SOC receives a new requirement to monitor for indicators of compromise. Which of the following is the first action the analyst should take in this situation?A . Develop a dashboard to track the indicators of compromise.B . Develop a query to search for...

A company that has a geographically diverse workforce and dynamic IPs wants to implement a vulnerability scanning method with reduced network traffic. Which of the following would best meet this requirement?A . ExternalB . Agent-basedC . Non-credentialedD . CredentialedView AnswerAnswer: B Explanation: Agent-based vulnerability scanning is a method that involves...

A company's threat team has been reviewing recent security incidents and looking for a common theme. The team discovered the incidents were caused by incorrect configurations on the impacted systems. The issues were reported to support teams, but no action was taken. Which of the following is the next step...

A company creates digitally signed packages for its devices. Which of the following best describes the method by which the security packages are delivered to the company's customers?A . Antitamper mechanismB . SELinuxC . Trusted firmware updatesD . eFuseView AnswerAnswer: C Explanation: Trusted firmware updates are a method by which...

A security analyst obtained the following table of results from a recent vulnerability assessment that was conducted against a single web server in the environment: Which of the following should be completed first to remediate the findings?A . Ask the web development team to update the page contentsB . Add...

There are several reports of sensitive information being disclosed via file sharing services. The company would like to improve its security posture against this threat. Which of the following security controls would best support the company in this scenario?A . Implement step-up authentication for administratorsB . Improve employee training and...