최신 CS0-003 무료덤프 - CompTIA Cybersecurity Analyst (CySA+) Certification
A company is concerned with finding sensitive file storage locations that are open to the public.
The current internal cloud network is flat. Which of the following is the best solution to secure the network?
The current internal cloud network is flat. Which of the following is the best solution to secure the network?
정답: C
설명: (DumpTOP 회원만 볼 수 있음)
Which of the following is the best technical method to protect sensitive data at an organizational level?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)
During the triage of a SIEM alarm, a security analyst identifies the following activity on a .bash_historyfile:
Which of the following actions should the analyst take?
Which of the following actions should the analyst take?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
An organization is experiencing security incidents in which a systems administrator is creating unauthorized user accounts A security analyst has created a script to snapshot the system configuration each day. Following iss one of the scripts:
cat /etc/passwd > daily_$(date +"%m_%d_%Y")
This script has been running successfully every day. Which of the following commands would provide the analyst with additional useful information relevant to the above script?
cat /etc/passwd > daily_$(date +"%m_%d_%Y")
This script has been running successfully every day. Which of the following commands would provide the analyst with additional useful information relevant to the above script?
정답: B
Which of the following is described as a method of enforcing a security policy between cloud customers and cloud services?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
An analyst is responding to an incident involving an attack on a company-owned mobile device that was being used by an employee to collect data from clients in the field. Malware was loaded on the device via the installation of a third-party software package. The analyst has baselined the device. Which of the following should the analyst do to BEST mitigate future attacks?
정답: C
설명: (DumpTOP 회원만 볼 수 있음)
An analyst receives threat intelligence regarding potential attacks from an actor with seemingly unlimited time and resources. Which of the following best describes the threat actor attributed to the malicious activity?
정답: C
An analyst is reviewing a vulnerability report for a server environment with the following entries:
Which of the following systems should be prioritized for patching first?
Which of the following systems should be prioritized for patching first?
정답: B
Alerts from the security dashboard are reporting a cloud-based host is suspected to be corrupt.
The OS is not loading. The initial investigation concludes that the OS files were modified. Which of the following security controls provided the report?
The OS is not loading. The initial investigation concludes that the OS files were modified. Which of the following security controls provided the report?
정답: C
설명: (DumpTOP 회원만 볼 수 있음)
During normal security monitoring activities, the following activity was observed:
cd C:\Users\Documents\HR\Employeestakeown/f .*
SUCCESS:
Which of the following best describes the potentially malicious activity observed?
cd C:\Users\Documents\HR\Employeestakeown/f .*
SUCCESS:
Which of the following best describes the potentially malicious activity observed?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)
A security analyst reviews the following output:
Which of the following malicious activities is occurring?
Which of the following malicious activities is occurring?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
An analyst would like to start automatically ingesting IoCs into the EDR tool. Which of the following sources would be the most cost effective for the analyst to use?
정답: D
A WAF weekly report shows that a daily spike occurs from the same subnet. An open-source review indicates the IP addresses belong to a legitimate internet service provider but have been flagged for DDoS attacks and reconnaissance scanning in the past year. Which of the following actions should a SOC analyst take first in response to these traffic uptick activities?
정답: B
Which of the following phases of the Cyber Kill Chain involves the adversary attempting to establish communication with a successfully exploited target?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
A technician is analyzing output from a popular network mapping tool for a PCI audit:
Which of the following best describes the output?
Which of the following best describes the output?
정답: C
설명: (DumpTOP 회원만 볼 수 있음)
An organization has the following policy statements:
- AlI emails entering or leaving the organization will be subject to inspection for malware, policy violations, and unauthorized coolant.
- All network activity will be logged and monitored.
- Confidential data will be tagged and tracked
- Confidential data must never be transmitted in an unencrypted form.
- Confidential data must never be stored on an unencrypted mobile device.
Which of the following is the organization enforcing?
- AlI emails entering or leaving the organization will be subject to inspection for malware, policy violations, and unauthorized coolant.
- All network activity will be logged and monitored.
- Confidential data will be tagged and tracked
- Confidential data must never be transmitted in an unencrypted form.
- Confidential data must never be stored on an unencrypted mobile device.
Which of the following is the organization enforcing?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)
A systems administrator receives reports of an internet-accessible Linux server that is running very sluggishly. The administrator examines the server, sees a high amount of memory utilization, and suspects a DoS attack related to half-open TCP sessions consuming memory. Which of the following tools would best help to prove whether this server was experiencing this behavior?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)
An incident response analyst is investigating the root cause of a recent malware outbreak. Initial binary analysis indicates that this malware disables host security services and performs cleanup routines on its infected hosts, including deletion of initial dropper and removal of event log entries and prefetch files from the host. Which of the following data sources would most likely reveal evidence of the root cause? (Choose two.)
정답: C,F
A security analyst was transferred to an organization's threat-hunting team to track specific activity throughout the enterprise environment. The analyst must observe and assess the number to times this activity occurs and aggregate the results.
Which of the following is the BEST threat-hunting method for the analyst to use?
Which of the following is the BEST threat-hunting method for the analyst to use?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)
An organization would like to ensure its cloud infrastructure has a hardened configuration. A requirement is to create a server image that can be deployed with a secure template. Which of the following is the best resource to ensure secure configuration?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)