Pass CompTIA CySA+ CS0-003 in Just 3 Days – Stress-Free, No Study Needed!
Have questions? Contact us directly on WhatsApp for quick support!
A small company does not have enough staff to effectively segregate duties to prevent error and fraud in payroll management. The Chief Information Security Officer (CISO) decides to maintain and review logs and audit trails to mitigate risk. Which of the following did the CISO implement?
- A. Corrective controls
- B. Compensating controls
- C. Operational controls
- D. Administrative controls
During the log analysis phase, the following suspicious command is detected:
Which of the following is being attempted?
- A. Buffer overflow
- B. RCE
- C. ICMP tunneling
- D. Smurf attack
An email hosting provider added a new data center with new public IP addresses. Which of the following most likely needs to be updated to ensure emails from the new data center do not get blocked by spam filters?
- A. DKIM
- B. SPF
- C. SMTP
- D. DMARC
A laptop that is company owned and managed is suspected to have malware. The company implemented centralized security logging. Which of the following log sources will confirm the malware infection?
- A. XDR logs
- B. Firewall legs
- C. IDS logs
- D. MFA logs
Which of the following best describes the goal of a disaster recovery exercise as preparation for possible incidents?
- A. To provide metrics and test continuity controls
- B. To verify the roles of the incident response team
- C. To provide recommendations for handling vulnerabilities
- D. To perform tests against implemented security controls
A security analyst has prepared a vulnerability scan that contains all of the company’s functional subnets. During the initial scan users reported that network printers began to print pages that contained unreadable text and icons. Which of the following should the analyst do to ensure this behavior does not occur during subsequent vulnerability scans?
- A. Perform non-credentialed scans
- B. Ignore embedded web server ports
- C. Create a tailored scan for the printer subnet
- D. Increase the threshold length of the scan timeout
A Chief Information Security Officer has outlined several requirements for a new vulnerability scanning project:
• Must use minimal network bandwidth
• Must use minimal host resources
• Must provide accurate, near real-time updates
• Must not have any stored credentials in configuration on the scanner
Which of the following vulnerability scanning methods should be used to best meet these requirements?
- A. Internal
- B. Agent
- C. Active
- D. Uncredentialed
An employee is no longer able to log in to an account after updating a browser. The employee usually has several tabs open in the browser. Which of the following attacks was most likely performed?
- A. RFI
- B. LFI
- C. CSRF
- D. XSS
Which of the following does “federation” most likely refer to within the context of identity and access management?
- A. Facilitating groups of users in a similar function or profile to system access that requires elevated or conditional access
- B. An authentication mechanism that allows a user to utilize one set of credentials to access multiple domains
- C. Utilizing a combination of what you know who you are, and what you have to grant authentication to a user
- D. Correlating one’s identity with the attributes and associated applications the user has access to
The Chief Information Security Officer for an organization recently received approval to install a new EDR solution. Following the installation, the number of alerts that require remediation by an analyst has tripled. Which of the following should the organization utilize to best centralize the workload for the internal security team? (Choose two.)
- A. SOAR
- B. SIEM
- C. MSP
- D. NGFW
- E. XDR
- F. DLP