CS0-003 Practice Online

Question 1

An organization has deployed a cloud-based storage system for shared data that is in phase two of the data life cycle. Which of the following controls should the security team ensure are addressed? (Choose two.)

A : Data classification

B : Data destruction

C : Data loss prevention

D : Encryption

E : Backups

F : Access controls

Answer: D,F

Question 2

During a recent site survey. an analyst discovered a rogue wireless access point on the network. Which of the following actions should be taken first to protect the network while preserving evidence?

A : Run a packet sniffer to monitor traffic to and from the access point.

B : Connect to the access point and examine its log files.

C : Identify who is connected to the access point and attempt to find the attacker.

D : Disconnect the access point from the network

Answer: D

Question 3

A security analyst reviews the latest vulnerability scans and observes there are vulnerabilities with similar

CVSSv3 scores but different base score metrics. Which of the following attack vectors should the analyst

remediate first?

A : CVSS 3.0/AVP/AC:L/PR:L/UI:N/S U/C:H/I:H/A:H

B : CVSS 3.0/AV:A/AC .L/PR:L/UI:N/S:U/C:H/I:H/A:H

C : CVSS 3.0/AV:N/AC:L/PR:L/UI:N/S;U/C:H/I:H/A:H

D : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Answer: C

Question 4

A security analyst obtained the following table of results from a recent vulnerability assessment that was conducted against a single web server in the environment:

Which of the following should be completed first to remediate the findings?

A : Ask the web development team to update the page contents

B : Add the IP address allow listing for control panel access

C : Purchase an appropriate certificate from a trusted root CA

D : Perform proper sanitization on all fields

Answer: C

Question 5

A security analyst is performing an investigation involving multiple targeted Windows malware binaries. The analyst wants to gather intelligence without disclosing information to the attackers. Which of the following actions would allow the analyst to achieve the objective?

A : Upload the binary to an air gapped sandbox for analysis

B : Send the binaries to the antivirus vendor

C : Execute the binaries on an environment with internet connectivity

D : Query the file hashes using VirusTotal

Answer: A

Name:	CompTIA Cybersecurity Analyst (CySA+)
Exam Code:	CS0-003
Certification:	CompTIA Cybersecurity Analyst
Vendor:	CompTIA
Total Questions:	308
Last Updated:	Apr 23, 2024

Download Demo CS0-003 Dumps

Create Account

Password Recovery

CS0-003 Practice Online

Download Demo CS0-003 Dumps

Member Login

Create Account

Password Recovery

CS0-003 Practice Online