Free preview mode
Enjoy the free questions and consider upgrading to gain full access!
CS0-003
Free trial
Verified
Question 76
A regulated organization experienced a security breach that exposed a list of customer names with corresponding PII data. Which of the following is the best reason for developing the organization's communication plans?
- A: For the organization's public relations department to have a standard notification
- B: To ensure incidents are immediately reported to a regulatory agency
- C: To automate the notification to customers who were impacted by the breach
- D: To have approval from executive leadership on when communication should occur
Question 77
Following an incident, a security analyst needs to create a script for downloading the configuration of all assets from the cloud tenancy. Which of the following authentication methods should the analyst use?
- A: MFA
- B: User and password
- C: PAM
- D: Key pair
Question 78
A penetration tester is conducting a test on an organization's software development website. The penetration tester sends the following request to the web interface:
Which of the following exploits is most likely being attempted?
- A: SQL injection
- B: Local file inclusion
- C: Cross-site scripting
- D: Directory traversal
Question 79
The security team reviews a web server for XSS and runs the following Nmap scan:
Which of the following most accurately describes the result of the scan?
- A: An output of characters > and " as the parameters used m the attempt
- B: The vulnerable parameter ID http://172.31.15.2/1.php?id-2 and unfiltered characters returned
- C: The vulnerable parameter and unfiltered or encoded characters passed > and " as unsafe
- D: The vulnerable parameter and characters > and " with a reflected XSS attempt
Question 80
Two employees in the finance department installed a freeware application that contained embedded malware. The network is robustly segmented based on areas of responsibility. These computers had critical sensitive information stored locally that needs to be recovered. The department manager advised all department employees to turn off their computers until the security team could be contacted about the issue. Which of the following is the first step the incident response staff members should take when they arrive?
- A: Turn on all systems, scan for infection, and back up data to a USB storage device.
- B: Identify and remove the software installed on the impacted systems in the department.
- C: Explain that malware cannot truly be removed and then reimage the devices.
- D: Log on to the impacted systems with an administrator account that has privileges to perform backups.
- E: Segment the entire department from the network and review each computer offline.
Question 81
A manufacturer has hired a third-party consultant to assess the security of an OT network that includes both fragile and legacy equipment. Which of the following must be considered to ensure the consultant does no harm to operations?
- A: Employing Nmap Scripting Engine scanning techniques
- B: Preserving the state of PLC ladder logic prior to scanning
- C: Using passive instead of active vulnerability scans
- D: Running scans during off-peak manufacturing hours
Question 82
A team of analysts is developing a new internal system that correlates information from a variety of sources, analyzes that information, and then triggers notifications according to company policy. Which of the following technologies was deployed?
- A: SIEM
- B: SOAR
- C: IPS
- D: CERT
Question 83
Which of following would best mitigate the effects of a new ransomware attack that was not properly stopped by the company antivirus?
- A: Install a firewall.
- B: Implement vulnerability management.
- C: Deploy sandboxing.
- D: Update the application blocklist.
Question 84
A Chief Information Security Officer wants to implement security by design, starting with the implementation of a security scanning method to identify vulnerabilities, including SQL injection, RFI, XSS, etc. Which of the following would most likely meet the requirement?
- A: Reverse engineering
- B: Known environment testing
- C: Dynamic application security testing
- D: Code debugging
Question 85
A security analyst scans a host and generates the following output:
Which of the following best describes the output?
- A: The host is unresponsive to the ICMP request.
- B: The host is running a vulnerable mail server.
- C: The host is allowing unsecured FTP connections.
- D: The host is vulnerable to web-based exploits.
Question 86
The security team at a company, which was a recent target of ransomware, compiled a list of hosts that were identified as impacted and in scope for this incident. Based on the following host list:
Which of the following systems was most pivotal to the threat actor in its distribution of the encryption binary via Group Policy?
- A: SQL01
- B: WK10-Sales07
- C: WK7-Plant01
- D: DCEast01
- E: HQAdmin9
Question 87
After a security assessment was done by a third-party consulting firm, the cybersecurity program recommended integrating DLP and CASE to reduce analyst alert fatigue. Which of the following is the best possible outcome that this effort hopes to achieve?
- A: SIEM ingestion logs are reduced by 20%.
- B: Phishing alerts drop by 20%.
- C: False positive rates drop to 20%.
- D: The MTTR decreases by 20%.
Question 88
Which of the following threat actors is most likely to target a company due to its questionable environmental policies?
- A: Hacktivist
- B: Organized crime
- C: Nation-state
- D: Lone wolf
Question 89
A cybersecurity analyst is recording the following details:
• ID
• Name
• Description
• Classification of information
• Responsible party
In which of the following documents is the analyst recording this information?
- A: Risk register
- B: Change control documentation
- C: Incident response playbook
- D: Incident response plan
That’s the end of your free questions
You’ve reached the preview limit for CS0-003Consider upgrading to gain full access!
Free preview mode
Enjoy the free questions and consider upgrading to gain full access!