Special Summer Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

CS0-003 Exam Dumps - CompTIA CySA+ Questions and Answers

Question # 64

A SOC analyst recommends adding a layer of defense for all endpoints that will better protect against external threats regardless of the device's operating system. Which of the following best meets this

requirement?

Options:

A.

SIEM

B.

CASB

C.

SOAR

D.

EDR

Buy Now
Question # 65

A vulnerability scan shows the following issues:

Asset Type

CVSS Score

Exploit Vector

Workstations

6.5

RDP vulnerability

Storage Server

9.0

Unauthorized access due to server application vulnerability

Firewall

8.9

Default password vulnerability

Web Server

10.0

Zero-day vulnerability (vendor working on patch)

Which of the following actions should the security analyst take first?

Options:

A.

Contact the web systems administrator and request that they shut down the asset.

B.

Monitor the patch releases for all items and escalate patching to the appropriate team.

C.

Run the vulnerability scan again to verify the presence of the critical finding.

D.

Forward the advisory to the web security team and initiate the prioritization strategy for the other vulnerabilities.

Buy Now
Question # 66

Based on an internal assessment, a vulnerability management team wants to proactively identify risks to the infrastructure prior to production deployments. Which of the following best supports this approach?

Options:

A.

Threat modeling

B.

Penetration testing

C.

Bug bounty

D.

SDLC training

Buy Now
Question # 67

An analyst discovers unusual outbound connections to an IP that was previously blocked at the web proxy and firewall. Upon further investigation, it appears that the proxy and firewall rules that were in place were removed by a service account that is not recognized. Which of the following parts of the Cyber Kill Chain does this describe?

Options:

A.

Delivery

B.

Command and control

C.

Reconnaissance

D.

Weaporization

Buy Now
Question # 68

The Chief Information Security Officer wants to eliminate and reduce shadow IT in the enterprise. Several high-risk cloud applications are used that increase the risk to the organization. Which of the following solutions will assist in reducing the risk?

Options:

A.

Deploy a CASB and enable policy enforcement

B.

Configure MFA with strict access

C.

Deploy an API gateway

D.

Enable SSO to the cloud applications

Buy Now
Question # 69

Which of the following items should be included in a vulnerability scan report? (Choose two.)

Options:

A.

Lessons learned

B.

Service-level agreement

C.

Playbook

D.

Affected hosts

E.

Risk score

F.

Education plan

Buy Now
Question # 70

An analyst recommends that an EDR agent collect the source IP address, make a connection to the firewall, and create a policy to block the malicious source IP address across the entire network automatically. Which of the following is the best option to help the analyst implement this recommendation?

Options:

A.

SOAR

B.

SIEM

C.

SLA

D.

IoC

Buy Now
Question # 71

A company's user accounts have been compromised. Users are also reporting that the company's internal portal is sometimes only accessible through HTTP, other times; it is accessible through HTTPS. Which of the following most likely describes the observed activity?

Options:

A.

There is an issue with the SSL certificate causinq port 443 to become unavailable for HTTPS access

B.

An on-path attack is being performed by someone with internal access that forces users into port 80

C.

The web server cannot handle an increasing amount of HTTPS requests so it forwards users to port 80

D.

An error was caused by BGP due to new rules applied over the company's internal routers

Buy Now
Question # 72

A user downloads software that contains malware onto a computer that eventually infects numerous other systems. Which of the following has the user become?

Options:

A.

Hacklivist

B.

Advanced persistent threat

C.

Insider threat

D.

Script kiddie

Buy Now
Question # 73

While reviewing web server logs, a security analyst found the following line:

Which of the following malicious activities was attempted?

Options:

A.

Command injection

B.

XML injection

C.

Server-side request forgery

D.

Cross-site scripting

Buy Now
Exam Code: CS0-003
Exam Name: CompTIA CyberSecurity Analyst CySA+ Certification Exam
Last Update: Apr 1, 2025
Questions: 424
CS0-003 pdf

CS0-003 PDF

$25.5  $84.99
CS0-003 Engine

CS0-003 Testing Engine

$28.5  $94.99
CS0-003 PDF + Engine

CS0-003 PDF + Testing Engine

$40.5  $134.99