New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

CompTIA CySA+ CS0-002 Reddit Questions

Page: 27 / 27
Question 108

A threat intelligence group issued a warning to its members regarding an observed increase in attacks performed by a specific threat actor and the related loCs. Which is of the following is (he best method to operationalize these loCs to detect future attacks?

Options:

A.

Analyzing samples of associated malware

B.

Publishing an internal executive threat report

C.

Executing an adversary emulation exercise

D.

Integrating the company's SIEM platform

Question 109

A security is reviewing a vulnerability scan report and notes the following finding:

As part of the detection and analysis procedures, which of the following should the analyst do NEXT?

Options:

A.

Patch or reimage the device to complete the recovery

B.

Restart the antiviruses running processes

C.

Isolate the host from the network to prevent exposure

D.

Confirm the workstation's signatures against the most current signatures.

Question 110

An organization wants to collect loCs from multiple geographic regions so it can sell the information to its customers. Which of the following should the organization deploy to accomplish this task?

Options:

A.

A honeypot

B.

A bastion host

C.

A proxy server

D.

A Jumpbox

Question 111

An analyst is reviewing registry keys for signs of possible compromise. The analyst observes the following entries:

Which of the following entries should the analyst investigate first?

Options:

A.

IAStorIcon

B.

Quickset

C.

SecurityHeaIth

D.

calc

E.

Word

Page: 27 / 27
Exam Code: CS0-002
Exam Name: CompTIA CySA+ Certification Exam (CS0-002)
Last Update: Dec 22, 2024
Questions: 372
CS0-002 pdf

CS0-002 PDF

$25.5  $84.99
CS0-002 Engine

CS0-002 Testing Engine

$28.5  $94.99
CS0-002 PDF + Engine

CS0-002 PDF + Testing Engine

$40.5  $134.99