New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

CompTIA CySA+ CS0-003 Passing Score

Page: 19 / 26
Question 76

A security team is concerned about recent Layer 4 DDoS attacks against the company website. Which of the following controls would best mitigate the attacks?

Options:

A.

Block the attacks using firewall rules.

B.

Deploy an IPS in the perimeter network.

C.

Roll out a CDN.

D.

Implement a load balancer.

Question 77

A penetration tester is conducting a test on an organization's software development website. The penetration tester sends the following request to the web interface:

Which of the following exploits is most likely being attempted?

Options:

A.

SQL injection

B.

Local file inclusion

C.

Cross-site scripting

D.

Directory traversal

Question 78

An attacker has just gained access to the syslog server on a LAN. Reviewing the syslog entries has allowed the attacker to prioritize possible next targets. Which of the following is this an example of?

Options:

A.

Passive network foot printing

B.

OS fingerprinting

C.

Service port identification

D.

Application versioning

Question 79

A security analyst is tasked with prioritizing vulnerabilities for remediation. The relevant company security policies are shown below:

Security Policy 1006: Vulnerability Management

1. The Company shall use the CVSSv3.1 Base Score Metrics (Exploitability and Impact) to prioritize the remediation of security vulnerabilities.

2. In situations where a choice must be made between confidentiality and availability, the Company shall prioritize confidentiality of data over availability of systems and data.

3. The Company shall prioritize patching of publicly available systems and services over patching of internally available system.

According to the security policy, which of the following vulnerabilities should be the highest priority to patch?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Page: 19 / 26
Exam Code: CS0-003
Exam Name: CompTIA CyberSecurity Analyst CySA+ Certification Exam
Last Update: Dec 21, 2024
Questions: 367
CS0-003 pdf

CS0-003 PDF

$25.5  $84.99
CS0-003 Engine

CS0-003 Testing Engine

$28.5  $94.99
CS0-003 PDF + Engine

CS0-003 PDF + Testing Engine

$40.5  $134.99