New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

CS0-003 Premium Exam Questions

Page: 20 / 26
Question 80

A network analyst notices a long spike in traffic on port 1433 between two IP addresses on opposite sides of a WAN connection. Which of the following is the most likely cause?

Options:

A.

A local red team member is enumerating the local RFC1918 segment to enumerate hosts.

B.

A threat actor has a foothold on the network and is sending out control beacons.

C.

An administrator executed a new database replication process without notifying the SOC.

D.

An insider threat actor is running Responder on the local segment, creating traffic replication.

Question 81

An analyst is conducting routine vulnerability assessments on the company infrastructure. When performing these scans, a business-critical server crashes, and the cause is traced back to the vulnerability scanner. Which of the following is the cause of this issue?

Options:

A.

The scanner is running without an agent installed.

B.

The scanner is running in active mode.

C.

The scanner is segmented improperly.

D.

The scanner is configured with a scanning window.

Question 82

A cybersecurity analyst notices unusual network scanning activity coming from a country that the company does not do business with. Which of the following is the best mitigation technique?

Options:

A.

Geoblock the offending source country

B.

Block the IP range of the scans at the network firewall.

C.

Perform a historical trend analysis and look for similar scanning activity.

D.

Block the specific IP address of the scans at the network firewall

Question 83

The Chief Executive Officer of an organization recently heard that exploitation of new attacks in the industry was happening approximately 45 days after a patch was released. Which of the following would best protect this organization?

Options:

A.

A mean time to remediate of 30 days

B.

A mean time to detect of 45 days

C.

A mean time to respond of 15 days

D.

Third-party application testing

Page: 20 / 26
Exam Code: CS0-003
Exam Name: CompTIA CyberSecurity Analyst CySA+ Certification Exam
Last Update: Dec 21, 2024
Questions: 367
CS0-003 pdf

CS0-003 PDF

$25.5  $84.99
CS0-003 Engine

CS0-003 Testing Engine

$28.5  $94.99
CS0-003 PDF + Engine

CS0-003 PDF + Testing Engine

$40.5  $134.99