New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Free Access CompTIA CS0-003 New Release

Page: 3 / 26
Question 12

Which of the following phases of the Cyber Kill Chain involves the adversary attempting to establish communication with a successfully exploited target?

Options:

A.

Command and control

B.

Actions on objectives

C.

Exploitation

D.

Delivery

Question 13

When investigating a potentially compromised host, an analyst observes that the process BGInfo.exe (PID 1024), a Sysinternals tool used to create desktop backgrounds containing host details, has bee running for over two days. Which of the following activities will provide the best insight into this potentially malicious process, based on the anomalous behavior?

Options:

A.

Changes to system environment variables

B.

SMB network traffic related to the system process

C.

Recent browser history of the primary user

D.

Activities taken by PID 1024

Question 14

An organization enabled a SIEM rule to send an alert to a security analyst distribution list when ten failed logins occur within one minute. However, the control was unable to detect an attack with nine failed logins. Which of the following best represents what occurred?

Options:

A.

False positive

B.

True negative

C.

False negative

D.

True positive

Question 15

During a tabletop exercise, engineers discovered that an ICS could not be updated due to hardware versioning incompatibility. Which of the following is the most likely cause of this issue?

Options:

A.

Legacy system

B.

Business process interruption

C.

Degrading functionality

D.

Configuration management

Page: 3 / 26
Exam Code: CS0-003
Exam Name: CompTIA CyberSecurity Analyst CySA+ Certification Exam
Last Update: Dec 21, 2024
Questions: 367
CS0-003 pdf

CS0-003 PDF

$25.5  $84.99
CS0-003 Engine

CS0-003 Testing Engine

$28.5  $94.99
CS0-003 PDF + Engine

CS0-003 PDF + Testing Engine

$40.5  $134.99