New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Online CS0-003 Questions Video

Page: 8 / 26
Question 32

Which of the following techniques can help a SOC team to reduce the number of alerts related to the internal security activities that the analysts have to triage?

Options:

A.

Enrich the SIEM-ingested data to include all data required for triage.

B.

Schedule a task to disable alerting when vulnerability scans are executing.

C.

Filter all alarms in the SIEM with low severity.

D.

Add a SOAR rule to drop irrelevant and duplicated notifications.

Question 33

While reviewing web server logs, an analyst notices several entries with the same time stamps, but all contain odd characters in the request line. Which of the following steps should be taken next?

Options:

A.

Shut the network down immediately and call the next person in the chain of command.

B.

Determine what attack the odd characters are indicative of

C.

Utilize the correct attack framework and determine what the incident response will consist of.

D.

Notify the local law enforcement for incident response

Question 34

The Chief Information Security Officer (CISO) of a large management firm has selected a cybersecurity framework that will help the organization demonstrate its investment in tools and systems to protect its data. Which of the following did the CISO most likely select?

Options:

A.

PCI DSS

B.

COBIT

C.

ISO 27001

D.

ITIL

Question 35

Which of the following items should be included in a vulnerability scan report? (Choose two.)

Options:

A.

Lessons learned

B.

Service-level agreement

C.

Playbook

D.

Affected hosts

E.

Risk score

F.

Education plan

Page: 8 / 26
Exam Code: CS0-003
Exam Name: CompTIA CyberSecurity Analyst CySA+ Certification Exam
Last Update: Dec 24, 2024
Questions: 367
CS0-003 pdf

CS0-003 PDF

$25.5  $84.99
CS0-003 Engine

CS0-003 Testing Engine

$28.5  $94.99
CS0-003 PDF + Engine

CS0-003 PDF + Testing Engine

$40.5  $134.99