CS0-003試験無料問題集（436題）「CompTIA Cybersecurity Analyst (CySA+) Certification 認定」

出題：1

Which of the following documents sets requirements and metrics for a third-party response during an event?

A. DRP

B. SLA

C. BIA

D. MOU

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

Which of the following stakeholders are most likely to receive a vulnerability scan report? (Select two).

A. Legal

B. Product owner

C. Marketing

D. Systems admininstration

E. Executive management

F. Law enforcement

正解：D,E 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

A security analyst is investigating an unusually high volume of requests received on a web server. Based on the following command and output:
access_log - [21/May/2024 13:19:06] "GET /newyddion HTTP/1.1" 404 -
access_log - [21/May/2024 13:19:06] "GET /1970 HTTP/1.1" 404 -
access_log - [21/May/2024 13:19:06] "GET /dopey HTTP/1.1" 404 -
...
Which of the following best describes the activity that the analyst will confirm?

A. Cross-site scripting

B. SQL injection

C. Directory brute force

D. Remote command execution

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

A vulnerability analyst received a list of system vulnerabilities and needs to evaluate the relevant impact of the exploits on the business. Given the constraints of the current sprint, only three can be remediated. Which of the following represents the least impactful risk, given the CVSS3.1 base scores?

A. AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H - Base Score 6.4

B. AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L - Base Score 6.5

C. AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:L - Base Score 7.2

D. AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L - Base Score 6.0

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

Several reports with sensitive information are being disclosed via file sharing services. The company would like to improve its security posture against this threat. Which of the following security controls would best support the company in this scenario?

A. Increase password complexity standards.

B. Improve employee training and awareness.

C. Implement step-up authentication for administrators.

D. Deploy mobile device management.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：6

A vulnerability management team is unable to patch all vulnerabilities found during their weekly scans. Using the third-party scoring system described below, the team patches the most urgent vulnerabilities:

Additionally, the vulnerability management team feels that the metrics Smear and Channing are less important than the others, so these will be lower in priority. Which of the following vulnerabilities should be patched first, given the above third-party scoring system?

A. PBleach:Cobain: YesGrohl: NoNovo: NoSmear: NoChanning: Yes

B. InLoud:Cobain: YesGrohl: NoNovo: YesSmear: YesChanning: No

C. TSpirit:Cobain: YesGrohl: YesNovo: YesSmear: NoChanning: No

D. ENameless:Cobain: YesGrohl: NoNovo: YesSmear: NoChanning: No

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

Which of the following is the most important factor to ensure accurate incident response reporting?

A. A well-defined timeline of the events

B. A guideline for regulatory reporting

C. A well-developed executive summary

D. Logs from the impacted system

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

After an upgrade to a new EDR, a security analyst received reports that several endpoints were not communicating with the SaaS provider to receive critical threat signatures. To comply with the incident response playbook, the security analyst was required to validate connectivity to ensure communications. The security analyst ran a command that provided the following output:
* ComputerName: comptia007
* RemotePort: 443
* InterfaceAlias: Ethernet 3
* TcpTestSucceeded: False
Which of the following did the analyst use to ensure connectivity?

A. tracert

B. tnc

C. ping

D. nmap

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：9

Numerous emails were sent to a company's customer distribution list. The customers reported that the emails contained a suspicious link. The company's SOC determined the links were malicious. Which of the following is the best way to decrease these emails?

A. SMTP

B. DMARC

C. DKIM

D. SPF

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：10

An analyst is reviewing a dashboard from the company's SIEM and finds that an IP address known to be malicious can be tracked to numerous high-priority events in the last two hours. The dashboard indicates that these events relate to TTPs. Which of the following is the analyst most likely using?

A. Diamond Model of Intrusion Analysis

B. OSSTMM

C. OWASP

D. MITRE ATT&CK

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：11

Which of the following is the best framework for assessing how attackers use techniques over an infrastructure to exploit a target's information assets?

A. Open Source Security Testing Methodology Manual

B. Diamond Model of Intrusion Analysis

C. OWASP Testing Guide

D. Structured Threat Information Expression

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：12

A security analyst is reviewing a recent vulnerability scan report for a new server infrastructure. The analyst would like to make the best use of time by resolving the most critical vulnerability first. The following information is provided:

Which of the following should the analyst concentrate remediation efforts on first?

A. SVR02

B. SVR01

C. SVR04

D. SVR03

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：13

An organization recently changed its BC and DR plans. Which of the following would best allow for the incident response team to test the changes without any impact to the business?

A. Compare the current plan to lessons learned from previous incidents.

B. Migrate active workloads from the primary data center to the secondary location.

C. Simulate an incident by shutting down power to the primary data center.

D. Perform a tabletop drill based on previously identified incident scenarios.

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：14

Which of the following phases of the Cyber Kill Chain involves the adversary attempting to establish communication with a successfully exploited target?

A. Delivery

B. Actions on objectives

C. Exploitation

D. Command and control

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：15

An analyst investigated a website and produced the following:
Which of the following syntaxes did the analyst use to discover the application versions on this vulnerable website?

A. nmap -sV -T4 -F insecure.org

B. nmap -A insecure.org

C. nmap -o insecure.org

D. nmap -sS -T4 -F insecure.org

正解：A 解答を投票する

出題：16

A cybersecurity analyst is doing triage in a SIEM and notices that the time stamps between the firewall and the host under investigation are off by 43 minutes. Which of the following is the most likely scenario occurring with the time stamps?

A. The cybersecurity analyst is looking at the wrong information.

B. The NTP server is not configured on the host.

C. The firewall is using UTC time.

D. The host with the logs is offline.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

CS0-003試験無料問題集「CompTIA Cybersecurity Analyst (CySA+) Certification 認定」