CS0-003試験無料問題集「CompTIA Cybersecurity Analyst (CySA+) Certification 認定」

ページ: 1 / 25
トータル 436 問

サインアップ、ログインされた後に、試験全体を無料で表示できるようになります。

出題：1

Results of a SOC customer service evaluation indicate high levels of dissatisfaction with the inconsistent services provided after regular work hours. To address this, the SOC lead drafts a document establishing customer expectations regarding the SOC's performance and quality of services. Which of the following documents most likely fits this description?

A. Risk management plan

B. Vendor agreement

C. Service-level agreement

D. Incident response plan

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

An organization identifies a method to detect unexpected behavior, crashes, or resource leaks in a system by feeding invalid, unexpected, or random data to stress the application. Which of the following best describes this testing methodology?

A. Reverse engineering

B. Debugging

C. Static

D. Fuzzing

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

A security analyst obtained the following table of results from a recent vulnerability assessment that was conducted against a single web server in the environment:

Which of the following should be completed first to remediate the findings?

A. Add the IP address allow listing for control panel access

B. Perform proper sanitization on all fields

C. Ask the web development team to update the page contents

D. Purchase an appropriate certificate from a trusted root CA

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

An analyst is conducting monitoring against an authorized team that win perform adversarial techniques. The analyst interacts with the team twice per day to set the stage for the techniques to be used. Which of the following teams is the analyst a member of?

A. Orange team

B. Red team

C. Blue team

D. Purple team

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

While performing a dynamic analysis of a malicious file, a security analyst notices the memory address changes every time the process runs. Which of the following controls is most likely preventing the analyst from finding the proper memory address of the piece of malicious code?

A. Code obfuscation

B. Stack canary

C. Address space layout randomization

D. Data execution prevention

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：6

After an incident, a security analyst needs to perform a forensic analysis to report complete information to a company stakeholder. Which of the following is most likely the goal of the forensic analysis in this case?

A. Determine root cause information.

B. Further contain the incident.

C. Notify law enforcement of the incident.

D. Provide a full picture of the existing risks.

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

The Chief Information Security Officer for an organization recently received approval to install a new EDR solution. Following the installation, the number of alerts that require remediation by an analyst has tripled.
Which of the following should the organization utilize to best centralize the workload for the internal security team? (Select two).

A. NGFW

B. SIEM

C. MSP

D. SOAR

E. XDR

F. DLP

正解：B,D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

The Chief Executive Officer (CEO) has notified that a confidential trade secret has been compromised. Which of the following communication plans should the CEO initiate?

A. Alert department managers to speak privately with affected staff.

B. Verify legal notification requirements of PII and SPII in the legal and human resource departments.

C. Schedule a press release to inform other service provider customers of the compromise.

D. Disclose to all affected parties in the Chief Operating Officer for discussion and resolution.

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：9

A security team is concerned about recent Layer 4 DDoS attacks against the company website. Which of the following controls would best mitigate the attacks?

A. Implement a load balancer.

B. Block the attacks using firewall rules.

C. Roll out a CDN.

D. Deploy an IPS in the perimeter network.

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：10

A security analyst is reviewing the following alert that was triggered by FIM on a critical system:

Which of the following best describes the suspicious activity that is occurring?

A. A fake antivirus program was installed by the user.

B. A network drive was added to allow exfiltration of data

C. A new program has been set to execute on system start

D. The host firewall on 192.168.1.10 was disabled.

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：11

While a security analyst for an organization was reviewing logs from web servers. the analyst found several successful attempts to downgrade HTTPS sessions to use cipher modes of operation susceptible to padding oracle attacks. Which of the following combinations of configuration changes should the organization make to remediate this issue? (Select two).

A. Remove cipher suites that use GCM.

B. Require client browsers to present a user certificate for mutual authentication.

C. Configure the server to prefer TLS 1.3.

D. Configure the server to require HSTS.

E. Remove cipher suites that use CBC.

F. Configure the server to prefer ephemeral modes for key exchange.

正解：C,E 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：12

A cybersecurity analyst is recording the following details
* ID
* Name
* Description
* Classification of information
* Responsible party
In which of the following documents is the analyst recording this information?

A. Incident response playbook

B. Incident response plan

C. Change control documentation

D. Risk register

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：13

A company classifies security groups by risk level. Any group with a high-risk classification requires multiple levels of approval for member or owner changes. Which of the following inhibitors to remediation is the company utilizing?

A. SLA

B. Business process interruption

C. Organizational governance

D. MOU

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：14

Which Of the following techniques would be best to provide the necessary assurance for embedded software that drives centrifugal pumps at a power Plant?

A. Formal methods

B. Static and dynamic analysis

C. Containerization

D. Manual code reviews

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：15

Which of the following explains the importance of a timeline when providing an incident response report?

A. The timeline contains a real-time record of an incident and provides information that helps to simplify a postmortem analysis.

B. An incident timeline presents the list of commands executed by an attacker when the system was compromised, in the form of a timetable.

C. An incident timeline provides the necessary information to understand the actions taken to mitigate the threat or risk.

D. The timeline provides all the information, in the form of a timetable, of the whole incident response process including actions taken.

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：16

A cybersecurity team has witnessed numerous vulnerability events recently that have affected operating systems. The team decides to implement host-based IPS, firewalls, and two-factor authentication. Which of the following does this most likely describe?

A. Continuous authorization

B. Hybrid network architecture

C. System hardening

D. Secure access service edge

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：17

A security analyst is validating a particular finding that was reported in a web application vulnerability scan to make sure it is not a false positive. The security analyst uses the snippet below:

Which of the following vulnerability types is the security analyst validating?

A. SSRF

B. XXE

C. XSS

D. Directory traversal

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：18

An analyst is suddenly unable to enrich data from the firewall. However, the other open intelligence feeds continue to work. Which of the following is the most likely reason the firewall feed stopped working?

A. The firewall certificate expired.

B. The firewall failed open.

C. The firewall was using a paid feed.

D. The firewall service account was locked out.

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

ページ: 1 / 25
トータル 436 問

CS0-003 の機能をすべて解除する

キャプチャ不要
365日無料更新サービス
希望する合格率を設定できる
時間の割り当てられる（時間：分）
CS0-003 に2つの練習用モード
サポートサービス対応

完全版を入手する

弊社のサイトにはあなたの試験合格を助けるために研究された効果的な知能問題集を提供しています。材料はすべてのユーザーによって称賛されています。弊社のサイトは、最短時間で多くの証明書を取得するのに役立つ学習プラットフォームになります。

掲示板

試験C_S4CPR_2408 トピック8 問題53 スレッド
試験C_S4CPB_2408 トピック2 問題58 スレッド
試験C_S4CPR_2502 トピック4 問題55 スレッド
試験C_S4CFI_2504 トピック3 問題11 スレッド
試験Identity-and-Access-Management-Architect-JPN トピック5 問題113 スレッド
試験CS0-003J トピック1 問題132 スレッド
試験MuleSoft-Platform-Architect-I トピック5 問題66 スレッド

弊社を連絡する

我々の働いている時間：( UTC+9 ) 9:00-24:00

月曜日から土曜日まで

サポート：現在連絡

我々は１２時間以内ですべてのお問い合わせを答えます。