Add to collection(s) Add to saved
  1. No category
Uploaded by edmondpotvin

CompTIA CySA+ (CS0-003) Certification Dumps Questions

advertisement 
Certspots
CompTIA CySA+
CS0-003
Practice Exam
https://www.certspots.com/exam/cs0-003/
CompTIA CySA+ CS0-003 Practice Exam
1. Which of the following techniques would be best to provide the
necessary assurance for embedded software that drives centrifugal
pumps at a power Plant?
A. Containerization
B. Manual code reviews
C. Static and dynamic analysis
D. Formal methods
Answer: C
CompTIA CySA+ CS0-003 Practice Exam
2. The Chief Information Security Officer wants to eliminate and
reduce shadow IT in the enterprise.
Several high-risk cloud applications are used that increase the risk to
the organization.
Which of the following solutions will assist in reducing the risk?
A. Deploy a CASB and enable policy enforcement
B. Configure MFA with strict access
C. Deploy an API gateway
D. Enable SSO to the cloud applications
Answer: A
CompTIA CySA+ CS0-003 Practice Exam
3. Which of the following is the best action to take after the conclusion
of a security incident to improve incident response in the future?
A. Develop a call tree to inform impacted users
B. Schedule a review with all teams to discuss what occurred
C. Create an executive summary to update company leadership
D. Review regulatory compliance with public relations for official
notification
Answer: B
CompTIA CySA+ CS0-003 Practice Exam
4. Which of the following is the BEST option to protect a web
application against CSRF attacks?
A. Update the web application to the latest version.
B. Set a server-side rate limit for CSRF token generation.
C. Avoid the transmission of CSRF tokens using cookies.
D. Configure the web application to only use HTTPS and TLS 1.3.
Answer: C
CompTIA CySA+ CS0-003 Practice Exam
5. A new cybersecurity analyst is tasked with creating an executive
briefing on possible threats to the organization.
Which of the following will produce the data needed for the briefing?
A. Firewall logs
B. Indicators of compromise
C. Risk assessment
D. Access control lists
Answer: B
CompTIA CySA+ CS0-003 Practice Exam
6. A company is in the process of implementing a vulnerability
management program, and there are concerns about granting the
security team access to sensitive data.
Which of the following scanning methods can be implemented to
reduce the access to systems while providing the most accurate
vulnerability scan results?
A. Credentialed network scanning
B. Passive scanning
C. Agent-based scanning
D. Dynamic scanning
Answer: C
CompTIA CySA+ CS0-003 Practice Exam
7. The Chief Information Security Officer is directing a new program to
reduce attack surface risks and threats as part of a zero trust approach.
The IT security team is required to come up with priorities for the
program.
Which of the following is the best priority based on common attack
frameworks?
A. Reduce the administrator and privileged access accounts
B. Employ a network-based IDS
C. Conduct thorough incident response
D. Enable SSO to enterprise applications
Answer: A
CompTIA CySA+ CS0-003 Practice Exam
8. A security analyst who works in the SOC receives a new requirement
to monitor for indicators of compromise.
Which of the following is the first action the analyst should take in this
situation?
A. Develop a dashboard to track the indicators of compromise.
B. Develop a query to search for the indicators of compromise.
C. Develop a new signature to alert on the indicators of compromise.
D. Develop a new signature to block the indicators of compromise.
Answer: B
CompTIA CySA+ CS0-003 Practice Exam
9. A cybersecurity analyst is concerned about attacks that use
advanced evasion techniques.
Which of the following would best mitigate such attacks?
A. Keeping IPS rules up to date
B. Installing a proxy server
C. Applying network segmentation
D. Updating the antivirus software
Answer: A
CompTIA CySA+ CS0-003 Practice Exam
10. A security analyst discovers the accounting department is hosting
an accounts receivable form on a public document service. Anyone
with the link can access it.
Which of the following threats applies to this situation?
A. Potential data loss to external users
B. Loss of public/private key management
C. Cloud-based authentication attack
D. Identification and authentication failures
Answer: A
Related documents
Comptia Test Sheet
Comptia Test Sheet
Conquering the Security plus Exam A Comprehensive Guide to Success
Conquering the Security plus Exam A Comprehensive Guide to Success
CompTIA A+ 20B - Proper Communication Techniques.docx
CompTIA A+ 20B - Proper Communication Techniques.docx
Comptia sec+ study info tm
Comptia sec+ study info tm
COMPTIA EXAM INFO http://certification.comptia.org/getCertified
COMPTIA EXAM INFO http://certification.comptia.org/getCertified
PACE 111T Assignent 4
PACE 111T Assignent 4
Security+ Full Course Description
Security+ Full Course Description
CompTIA A+ (220-1001) Practice Exams (Over 500 questions!) 3
CompTIA A+ (220-1001) Practice Exams (Over 500 questions!) 3
Performance based questions
Performance based questions
25967039
25967039
Download
advertisement