次の認定試験に速く合格する!

簡単に認定試験を準備し、学び、そして合格するためにすべてが必要だ。

会員センター  カート (0)

CS0-003 無料問題集「CompTIA Cybersecurity Analyst (CySA+) Certification」

ページ: 1 / 17
トータル 305 問
完全版を入手する
A network analyst notices a long spike in traffic on port 1433 between two IP addresses on opposite sides of a WAN connection. Which of the following is the most likely cause?

解説: (JPNTest メンバーにのみ表示されます)
Which of the following describes how a CSIRT lead determines who should be communicated with and when during a security incident?

解説: (JPNTest メンバーにのみ表示されます)
A company recently removed administrator rights from all of its end user workstations. An analyst uses CVSSv3.1 exploitability metrics to prioritize the vulnerabilities for the workstations and produces the following information:

Which of the following vulnerabilities should be prioritized for remediation?

解説: (JPNTest メンバーにのみ表示されます)
An analyst has received an IPS event notification from the SIEM stating an IP address, which is known to be malicious, has attempted to exploit a zero-day vulnerability on several web servers. The exploit contained the following snippet:
/wp-json/trx_addons/V2/get/sc_layout?sc=wp_insert_user&role=administrator Which of the following controls would work best to mitigate the attack represented by this snippet?

解説: (JPNTest メンバーにのみ表示されます)
Which of the following best describes the reporting metric that should be utilized when measuring the degree to which a system, application, or user base is affected by an uptime availability outage?

解説: (JPNTest メンバーにのみ表示されます)
A cloud team received an alert that unauthorized resources were being auto-provisioned. After investigating, the team suspects that crypto mining is occurring. Which of the following indicators would most likely lead the team to this conclusion?
.

解説: (JPNTest メンバーにのみ表示されます)
Which of the following makes STIX and OpenloC information readable by both humans and machines?

解説: (JPNTest メンバーにのみ表示されます)
During security scanning, a security analyst regularly finds the same vulnerabilities in a critical application.
Which of the following recommendations would best mitigate this problem if applied along the SDLC phase?

解説: (JPNTest メンバーにのみ表示されます)
A company recently experienced a security incident. The security team has determined a user clicked on a link embedded in a phishing email that was sent to the entire company. The link resulted in a malware download, which was subsequently installed and run.
INSTRUCTIONS
Part 1
Review the artifacts associated with the security incident. Identify the name of the malware, the malicious IP address, and the date and time when the malware executable entered the organization.
Part 2
Review the kill chain items and select an appropriate control for each that would improve the security posture of the organization and would have helped to prevent this incident from occurring. Each control may only be used once, and not all controls will be used.

Firewall log:


File integrity Monitoring Report:


Malware domain list:

Vulnerability Scan Report:


Phishing Email:

正解:

Explanation:
A screenshot of a computer Description automatically generated
While reviewing web server logs, an analyst notices several entries with the same time stamps, but all contain odd characters in the request line. Which of the following steps should be taken next?

解説: (JPNTest メンバーにのみ表示されます)
A security analyst is trying to detect connections to a suspicious IP address by collecting the packet captures from the gateway. Which of the following commands should the security analyst consider running?

解説: (JPNTest メンバーにのみ表示されます)
A cryptocurrency service company is primarily concerned with ensuring the accuracy of the data on one of its systems. A security analyst has been tasked with prioritizing vulnerabilities for remediation for the system.
The analyst will use the following CVSSv3.1 impact metrics for prioritization:

Which of the following vulnerabilities should be prioritized for remediation?

解説: (JPNTest メンバーにのみ表示されます)
A cybersecurity team lead is developing metrics to present in the weekly executive briefs. Executives are interested in knowing how long it takes to stop the spread of malware that enters the network.
Which of the following metrics should the team lead include in the briefs?

解説: (JPNTest メンバーにのみ表示されます)
Which of the following would a security analyst most likely use to compare TTPs between different known adversaries of an organization?

解説: (JPNTest メンバーにのみ表示されます)
A systems analyst is limiting user access to system configuration keys and values in a Windows environment.
Which of the following describes where the analyst can find these configuration items?

解説: (JPNTest メンバーにのみ表示されます)
An analyst is evaluating a vulnerability management dashboard. The analyst sees that a previously remediated vulnerability has reappeared on a database server. Which of the following is the most likely cause?

解説: (JPNTest メンバーにのみ表示されます)
Which of the following items should be included in a vulnerability scan report? (Choose two.)

正解:B、C 解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
An employee is no longer able to log in to an account after updating a browser. The employee usually has several tabs open in the browser. Which of the following attacks was most likely performed?

解説: (JPNTest メンバーにのみ表示されます)
The vulnerability analyst reviews threat intelligence regarding emerging vulnerabilities affecting workstations that are used within the company:

Which of the following vulnerabilities should the analyst be most concerned about, knowing that end users frequently click on malicious links sent via email?

解説: (JPNTest メンバーにのみ表示されます)
ページ: 1 / 17
トータル 305 問

弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

オンラインサポート時間:( UTC+9 ) 9:00-24:00
月曜日から土曜日まで

サポート:現在連絡 

関連リンク

トップ試験