CS0_003 questions • Exam prepare

Exam contains 425 questions

Page 11 of 71

Question 61 🔥

An organization has activated the CSIRT. A security analyst believes a single virtual server was compromised and immediately isolated from the network. Which of the following should the CSIRT conduct next?

Which database solution meets these requirements?

A. Take a snapshot of the compromised server and verify its integrity

Highly voted

B. Restore the affected server to remove any malware

C. Contact the appropriate government agency to investigate

D. Research the malware strain to perform attribution

Discussion of the question

Question 62 🔥

During an incident, an analyst needs to acquire evidence for later investigation. Which of the following must be collected first in a computer system, related to its volatility level?

Which database solution meets these requirements?

A. Disk contents

B. Backup data

C. Temporary files

D. Running processes

Highly voted

Discussion of the question

Question 63 🔥

A security analyst is trying to identify possible network addresses from different source networks belonging to the same company and region. Which of the following shell script functions could help achieve the goal?

Which database solution meets these requirements?

A. function w() { a=$(ping -c 1 $1 | awk-F ”/” ’END{print $1}’) && echo “$1 | $a” }

B. function x() { b=traceroute -m 40 $1 | awk ’END{print $1}’) && echo “$1 | $b” }

C. function y() { dig $(dig -x $1 | grep PTR | tail -n 1 | awk -F ”.in-addr” ’{print $1}’).origin.asn.cymru.com TXT +short }

Highly voted

D. function z() { c=$(geoiplookup$1) && echo “$1 | $c” }

Discussion of the question

Question 64 🔥

A security analyst is writing a shell script to identify IP addresses from the same country. Which of the following functions would help the analyst achieve the objective?

Which database solution meets these requirements?

A. function w() { info=$(ping -c 1 $1 | awk -F “/” ‘END{print $1}’) && echo “$1 | $info” }

B. function x() { info=$(geoiplookup $1) && echo “$1 | $info” }

Highly voted

C. function y() { info=$(dig -x $1 | grep PTR | tail -n 1 ) && echo “$1 | $info” }

D. function z() { info=$(traceroute -m 40 $1 | awk ‘END{print $1}’) && echo “$1 | $info” }

Discussion of the question

Question 65 🔥

A security analyst obtained the following table of results from a recent vulnerability assessment that was conducted against a single web server in the environment:Which of the following should be completed first to remediate the findings?

Which database solution meets these requirements?

A. Ask the web development team to update the page contents

B. Add the IP address allow listing for control panel access

C. Purchase an appropriate certificate from a trusted root CA

D. Perform proper sanitization on all fields

Highly voted

Discussion of the question

Question 66 🔥

A recent zero-day vulnerability is being actively exploited, requires no user interaction or privilege escalation, and has a significant impact to confidentiality and integrity but not to availability. Which of the following CVE metrics would be most accurate for this zero-day threat?

Which database solution meets these requirements?

A. CVSS:31/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:K/A:L

Highly voted

B. CVSS:31/AV:K/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L

C. CVSS:31/AV:N/AC:L/PR:N/UI:H/S:U/C:L/I:N/A:H

D. CVSS:31/AV:L/AC:L/PR:R/UI:R/S:U/C:H/I:L/A:H

Discussion of the question

Ready to Pass Your Certification Test

comptia CS0_003

Exam contains 425 questions

Lorem ipsum dolor sit amet consectetur. Eget sed turpis aenean sit aenean. Integer at nam ullamcorper a.

Company

Product

Resources

Follow us