Winter Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

CompTIA CompTIA CySA+ CS0-003 New Questions

Page: 10 / 27
Total 367 questions

CompTIA CyberSecurity Analyst CySA+ Certification Exam Questions and Answers

Question 37

The vulnerability analyst reviews threat intelligence regarding emerging vulnerabilities affecting workstations that are used within the company:

Which of the following vulnerabilities should the analyst be most concerned about, knowing that end users frequently click on malicious links sent via email?

Options:

A.

Vulnerability A

B.

Vulnerability B

C.

Vulnerability C

D.

Vulnerability D

Question 38

An organization discovered a data breach that resulted in Pll being released to the public. During the lessons learned review, the panel identified discrepancies regarding who was responsible for external reporting, as well as the timing requirements. Which of the following actions would best address the reporting issue?

Options:

A.

Creating a playbook denoting specific SLAs and containment actions per incident type

B.

Researching federal laws, regulatory compliance requirements, and organizational policies to document specific reporting SLAs

C.

Defining which security incidents require external notifications and incident reporting in addition to internal stakeholders

D.

Designating specific roles and responsibilities within the security team and stakeholders to streamline tasks

Question 39

A security analyst is writing a shell script to identify IP addresses from the same country. Which of the following functions would help the analyst achieve the objective?

Options:

A.

function w() { info=$(ping -c 1 $1 | awk -F “/” ‘END{print $1}’) && echo “$1 | $info” }

B.

function x() { info=$(geoiplookup $1) && echo “$1 | $info” }

C.

function y() { info=$(dig -x $1 | grep PTR | tail -n 1 ) && echo “$1 | $info” }

D.

function z() { info=$(traceroute -m 40 $1 | awk ‘END{print $1}’) && echo “$1 | $info” }

Question 40

A systems administrator receives reports of an internet-accessible Linux server that is running very sluggishly. The administrator examines the server, sees a high amount of memory utilization, and suspects a DoS attack related to half-open TCP sessions consuming memory. Which of the following tools would best help to prove whether this server was experiencing this behavior?

Options:

A.

Nmap

B.

TCPDump

C.

SIEM

D.

EDR

Page: 10 / 27
Total 367 questions