Winter Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

CompTIA CS0-002 Based on Real Exam Environment

Page: 13 / 28
Total 372 questions

CompTIA CySA+ Certification Exam (CS0-002) Questions and Answers

Question 49

A company employee downloads an application from the internet. After the installation, the employee begins experiencing noticeable performance issues, and files are appearing on the desktop.

Which of the following processes will the security analyst Identify as the MOST likely indicator of system compromise given the processes running in Task Manager?

Options:

A.

Chrome.exe

B.

Word.exe

C.

Explorer.exe

D.

mstsc.exe

E.

taskmgr.exe

Question 50

An organization is required to be able to consume multiple threat feeds simultaneously and to provide actionable intelligence to various teams. The organization would also like to be able to leverage the intelligence to enrich security event data. Which of the following functions would most likely help the security analyst meet the organization's requirements?

Options:

A.

Vulnerability management

B.

Risk management

C.

Detection and monitoring

D.

Incident response

Question 51

A SIEM analyst receives an alert containing the following URL:

Which of the following BEST describes the attack?

Options:

A.

Password spraying

B.

Buffer overflow

C.

insecure object access

D.

Directory traversal

Question 52

A security analyst is concerned the number of security incidents being reported has suddenly gone down. Daily business interactions have not changed, and no following should the analyst review FIRST?

Options:

A.

The DNS configuration

B.

Privileged accounts

C.

The IDS rule set

D.

The firewall ACL

Page: 13 / 28
Total 372 questions