Winter Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

CompTIA CS0-003 Based on Real Exam Environment

Page: 4 / 27
Total 367 questions

CompTIA CyberSecurity Analyst CySA+ Certification Exam Questions and Answers

Question 13

An organization conducted a web application vulnerability assessment against the corporate website, and the following output was observed:

Which of the following tuning recommendations should the security analyst share?

Options:

A.

Set an Http Only flag to force communication by HTTPS.

B.

Block requests without an X-Frame-Options header.

C.

Configure an Access-Control-Allow-Origin header to authorized domains.

D.

Disable the cross-origin resource sharing header.

Question 14

A development team is preparing to roll out a beta version of a web application and wants to quickly test for vulnerabilities, including SQL injection, path traversal, and cross-site scripting. Which of the following tools would the security team most likely recommend to perform this test?

Options:

A.

Has heat

B.

OpenVAS

C.

OWASP ZAP

D.

Nmap

Question 15

An organization enabled a SIEM rule to send an alert to a security analyst distribution list when ten failed logins occur within one minute. However, the control was unable to detect an attack with nine failed logins. Which of the following best represents what occurred?

Options:

A.

False positive

B.

True negative

C.

False negative

D.

True positive

Question 16

While a security analyst for an organization was reviewing logs from web servers. the analyst found several successful attempts to downgrade HTTPS sessions to use cipher modes of operation susceptible to padding oracle attacks. Which of the following combinations of configuration changes should the organization make to remediate this issue? (Select two).

Options:

A.

Configure the server to prefer TLS 1.3.

B.

Remove cipher suites that use CBC.

C.

Configure the server to prefer ephemeral modes for key exchange.

D.

Require client browsers to present a user certificate for mutual authentication.

E.

Configure the server to require HSTS.

F.

Remove cipher suites that use GCM.

Page: 4 / 27
Total 367 questions