Winter Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

CompTIA CySA+ Changed CS0-003 Questions

Page: 12 / 27
Total 367 questions

CompTIA CyberSecurity Analyst CySA+ Certification Exam Questions and Answers

Question 45

During an incident, an analyst needs to acquire evidence for later investigation. Which of the following must be collected first in a computer system, related to its volatility level?

Options:

A.

Disk contents

B.

Backup data

C.

Temporary files

D.

Running processes

Question 46

An analyst is reviewing a dashboard from the company's SIEM and finds that an IP address known to be malicious can be tracked to numerous high-priority events in the last two hours. The dashboard indicates that these events relate to TTPs. Which of the following is the analyst most likely using?

Options:

A.

MITRE ATT&CK

B.

OSSTMM

C.

Diamond Model of Intrusion Analysis

D.

OWASP

Question 47

A company receives a penetration test report summary from a third party. The report summary indicates a proxy has some patches that need to be applied. The proxy is sitting in a rack and is not being

used, as the company has replaced it with a new one. The CVE score of the vulnerability on the proxy is a 9.8. Which of the following best practices should the company follow with this proxy?

Options:

A.

Leave the proxy as is.

B.

Decomission the proxy.

C.

Migrate the proxy to the cloud.

D.

Patch the proxy

Question 48

An older CVE with a vulnerability score of 7.1 was elevated to a score of 9.8 due to a widely available exploit being used to deliver ransomware. Which of the following factors would an analyst most likely communicate as the reason for this escalation?

Options:

A.

Scope

B.

Weaponization

C.

CVSS

D.

Asset value

Page: 12 / 27
Total 367 questions