Winter Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

CompTIA CySA+ CS0-002 Dumps PDF

Page: 27 / 28
Total 372 questions

CompTIA CySA+ Certification Exam (CS0-002) Questions and Answers

Question 105

Which of the following data exfiltration discoveries would most likely require communicating a breach to regulatory agencies?

Options:

A.

CRM data

B.

PHI files

C.

SIEM logs

D.

UEBA metrics

Question 106

A forensics investigator is analyzing a compromised workstation. The investigator has cloned the hard drive and needs to verify that a bit-level image copy of a hard drive is an exact clone of the original hard drive that was collected as evidence. Which of the following should the investigator do?

Options:

A.

Insert the hard drive on a test computer and boot the computer.

B.

Record the serial numbers of both hard drives.

C.

Compare the file-directory "sting of both hard drives.

D.

Run a hash against the source and the destination.

Question 107

An analyst received an alert regarding an application spawning a suspicious command shell process Upon further investigation, the analyst observes the following registry change occurring immediately after the suspicious event:

Which of the following was the suspicious event able to accomplish?

Options:

A.

Impair defenses.

B.

Establish persistence.

C.

Bypass file access controls.

D.

Implement beaconing.

Question 108

A digital forensics investigator works from duplicate images to preserve the integrity of the original evidence. Which of the following types of media are most volatile and should be preserved? (Select two).

Options:

A.

Memory cache

B.

Registry file

C.

SSD storage

D.

Temporary filesystems

E.

Packet decoding

F.

Swap volume

Page: 27 / 28
Total 372 questions