Winter Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

CS0-003 Exam Questions Tutorials

Page: 14 / 27
Total 367 questions

CompTIA CyberSecurity Analyst CySA+ Certification Exam Questions and Answers

Question 53

An analyst discovers unusual outbound connections to an IP that was previously blocked at the web proxy and firewall. Upon further investigation, it appears that the proxy and firewall rules that were in place were removed by a service account that is not recognized. Which of the following parts of the Cyber Kill Chain does this describe?

Options:

A.

Delivery

B.

Command and control

C.

Reconnaissance

D.

Weaporization

Question 54

During normal security monitoring activities, the following activity was observed:

cd C:\Users\Documents\HR\Employees

takeown/f .*

SUCCESS:

Which of the following best describes the potentially malicious activity observed?

Options:

A.

Registry changes or anomalies

B.

Data exfiltration

C.

Unauthorized privileges

D.

File configuration changes

Question 55

A company brings in a consultant to make improvements to its website. After the consultant leaves. a web developer notices unusual activity on the website and submits a suspicious file containing the following code to the security team:

Which of the following did the consultant do?

Options:

A.

Implanted a backdoor

B.

Implemented privilege escalation

C.

Implemented clickjacking

D.

Patched the web server

Question 56

Which of the following tools would work best to prevent the exposure of PII outside of an organization?

Options:

A.

PAM

B.

IDS

C.

PKI

D.

DLP

Page: 14 / 27
Total 367 questions