Special Summer Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free CS0-003 Questions Attempt

Page: 6 / 31
Total 424 questions

CompTIA CyberSecurity Analyst CySA+ Certification Exam Questions and Answers

Question 21

Which of the following describes the best reason for conducting a root cause analysis?

Options:

A.

The root cause analysis ensures that proper timelines were documented.

B.

The root cause analysis allows the incident to be properly documented for reporting.

C.

The root cause analysis develops recommendations to improve the process.

D.

The root cause analysis identifies the contributing items that facilitated the event

Question 22

A security analyst has found the following suspicious DNS traffic while analyzing a packet capture:

• DNS traffic while a tunneling session is active.

• The mean time between queries is less than one second.

• The average query length exceeds 100 characters.

Which of the following attacks most likely occurred?

Options:

A.

DNS exfiltration

B.

DNS spoofing

C.

DNS zone transfer

D.

DNS poisoning

Question 23

An attacker recently gained unauthorized access to a financial institution's database, which contains confidential information. The attacker exfiltrated a large amount of data before being detected and blocked. A security analyst needs to complete a root cause analysis to determine how the attacker was able to gain access. Which of the following should the analyst perform first?

Options:

A.

Document the incident and any findings related to the attack for future reference.

B.

Interview employees responsible for managing the affected systems.

C.

Review the log files that record all events related to client applications and user access.

D.

Identify the immediate actions that need to be taken to contain the incident and minimize damage.

Question 24

A security analyst wants to implement new monitoring controls in order to find abnormal account activity for traveling employees. Which of the following techniques would deliver the expected results?

Options:

A.

Malicious command interpretation

B.

Network monitoring

C.

User behavior analysis

D.

SSL inspection

Page: 6 / 31
Total 424 questions