CS0-003無料問題集「CompTIA Cybersecurity Analyst (CySA+) Certification」

質問 1

An analyst investigated a website and produced the following:
Starting Nmap 7.92 ( https://nmap.org ) at 2022-07-21 10:21 CDT
Nmap scan report for insecure.org (45.33.49.119)
Host is up (0.054s latency).
rDNS record for 45.33.49.119: ack.nmap.org
Not shown: 95 filtered tcp ports (no-response)
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 7.4 (protocol 2.0)
25/tcp closed smtp
80/tcp open http Apache httpd 2.4.6
113/tcp closed ident
443/tcp open ssl/http Apache httpd 2.4.6
Service Info: Host: issues.nmap.org
Service detection performed. Please report any incorrect results at https://nmap .org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 20.52 seconds
Which of the following syntaxes did the analyst use to discover the application versions on this vulnerable website?

（A）nmap-sV -T4 -F insecure.org

（B）nmap-sS -T4 -F insecure.org

（C）nmap-0 insecure.org

（D）nmap-A insecure.org

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

Exploit code for a recently disclosed critical software vulnerability was publicly available (or download for several days before being removed. Which of the following CVSS v.3.1 temporal metrics was most impacted by this exposure?

（A）Availability

（B）Exploit code maturity

（C）Report confidence

（D）Remediation level

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

A vulnerability scan of a web server that is exposed to the internet was recently completed. A security analyst is reviewing the resulting vector strings:
Vulnerability 1: CVSS: 3.0/AV:N/AC: L/PR: N/UI : N/S: U/C: H/I : L/A:L
Vulnerability 2: CVSS: 3.0/AV: L/AC: H/PR:N/UI : N/S: U/C: L/I : L/A: H Vulnerability 3: CVSS: 3.0/AV:A/AC: H/PR: L/UI : R/S: U/C: L/I : H/A:L Vulnerability 4: CVSS: 3.0/AV: P/AC: L/PR: H/UI : N/S: U/C: H/I:N/A:L Which of the following vulnerabilities should be patched first?

（A）Vulnerability 1

（B）Vulnerability 2

（C）Vulnerability 4

（D）Vulnerability 3

正解：A 解答を投票する

質問 4

An analyst is trying to capture anomalous traffic from a compromised host. Which of the following are the best tools for achieving this objective? (Select two).

（A）SOAR

（B）Nmap

（C）SIEM

（D）Wireshark

（E）tcpdump

（F）Vulnerability scanner

正解：D、E 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

A security analyst received an alert regarding multiple successful MFA log-ins for a particular user When reviewing the authentication logs the analyst sees the following:
Which of the following are most likely occurring, based on the MFA logs? (Select two).

（A）Push phishing

（B）Password spray

（C）Subscriber identity module swapping

（D）impossible geo-velocity

（E）Rogue access point

（F）Dictionary attack

正解：A、D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

An analyst has been asked to validate the potential risk of a new ransomware campaign that the Chief Financial Officer read about in the newspaper. The company is a manufacturer of a very small spring used in the newest fighter jet and is a critical piece of the supply chain for this aircraft. Which of the following would be the best threat intelligence source to learn about this new campaign?

（A）Deep/dark web

（B）Blogs/forums

（C）Information sharing organization

（D）Cybersecuritv incident response team

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

A systems analyst is limiting user access to system configuration keys and values in a Windows environment.
Which of the following describes where the analyst can find these configuration items?

（A）Registry

（B）ntds.dit

（C）config. ini

（D）Master boot record

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 8

An analyst wants to ensure that users only leverage web-based software that has been pre-approved by the organization. Which of the following should be deployed?

（A）Allowlisting

（B）Graylisting

（C）Blocklisting

（D）Webhooks

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

A security program was able to achieve a 30% improvement in MTTR by integrating security controls into a SIEM. The analyst no longer had to jump between tools. Which of the following best describes what the security program did?

（A）Single pane of glass

（B）Threat feed combination

（C）Data enrichment

（D）Security control plane

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

Which of the following describes the best reason for conducting a root cause analysis?

（A）The root cause analysis identifies the contributing items that facilitated the event

（B）The root cause analysis allows the incident to be properly documented for reporting.

（C）The root cause analysis develops recommendations to improve the process.

（D）The root cause analysis ensures that proper timelines were documented.

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 11

A systems administrator needs to gather security events with repeatable patterns from Linux log files. Which of the following would the administrator most likely use for this task?

（A）Variables in a PowerShell script

（B）A regular expression in Bash

（C）A playbook in a SOAR tool

（D）Filters in the vi editor

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 12

Which of the following best describes the goal of a tabletop exercise?

（A）To understand existing threat actors and how to replicate their techniques

（B）To perform attack exercises to check response effectiveness

（C）To test possible incident scenarios and how to react properly

（D）To check the effectiveness of the business continuity plan

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

CS0-003 無料問題集「CompTIA Cybersecurity Analyst (CySA+) Certification」

弊社を連絡する

関連リンク

トップ試験