次の認定試験に速く合格する!

簡単に認定試験を準備し、学び、そして合格するためにすべてが必要だ。

会員センター  カート (0)

CS0-003 無料問題集「CompTIA Cybersecurity Analyst (CySA+) Certification」

ページ: 1 / 31
トータル 555 問
完全版を入手する
During a security test, a security analyst found a critical application with a buffer overflow vulnerability. Which of the following would be best to mitigate the vulnerability at the application level?

解説: (JPNTest メンバーにのみ表示されます)
A security analyst found the following vulnerability on the company's website:
<INPUT TYPE="IMAGE" SRC="javascript:alert(`test');">
Which of the following should be implemented to prevent this type of attack in the future?

解説: (JPNTest メンバーにのみ表示されます)
A company recently removed administrator rights from all of its end user workstations. An analyst uses CVSSv3.1 exploitability metrics to prioritize the vulnerabilities for the workstations and produces the following information:

Which of the following vulnerabilities should be prioritized for remediation?

An analyst receives an alert for suspicious IIS log activity and reviews the following entries:
2024-05-23 15:57:05 10.203.10.16 HEAT / - 80 - 10.203.10.17 DirBuster-
1.0-
RC1+(http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project) .
..
Which of the following will the analyst infer from the logs?

解説: (JPNTest メンバーにのみ表示されます)
An employee accessed a website that caused a device to become infected with invasive malware. The incident response analyst has:
- created the initial evidence log.
- disabled the wireless adapter on the device.
- interviewed the employee, who was unable to identify the website that was accessed.
- reviewed the web proxy traffic logs.
Which of the following should the analyst do to remediate the infected device?

解説: (JPNTest メンバーにのみ表示されます)
An email hosting provider added a new data center with new public IP addresses. Which of the following most likely needs to be updated to ensure emails from the new data center do not get blocked by spam filters?

解説: (JPNTest メンバーにのみ表示されます)
A cybersecurity analyst is doing triage in a SIEM and notices that the time stamps between the firewall and the host under investigation are off by 43 minutes. Which of the following is the most likely scenario occurring with the time stamps?

解説: (JPNTest メンバーにのみ表示されます)
A security analyst observed the following activities in chronological order:
1. Protocol violation alerts on external firewall
2. Unauthorized internal scanning activity
3. Changes in outbound network performance
Which of the following best describes the goal of the threat actor?

An analyst is conducting routine vulnerability assessments on the company infrastructure. When performing these scans, a business-critical server crashes, and the cause is traced back to the vulnerability scanner. Which of the following is the cause of this issue?

解説: (JPNTest メンバーにのみ表示されます)
A new cybersecurity analyst is tasked with creating an executive briefing on possible threats to the organization. Which of the following will produce the data needed for the briefing?

解説: (JPNTest メンバーにのみ表示されます)
A security administrator has found indications of dictionary attacks against the company's external-facing portal. Which of the following should be implemented to best mitigate the password attacks?

解説: (JPNTest メンバーにのみ表示されます)
A regulated organization experienced a security breach that exposed a list of customer names with corresponding PII data. Which of the following is the best reason for developing the organization's communication plans?

解説: (JPNTest メンバーにのみ表示されます)
After updating the email client to the latest patch, only about 15% of the workforce is able to use email. Windows 10 users do not experience issues, but Windows 11 users have constant issues.
Which of the following did the change management team fail to do?

解説: (JPNTest メンバーにのみ表示されます)
Which of the following describes the best reason for conducting a root cause analysis?

解説: (JPNTest メンバーにのみ表示されます)
A security analyst is reviewing a firewall usage report that contains traffic generated over the last
30 minutes in order to locate unusual traffic patterns:

Which of the following source IP addresses does the analyst need to investigate further?

Which of the following would eliminate the need for different passwords for a variety or internal application?

解説: (JPNTest メンバーにのみ表示されます)
A company's internet-facing web application has been compromised several times due to identified design flaws. The company would like to minimize the risk of these incidents from reoccurring and has provided the developers with better security training. However, the company cannot allocate any more internal resources to the issue. Which of the following are the best options to help identify flaws within the system? (Choose two.)

正解:B、D 解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
A web application team notifies a SOC analyst that there are thousands of HTTP/404 events on the public-facing web server. Which of the following is the next step for the analyst to take?

解説: (JPNTest メンバーにのみ表示されます)
ページ: 1 / 31
トータル 555 問

弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

オンラインサポート時間:( UTC+9 ) 9:00-24:00
月曜日から土曜日まで

サポート:現在連絡 

関連リンク

トップ試験