Summer Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

CompTIA CyberSecurity Analyst CySA+ Certification Exam

Last Update 8 hours ago Total Questions : 487

The CompTIA CyberSecurity Analyst CySA+ Certification Exam content is now fully updated, with all current exam questions added 8 hours ago. Deciding to include CS0-003 practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our CS0-003 exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these CS0-003 sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any CompTIA CyberSecurity Analyst CySA+ Certification Exam practice test comfortably within the allotted time.

Question # 131

AXSS vulnerability was reported on one of the non-sensitive/non-mission-critical public websites of a company. The security department confirmed the finding and needs to provide a recommendation to the application owner. Which of the following recommendations will best prevent this vulnerability from being exploited? (Select two).

A.

Implement an IPS in front of the web server.

B.

Enable MFA on the website.

C.

Take the website offline until it is patched.

D.

Implement a compensating control in the source code.

E.

Configure TLS v1.3 on the website.

F.

Fix the vulnerability using a virtual patch at the WAF.

Question # 132

An analyst is reviewing a dashboard from the company’s SIEM and finds that an IP address known to be malicious can be tracked to numerous high-priority events in the last two hours. The dashboard indicates that these events relate to TTPs. Which of the following is the analyst most likely using?

A.

MITRE ATT & CK

B.

OSSTMM

C.

Diamond Model of Intrusion Analysis

D.

OWASP

Question # 133

A security analyst is reviewing the following alert that was triggered by FIM on a critical system:

Which of the following best describes the suspicious activity that is occurring?

A.

A fake antivirus program was installed by the user.

B.

A network drive was added to allow exfiltration of data

C.

A new program has been set to execute on system start

D.

The host firewall on 192.168.1.10 was disabled.

Question # 134

A security analyst found the following vulnerability on the company’s website:

< INPUT TYPE=“IMAGE” SRC=“javascript:alert(‘test’);” >

Which of the following should be implemented to prevent this type of attack in the future?

A.

Input sanitization

B.

Output encoding

C.

Code obfuscation

D.

Prepared statements

Question # 135

Which of the following tools would work best to prevent the exposure of PII outside of an organization?

A.

PAM

B.

IDS

C.

PKI

D.

DLP

Question # 136

Based on an internal assessment, a vulnerability management team wants to proactively identify risks to the infrastructure prior to production deployments. Which of the following best supports this approach?

A.

Threat modeling

B.

Penetration testing

C.

Bug bounty

D.

SDLC training

Question # 137

Which Of the following techniques would be best to provide the necessary assurance for embedded software that drives centrifugal pumps at a power Plant?

A.

Containerization

B.

Manual code reviews

C.

Static and dynamic analysis

D.

Formal methods

Question # 138

Which of the following items should be included in a vulnerability scan report? (Choose two.)

A.

Lessons learned

B.

Service-level agreement

C.

Playbook

D.

Affected hosts

E.

Risk score

F.

Education plan

Question # 139

Two employees in the finance department installed a freeware application that contained embedded malware. The network is robustly segmented based on areas of responsibility. These computers had critical sensitive information stored locally that needs to be recovered. The department manager advised all department employees to turn off their computers until the security team could be contacted about the issue. Which of the following is the first step the incident response staff members should take when they arrive?

A.

Turn on all systems, scan for infection, and back up data to a USB storage device.

B.

Identify and remove the software installed on the impacted systems in the department.

C.

Explain that malware cannot truly be removed and then reimage the devices.

D.

Log on to the impacted systems with an administrator account that has privileges to perform backups.

E.

Segment the entire department from the network and review each computer offline.

Question # 140

The Chief Information Security Officer wants the same level of security to be present whether a remote worker logs in at home or at a coffee shop. Which of the following should be recommended as a starting point?

A.

Non-persistent virtual desktop infrastructures

B.

Passwordless authentication

C.

Standard-issue laptops

D.

Serverless workloads

Go to page: