Practice Free CS0-003 Exam Online Questions
A zero-day command injection vulnerability was published.
A security administrator is analyzing the following logs for evidence of adversaries attempting to exploit the vulnerability:
Which of the following log entries provides evidence of the attempted exploit?
- A . Log entry 1
- B . Log entry 2
- C . Log entry 3
- D . Log entry 4
A security analyst is reviewing the findings of the latest vulnerability report for a company’s web application. The web application accepts files for a Bash script to be processed if the files match a given hash. The analyst is able to submit files to the system due to a hash collision.
Which of the following should the analyst suggest to mitigate the vulnerability with the fewest changes to the current script and infrastructure?
- A . Deploy a WAF to the front of the application.
- B . Replace the current MD5 with SHA-256.
- C . Deploy an antivirus application on the hosting system.
- D . Replace the MD5 with digital signatures.
A security administrator has found indications of dictionary attacks against the company’s external-facing portal.
Which of the following should be implemented to best mitigate the password attacks?
- A . Multifactor authentication
- B . Password complexity
- C . Web application firewall
- D . Lockout policy
A security administrator has found indications of dictionary attacks against the company’s external-facing portal.
Which of the following should be implemented to best mitigate the password attacks?
- A . Multifactor authentication
- B . Password complexity
- C . Web application firewall
- D . Lockout policy
While reviewing system logs, a network administrator discovers the following entry:
Which of the following occurred?
- A . An attempt was made to access a remote workstation.
- B . The PsExec services failed to execute.
- C . A remote shell failed to open.
- D . A user was trying to download a password file from a remote system.
A SOC manager reviews metrics from the last four weeks to investigate a recurring availability issue.
The manager finds similar events correlating to the times of the reported issues.
Which of the following methods would the manager most likely use to resolve the issue?
- A . Vulnerability assessment
- B . Root cause analysis
- C . Recurrence reports
- D . Lessons learned
Which of the following best describes the document that defines the expectation to network customers that patching will only occur between 2:00 a.m. and 4:00 a.m?
- A . SLA
- B . LOI
- C . MOU
- D . KPI
An organization wants to establish a disaster recovery plan for critical applications that are hosted on premises.
Which of the following is the first step to prepare for supporting this new requirement?
- A . Choose a vendor to utilize for the disaster recovery location.
- B . Establish prioritization of continuity from data and business owners.
- C . Negotiate vendor agreements to support disaster recovery capabilities.
- D . Advise the leadership team that a geographical area for recovery must be defined.
A vulnerability management team is unable to patch all vulnerabilities found during their weekly scans.
Using the third-party scoring system described below, the team patches the most urgent vulnerabilities:
Additionally, the vulnerability management team feels that the metrics Smear and Channing are less important than the others, so these will be lower in priority.
Which of the following vulnerabilities should be patched first, given the above third-party scoring system?
- A . InLoud:
Cobain: Yes
Grohl: No
Novo: Yes
Smear: Yes
Channing: No - B . TSpirit:
Cobain: Yes
Grohl: Yes
Novo: Yes
Smear: No
Channing: No - C . ENameless:
Cobain: Yes
Grohl: No
Novo: Yes
Smear: No
Channing: No - D . PBleach:
Cobain: Yes
Grohl: No
Novo: No
Smear: No
Channing: Yes
Which of the following would help to minimize human engagement and aid in process improvement in security operations?
- A . OSSTMM
- B . SIEM
- C . SOAR
- D . QVVASP