Practice Free CS0-003 Exam Online Questions
An organization conducted a web application vulnerability assessment against the corporate website, and the following output was observed:
Which of the following tuning recommendations should the security analyst share?
- A . Set an HttpOnlvflaq to force communication by HTTPS
- B . Block requests without an X-Frame-Options header
- C . Configure an Access-Control-Allow-Origin header to authorized domains
- D . Disable the cross-origin resource sharing header
A Chief Information Security Officer wants to lock down the users’ ability to change applications that are installed on their Windows systems.
Which of the following is the best enterprise-level solution?
- A . HIPS
- B . GPO
- C . Registry
- D . DLP
A security analyst is investigating a compromised Linux server.
The analyst issues the ps command and receives the following output:
Which of the following commands should the administrator run next to further analyze the compromised system?
- A . gbd /proc/1301
- B . rpm -V openssh-server
- C . /bin/Is -1 /proc/1301/exe
- D . kill -9 1301
A security analyst wants to implement new monitoring controls in order to find abnormal account activity for traveling employees.
Which of the following techniques would deliver the expected results?
- A . Malicious command interpretation
- B . Network monitoring
- C . User behavior analysis
- D . SSL inspection
A security analyst wants to implement new monitoring controls in order to find abnormal account activity for traveling employees.
Which of the following techniques would deliver the expected results?
- A . Malicious command interpretation
- B . Network monitoring
- C . User behavior analysis
- D . SSL inspection
A Chief Information Security Officer wants to map all the attack vectors that the company faces each day.
Which of the following recommendations should the company align their security controls around?
- A . OSSTMM
- B . Diamond Model Of Intrusion Analysis
- C . OWASP
- D . MITRE ATT&CK
Several critical bugs were identified during a vulnerability scan. The SLA risk requirement is that all critical vulnerabilities should be patched within 24 hours. After sending a notification to the asset owners, the patch cannot be deployed due to planned, routine system upgrades.
Which of the following is the best method to remediate the bugs?
- A . Reschedule the upgrade and deploy the patch
- B . Request an exception to exclude the patch from installation
- C . Update the risk register and request a change to the SLA
- D . Notify the incident response team and rerun the vulnerability scan
A security analyst recently used Arachni to perform a vulnerability assessment of a newly developed web application.
The analyst is concerned about the following output:
[+] XSS: In form input ‘txtSearch’ with action https://localhost/search.aspx
[-] XSS: Analyzing response #1…
[-] XSS: Analyzing response #2…
[-] XSS: Analyzing response #3…
[+] XSS: Response is tainted. Looking for proof of the vulnerability.
Which of the following is the most likely reason for this vulnerability?
- A . The developer set input validation protection on the specific field of search.aspx.
- B . The developer did not set proper cross-site scripting protections in the header.
- C . The developer did not implement default protections in the web application build.
- D . The developer did not set proper cross-site request forgery protections.
A new cybersecurity analyst is tasked with creating an executive briefing on possible threats to the organization.
Which of the following will produce the data needed for the briefing?
- A . Firewall logs
- B . Indicators of compromise
- C . Risk assessment
- D . Access control lists
An analyst is remediating items associated with a recent incident. The analyst has isolated the vulnerability and is actively removing it from the system.
Which of the following steps of the process does this describe?
- A . Eradication
- B . Recovery
- C . Containment
- D . Preparation