Practice Free CS0-003 Exam Online Questions
A security analyst is trying to identify possible network addresses from different source networks belonging to the same company and region.
Which of the following shell script functions could help achieve the goal?
- A . function w() { a=$(ping -c 1 $1 | awk-F ”/” ’END{print $1}’) && echo “$1 | $a” }
- B . function x() { b=traceroute -m 40 $1 | awk ’END{print $1}’) && echo “$1 | $b” }
- C . function y() { dig $(dig -x $1 | grep PTR | tail -n 1 | awk -F ”.in-addr” ’{print $1}’).origin.asn.cymru.com TXT +short }
- D . function z() { c=$(geoiplookup$1) && echo “$1 | $c” }
The SOC received a threat intelligence notification indicating that an employee’s credentials were found on the dark web. The user’s web and log-in activities were reviewed for malicious or anomalous connections, data uploads/downloads, and exploits. A review of the controls confirmed multifactor
authentication was enabled.
Which of the following should be done first to mitigate impact to the business networks and assets?
- A . Perform a forced password reset.
- B . Communicate the compromised credentials to the user.
- C . Perform an ad hoc AV scan on the user’s laptop.
- D . Review and ensure privileges assigned to the user’s account reflect least privilege.
- E . Lower the thresholds for SOC alerting of suspected malicious activity.
Due to reports of unauthorized activity that was occurring on the internal network, an analyst is performing a network discovery. The analyst runs an Nmap scan against a corporate network to evaluate which devices were operating in the environment.
Given the following output:
Which of the following choices should the analyst look at first?
- A . wh4dc-748gy.lan (192.168.86.152)
- B . lan (192.168.86.22)
- C . imaging.lan (192.168.86.150)
- D . xlaptop.lan (192.168.86.249)
- E . p4wnp1_aloa.lan (192.168.86.56)
Due to reports of unauthorized activity that was occurring on the internal network, an analyst is performing a network discovery. The analyst runs an Nmap scan against a corporate network to evaluate which devices were operating in the environment.
Given the following output:
Which of the following choices should the analyst look at first?
- A . wh4dc-748gy.lan (192.168.86.152)
- B . lan (192.168.86.22)
- C . imaging.lan (192.168.86.150)
- D . xlaptop.lan (192.168.86.249)
- E . p4wnp1_aloa.lan (192.168.86.56)
A managed security service provider is having difficulty retaining talent due to an increasing workload caused by a client doubling the number of devices connected to the network.
Which of the following would best aid in decreasing the workload without increasing staff?
- A . SIEM
- B . XDR
- C . SOAR
- D . EDR
Which of the following is a nation-state actor least likely to be concerned with?
- A . Detection by MITRE ATT&CK framework.
- B . Detection or prevention of reconnaissance activities.
- C . Examination of its actions and objectives.
- D . Forensic analysis for legal action of the actions taken
AXSS vulnerability was reported on one of the non-sensitive/non-mission-critical public websites of a company. The security department confirmed the finding and needs to provide a recommendation to the application owner.
Which of the following recommendations will best prevent this vulnerability from being exploited? (Select two).
- A . Implement an IPS in front of the web server.
- B . Enable MFA on the website.
- C . Take the website offline until it is patched.
- D . Implement a compensating control in the source code.
- E . Configure TLS v1.3 on the website.
- F . Fix the vulnerability using a virtual patch at the WAF.
An analyst investigated a website and produced the following:
Which of the following syntaxes did the analyst use to discover the application versions on this vulnerable website?
- A . nmap -sS -T4 -F insecure.org
- B . nmap -o insecure.org
- C . nmap -sV -T4 -F insecure.org
- D . nmap -A insecure.org
A security analyst reviews the following Arachni scan results for a web application that stores PII data:
Which of the following should be remediated first?
- A . SQL injection
- B . RFI
- C . XSS
- D . Code injection
A development team recently released a new version of a public-facing website for testing prior to
production. The development team is soliciting the help of various teams to validate the functionality of the website due to its high visibility.
Which of the following activities best describes the process the development team is initiating?
- A . Static analysis
- B . Stress testing
- C . Code review
- D . User acceptance testing