Practice Free CS0-003 Exam Online Questions
A cybersecurity analyst is researching operational data to develop a script that will detect the presence of a threat on corporate assets.
Which of the following contains the most useful information to produce this script?
- A . API documentation
- B . Protocol analysis captures
- C . MITRE ATT&CK reports
- D . OpenloC files
Which of the following software assessment methods world peak times?
- A . Security regression testing
- B . Stress testing
- C . Static analysis testing
- D . Dynamic analysis testing
- E . User acceptance testing
A recent zero-day vulnerability is being actively exploited, requires no user interaction or privilege escalation, and has a significant impact to confidentiality and integrity but not to availability.
Which of the following CVE metrics would be most accurate for this zero-day threat?
- A . CVSS: 31/AV: N/AC: L/PR: N/UI: N/S: U/C: H/1: K/A: L
- B . CVSS:31/AV:K/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L
- C . CVSS:31/AV:N/AC:L/PR:N/UI:H/S:U/C:L/I:N/A:H
- D . CVSS:31/AV:L/AC:L/PR:R/UI:R/S:U/C:H/I:L/A:H
A security analyst discovers the accounting department is hosting an accounts receivable form on a public document service. Anyone with the link can access it.
Which of the following threats applies to this situation?
- A . Potential data loss to external users
- B . Loss of public/private key management
- C . Cloud-based authentication attack
- D . Identification and authentication failures
A company’s user accounts have been compromised. Users are also reporting that the company’s internal portal is sometimes only accessible through HTTP, other times; it is accessible through HTTPS.
Which of the following most likely describes the observed activity?
- A . There is an issue with the SSL certificate causinq port 443 to become unavailable for HTTPS access
- B . An on-path attack is being performed by someone with internal access that forces users into port 80
- C . The web server cannot handle an increasing amount of HTTPS requests so it forwards users to port 80
- D . An error was caused by BGP due to new rules applied over the company’s internal routers
Which of the following is the best metric for an organization to focus on given recent investments in SIEM, SOAR, and a ticketing system?
- A . Mean time to detect
- B . Number of exploits by tactic
- C . Alert volume
- D . Quantity of intrusion attempts
A security analyst wants to capture large amounts of network data that will be analyzed at a later time. The packet capture does not need to be in a format that is readable by humans, since it will be put into a binary file called "packetCapture." The capture must be as efficient as possible, and the analyst wants to minimize the likelihood that packets will be missed.
Which of the following commands will best accomplish the analyst’s objectives?
- A . tcpdump -w packetCapture
- B . tcpdump -a packetCapture
- C . tcpdump -n packetCapture
- D . nmap -v > packetCapture
- E . nmap -oA > packetCapture
Members of the sales team are using email to send sensitive client lists with contact information to their personal accounts The company’s AUP and code of conduct prohibits this practice.
Which of the following configuration changes would improve security and help prevent this from occurring?
- A . Configure the DLP transport rules to provide deep content analysis.
- B . Put employees’ personal email accounts on the mail server on a blocklist.
- C . Set up IPS to scan for outbound emails containing names and contact information.
- D . Use Group Policy to prevent users from copying and pasting information into emails.
- E . Move outbound emails containing names and contact information to a sandbox for further examination.
Which of the following would a security analyst most likely use to compare TTPs between different known adversaries of an organization?
- A . MITRE ATTACK
- B . Cyber Kill Cham
- C . OWASP
- D . STIXTAXII
Which of the following will most likely ensure that mission-critical services are available in the event of an incident?
- A . Business continuity plan
- B . Vulnerability management plan
- C . Disaster recovery plan
- D . Asset management plan