Exam Name: | CompTIA CyberSecurity Analyst CySA+ Certification Exam | ||
Exam Code: | CS0-003 Dumps | ||
Vendor: | CompTIA | Certification: | CompTIA CySA+ |
Questions: | 424 Q&A's | Shared By: | naila |
While configuring a SIEM for an organization, a security analyst is having difficulty correlating incidents across different systems. Which of the following should be checked first?
Which of the following would likely be used to update a dashboard that integrates…..
A vulnerability scan shows the following issues:
Asset Type
CVSS Score
Exploit Vector
Workstations
6.5
RDP vulnerability
Storage Server
9.0
Unauthorized access due to server application vulnerability
Firewall
8.9
Default password vulnerability
Web Server
10.0
Zero-day vulnerability (vendor working on patch)
Which of the following actions should the security analyst take first?
An analyst discovers unusual outbound connections to an IP that was previously blocked at the web proxy and firewall. Upon further investigation, it appears that the proxy and firewall rules that were in place were removed by a service account that is not recognized. Which of the following parts of the Cyber Kill Chain does this describe?