CompTIA CySA+ (CS0-003) Exam Questions 2024
CompTIA CySA+ (CS0-003) Exam Questions 2024
Visit Official SkillCertPro Website :-
For a full set of 730+ questions. Go to
https://skillcertpro.tech/product/comp-tia-cysa-cs0-003-practice-tests/
SkillCertPro offers detailed explanations to each question which helps to understand the concepts better.
It is recommended to score above 85% in SkillCertPro exams before attempting a real exam.
SkillCertPro updates exam questions every 2 weeks.
You will get life time access and life time free updates
SkillCertPro assures 100% pass guarantee in first attempt.
Question 1:
Which of the following utilities could be used to resolve an IP address to a domain name, assuming the address has a PTR record?
A. ifconfig
B. ping
C. arp
D. nbtstat
Answer: B
Question 2:
A security analyst has just completed a vulnerability scan of servers that support a business critical application that is managed by an outside vendor. The results of the scan indicate the devices are missing critical patches. Which of the following factors can inhibit remediation of these vulnerabilities? (Choose two.)
A. Inappropriate data classifications
B. SLAs with the supporting vendor
C. Business process interruption
D. Required sandbox testing
E. Incomplete asset inventory
Answer: C, D
Question 3:
A security analyst is reviewing packet captures for a specific server that is suspected of containing malware and discovers the following packets:
Larger image
Which of the following traffic patterns or data would be MOST concerning to the security analyst?
A. Port used for SMTP traffic from 73.252.34.101
B. Unencrypted password sent from 103.34.243.12
C. Anonymous access granted by 103.34.243.12
D. Ports used for HTTP traffic from 202.53.245.78
Answer: C
Question 4:
A technician receives an alert indicating an endpoint is beaconing to a suspect dynamic DNS domain. Which of the following countermeasures should be used to
BEST protect the network in response to this alert? (Choose two.)
A. Set up a sinkhole for that dynamic DNS domain to prevent communication.
B. Isolate the infected endpoint to prevent the potential spread of malicious activity.
C. Implement an internal honeypot to catch the malicious traffic and trace it.
D. Perform a risk assessment and implement compensating controls.
E. Ensure the IDS is active on the network segment where the endpoint resides.
Answer: A, B
Question 5:
A security analyst discovers a network intrusion and quickly solves the problem by closing an unused port. Which of the following should be completed?
A. Vulnerability report
B. Memorandum of agreement
C. Reverse-engineering incident report
D. Lessons learned report
Answer: D
For a full set of 730+ questions. Go to
https://skillcertpro.tech/product/comp-tia-cysa-cs0-003-practice-tests/
SkillCertPro offers detailed explanations to each question which helps to understand the concepts better.
It is recommended to score above 85% in SkillCertPro exams before attempting a real exam.
SkillCertPro updates exam questions every 2 weeks.
You will get life time access and life time free updates
SkillCertPro assures 100% pass guarantee in first attempt.
Question 6:
A computer at a company was used to commit a crime. The system was seized and removed for further analysis. Which of the following is the purpose of labeling cables and connections when seizing the computer system
A. To capture the system configuration as it was at the time it was removed
B. To maintain the chain of custody
C. To block any communication with the computer system from attack
D. To document the model, manufacturer, and type of cables connected
Answer: A
Question 7:
An analyst reviews a recent report of vulnerabilities on a company’s financial application server. Which of the following should the analyst rate as being of the
HIGHEST importance to the company’s environment?
A. Banner grabbing
B. Remote code execution
C. SQL injection
D. Use of old encryption algorithms
E. Susceptibility to XSS
Answer: B
Question 8:
A vulnerability analyst needs to identify all systems with unauthorized web servers on the 10.1.1.0/24 network. The analyst uses the following default Nmap scan: nmap “”sV “”p 1-65535 10.1.1.0/24
Which of the following would be the result of running the above command?
A. This scan checks all TCP ports.
B. This scan probes all ports and returns open ones.
C. This scan checks all TCP ports and returns versions.
D. This scan identifies unauthorized servers.
Answer: C
Question 9:
A cybersecurity analyst is hired to review the security measures implemented within the domain controllers of a company. Upon review, the cybersecurity analyst notices a brute force attack can be launched against domain controllers that run on a Windows platform. The first remediation step implemented by the cybersecurity analyst is to make the account passwords more complex. Which of the following is the NEXT remediation step the cybersecurity analyst needs to implement?
A. Disable the ability to store a LAN manager hash.
B. Deploy a vulnerability scanner tool.
C. Install a different antivirus software.
D. Perform more frequent port scanning.
E. Move administrator accounts to a new security group.
Answer: E
Question 10:
A security analyst is preparing for the company’s upcoming audit. Upon review of the company’s latest vulnerability scan, the security analyst finds the following open issues:
Which of the following vulnerabilities should be prioritized for remediation FIRST?
A. ICMP timestamp request remote date disclosure
B. Anonymous FTP enabled
C. Unsupported web server detection
D. Microsoft Windows SMB service enumeration via \srvsvc
Answer: C
For a full set of 730+ questions. Go to
https://skillcertpro.tech/product/comp-tia-cysa-cs0-003-practice-tests/
SkillCertPro offers detailed explanations to each question which helps to understand the concepts better.
It is recommended to score above 85% in SkillCertPro exams before attempting a real exam.
SkillCertPro updates exam questions every 2 weeks.
You will get life time access and life time free updates
SkillCertPro assures 100% pass guarantee in first attempt.