Analyst+ CS0-003.pdf
Q: 1
A cybersecurity analyst is tasked with scanning a web application to understand where the scan will
go and whether there are URIs that should be denied access prior to more in-depth scanning. Which
of following best fits the type of scanning activity requested?
Options
Q: 2
Which of the following is the most important reason for an incident response team to develop a
formal incident declaration?
Options
Q: 3
Which of the following will most likely ensure that mission-critical services are available in the event
of an incident?
Options
Q: 4
A security analyst reviews the latest vulnerability scans and observes there are vulnerabilities with
similar CVSSv3 scores but different base score metrics. Which of the following attack vectors should
the analyst remediate first?
Options
Q: 5
An incident response team is working with law enforcement to investigate an active web server
compromise. The decision has been made to keep the server running and to implement
compensating controls for a period of time. The web service must be accessible from the internet via
the reverse proxy and must connect to a database server. Which of the following compensating
controls will help contain the adversary while meeting the other requirements? (Select two).
Options
Q: 6
During an incident, analysts need to rapidly investigate by the investigation and leadership teams.
Which of the following best describes how PII should be safeguarded during an incident?
Options
Q: 7
Using open-source intelligence gathered from technical forums, a threat actor compiles and tests a
malicious downloader to ensure it will not be detected by the victim organization's endpoint security
protections. Which of the following stages of the Cyber Kill Chain best aligns with the threat actor's
actions?
Options
Q: 8
Which of the following risk management principles is accomplished by purchasing cyber insurance?
Options
Q: 9
A security analyst needs to ensure that systems across the organization are protected based on the
sensitivity of the content each system hosts. The analyst is working with the respective system
owners to help determine the best methodology that seeks to promote confidentiality, availability,
and integrity of the data being hosted. Which of the following should the security analyst perform
first to
categorize and prioritize the respective systems?
Options
Q: 10
Which of the following is most appropriate to use with SOAR when the security team would like to
automate actions across different vendor platforms?
Options
Question 1 of 10
