- Home
- CompTIA
- CompTIA Cybersecurity Analyst (CySA+) Certification Exam
- CompTIA.CS0-001.v2018-11-27.q144
- Question 141
Valid CS0-001 Dumps shared by ExamDiscuss.com for Helping Passing CS0-001 Exam! ExamDiscuss.com now offer the newest CS0-001 exam dumps, the ExamDiscuss.com CS0-001 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com CS0-001 dumps with Test Engine here:
Access CS0-001 Dumps Premium Version
(458 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 141/144
A security analyst is performing a forensic analysis on a machine that was the subject of some historic SIEM alerts. The analyst noticed some network connections utilizing SSL on non-common ports, copies of svchost.exe and cmd.exe in %TEMP% folder, and RDP files that had connected to external IPs. Which of the following threats has the security analyst uncovered?
Correct Answer: B
Explanation/Reference:
Explanation:
Explanation:
- Question List (144q)
- Question 1: A security analyst is concerned that unauthorized users can ...
- Question 2: An organization is attempting to harden its web servers and ...
- Question 3: Which of the following is a control that allows a mobile app...
- Question 4: An HR employee began having issues with a device becoming un...
- Question 5: A cybersecurity analyst is reviewing log data and sees the o...
- Question 6: Which of the following actions should occur to address any o...
- Question 7: A software assurance lab is performing a dynamic assessment ...
- Question 8: A security analyst is performing a review of Active Director...
- Question 9: Various devices are connecting and authenticating to a singl...
- Question 10: A recently issued audit report highlighted exceptions relate...
- Question 11: Using a heuristic system to detect an anomaly in a computer'...
- Question 12: A company has received the results of an external vulnerabil...
- Question 13: The Chief Information Security Officer (CISO) asked for a to...
- Question 14: An investigation showed a worm was introduced from an engine...
- Question 15: A company has several internal-only, web-based applications ...
- Question 16: An analyst has noticed unusual activities in the SIEM to a ....
- Question 17: Which of the following has the GREATEST impact to the data r...
- Question 18: Which of the following represent the reasoning behind carefu...
- Question 19: A medical organization recently started accepting payments o...
- Question 20: A university wants to increase the security posture of its n...
- Question 21: A security analyst has discovered that an outbound SFTP proc...
- Question 22: An organization uses Common Vulnerability Scoring System (CV...
- Question 23: A cybersecurity analyst is conducting packet analysis on the...
- Question 24: A network administrator is attempting to troubleshoot an iss...
- Question 25: Company A suspects an employee has been exfiltrating PII via...
- Question 26: A network technician is concerned that an attacker is attemp...
- Question 27: A recent vulnerability scan found four vulnerabilities on an...
- Question 28: An analyst was testing the latest version of an internally d...
- Question 29: A security analyst begins to notice the CPU utilization from...
- Question 30: A cybersecurity analyst is hired to review the security post...
- Question 31: A web application has a newly discovered vulnerability in th...
- Question 32: A Linux-based file encryption malware was recently discovere...
- Question 33: An organization has recently experienced a data breach. A fo...
- Question 34: A centralized tool for organizing security events and managi...
- Question 35: When network administrators observe an increased amount of w...
- Question 36: During which of the following NIST risk management framework...
- Question 37: A security analyst is assisting with a computer crime invest...
- Question 38: A recent audit has uncovered several coding errors and a lac...
- Question 39: After scanning the main company's website with the OWASP ZAP...
- Question 40: The primary difference in concern between remediating identi...
- Question 41: Which of the following stakeholders would need to be aware o...
- Question 42: There have been several exploits to critical devices within ...
- Question 43: A security analyst is conducting traffic analysis and observ...
- Question 44: As part of the SDLC, software developers are testing the sec...
- Question 45: Given the following output from a Linux machine: file2cable ...
- Question 46: In order to meet regulatory compliance objectives for the st...
- Question 47: As part of an upcoming engagement for a client, an analyst i...
- Question 48: A security administrator determines several months after the...
- Question 49: A threat intelligence feed has posted an alert stating there...
- Question 50: Which of the following principles describes how a security a...
- Question 51: A database administrator contacts a security administrator t...
- Question 52: A production web server is experiencing performance issues. ...
- Question 53: While a threat intelligence analyst was researching an indic...
- Question 54: A cybersecurity analyst has received an alert that well-know...
- Question 55: Which of the following commands would a security analyst use...
- Question 56: A cybersecurity consultant is reviewing the following output...
- Question 57: The director of software development is concerned with recen...
- Question 58: During a routine review of firewall logs, an analyst identif...
- Question 59: Which of the following remediation strategies are MOST effec...
- Question 60: An analyst is observing unusual network traffic from a works...
- Question 61: Management is concerned with administrator access from outsi...
- Question 62: Weeks before a proposed merger is scheduled for completion, ...
- Question 63: The security configuration management policy states that all...
- Question 64: A staff member reported that a laptop has degraded performan...
- Question 65: While reviewing proxy logs, the security analyst noticed a s...
- Question 66: A penetration tester is preparing for an audit of critical s...
- Question 67: A cybersecurity analyst was hired to resolve a security issu...
- Question 68: After a recent security breach, it was discovered that a dev...
- Question 69: A systems administrator is trying to secure a critical syste...
- Question 70: A system administrator has reviewed the following output: (E...
- Question 71: A company has implemented WPA2, a 20-character minimum for t...
- Question 72: While preparing for a third-party audit, the vice president ...
- Question 73: Which of the following tools should a cybersecurity analyst ...
- Question 74: A nuclear facility manager determined the need to monitor ut...
- Question 75: A new zero-day vulnerability was discovered within a basic s...
- Question 76: Several users have reported that when attempting to save doc...
- Question 77: A cybersecurity professional wants to determine if a web ser...
- Question 78: Three similar production servers underwent a vulnerability s...
- Question 79: An organization wants to remediate vulnerabilities associate...
- Question 80: A cybersecurity analyst has received a report that multiple ...
- Question 81: A technician is running an intensive vulnerability scan to d...
- Question 82: A security analyst has determined that the user interface on...
- Question 83: A security analyst is attempting to configure a vulnerabilit...
- Question 84: A malware infection spread to numerous workstations within t...
- Question 85: A cybersecurity analyst traced the source of an attack to co...
- Question 86: The new Chief Technology Officer (CTO) is seeking recommenda...
- Question 87: A cybersecurity analyst has been asked to follow a corporate...
- Question 88: Considering confidentiality and integrity, which of the foll...
- Question 89: The help desk informed a security analyst of a trend that is...
- Question 90: A threat intelligence analyst who works for a technology fir...
- Question 91: Scan results identify critical Apache vulnerabilities on a c...
- Question 92: An application development company released a new version of...
- Question 93: A pharmacy gives its clients online access to their records ...
- Question 94: A cybersecurity analyst has several SIEM event logs to revie...
- Question 95: A computer has been infected with a virus and is sending out...
- Question 96: A company has decided to process credit card transactions di...
- Question 97: Which of the following is a vulnerability when using Windows...
- Question 98: A security analyst is creating baseline system images to rem...
- Question 99: An insurance company employs quick-response team drivers tha...
- Question 100: A retail corporation with widely distributed store locations...
- Question 101: A technician recently fixed a computer with several viruses ...
- Question 102: A cybersecurity analyst is completing an organization's vuln...
- Question 103: Alerts have been received from the SIEM, indicating infectio...
- Question 104: A security analyst is reviewing the following log after enab...
- Question 105: Which of the following countermeasures should the security a...
- Question 106: After running a packet analyzer on the network, a security a...
- Question 107: When reviewing network traffic, a security analyst detects s...
- Question 108: Which of the following policies BEST explains the purpose of...
- Question 109: Creating a lessons learned report following an incident will...
- Question 110: A newly discovered malware has a known behavior of connectin...
- Question 111: An organization wants to remediate vulnerabilities associate...
- Question 112: A security analyst has determined the security team should t...
- Question 113: During the forensic phase of security investigation, it was ...
- Question 114: Law enforcement has contacted a corporation's legal counsel ...
- Question 115: Which of the following are essential components within the r...
- Question 116: A security analyst at a small regional bank has received an ...
- Question 117: An analyst wants to use a command line tool to identify open...
- Question 118: An analyst has received unusual alerts on the SIEM dashboard...
- Question 119: A zero-day crypto-worm is quickly spreading through the inte...
- Question 120: A security analyst is reviewing a report from the networking...
- Question 121: During a routine network scan, a security administrator disc...
- Question 122: A security professional is analyzing the results of a networ...
- Question 123: A cybersecurity analyst has several log files to review. Ins...
- Question 124: Which of the following is MOST effective for correlation ana...
- Question 125: A red team actor observes it is common practice to allow cel...
- Question 126: A security analyst has been asked to remediate a server vuln...
- Question 127: After reviewing the following packet, a cybersecurity analys...
- Question 128: Nmap scan results on a set of IP addresses returned one or m...
- Question 129: An analyst finds that unpatched servers have undetected vuln...
- Question 130: Company A permits visiting business partners from Company B ...
- Question 131: An alert has been distributed throughout the information sec...
- Question 132: Datacenter access is controlled with proximity badges that r...
- Question 133: Which of the following systems would be at the GREATEST risk...
- Question 134: Which of the following items represents a document that incl...
- Question 135: A Chief Information Security Officer (CISO) wants to standar...
- Question 136: A cybersecurity analyst is retained by a firm for an open in...
- Question 137: A project lead is reviewing the statement of work for an upc...
- Question 138: An administrator has been investigating the way in which an ...
- Question 139: A software patch has been released to remove vulnerabilities...
- Question 140: During an investigation, a computer is being seized. Which o...
- Question 141: A security analyst is performing a forensic analysis on a ma...
- Question 142: A technician receives a report that a user's workstation is ...
- Question 143: A company discovers an unauthorized device accessing network...
- Question 144: Following a data compromise, a cybersecurity analyst noticed...
