- Home
- CompTIA
- CompTIA Cybersecurity Analyst (CySA+) Certification Exam
- CuramSoftware.CS0-002.v2023-09-19.q116
- Question 38
Valid CS0-002 Dumps shared by ExamDiscuss.com for Helping Passing CS0-002 Exam! ExamDiscuss.com now offer the newest CS0-002 exam dumps, the ExamDiscuss.com CS0-002 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com CS0-002 dumps with Test Engine here:
Access CS0-002 Dumps Premium Version
(371 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 38/116
While investigating reports or issues with a web server, a security analyst attempts to log in remotely and recedes the following message:
The analyst accesses the server console, and the following console messages are displayed:
The analyst is also unable to log in on the console. While reviewing network captures for the server, the analyst sees many packets with the following signature:
Which of the following is the BEST step for the analyst to lake next in this situation?
The analyst accesses the server console, and the following console messages are displayed:
The analyst is also unable to log in on the console. While reviewing network captures for the server, the analyst sees many packets with the following signature:
Which of the following is the BEST step for the analyst to lake next in this situation?
Correct Answer: D
Cryptomining malware, or cryptojacking, is a type of malware that hides on a device and uses its computing resources to mine for valuable online currencies like Bitcoin. Cryptomining malware can cause performance issues, increased energy consumption, overheating, or hardware damage1 The analyst encountered cryptomining malware on the web server, as indicated by the following signs:
The analyst was unable to log in remotely or on the console, as the malware blocked access to prevent detection or removal.
The console messages showed that the server was running out of memory and CPU resources, as the malware consumed all available resources for mining.
The network captures showed many packets with a signature of "Stratum", which is a protocol used for communication between miners and mining pools2 The best step for the analyst to take next is to reboot the server and disable any cron jobs or startup scripts that start the mining software. This can help stop the mining activity and restore access to the server. The analyst should also scan the server for any other traces of malware and remove them.
The analyst was unable to log in remotely or on the console, as the malware blocked access to prevent detection or removal.
The console messages showed that the server was running out of memory and CPU resources, as the malware consumed all available resources for mining.
The network captures showed many packets with a signature of "Stratum", which is a protocol used for communication between miners and mining pools2 The best step for the analyst to take next is to reboot the server and disable any cron jobs or startup scripts that start the mining software. This can help stop the mining activity and restore access to the server. The analyst should also scan the server for any other traces of malware and remove them.
- Question List (116q)
- Question 1: Industry partners from critical infrastructure organizations...
- Question 2: A threat hurting team received a new loC from an ISAC that f...
- Question 3: A security analyst sees the following OWASP ZAP output from ...
- Question 4: At which of the following phases of the SDLC shoukJ security...
- Question 5: An organization has the following policies: *Services must r...
- Question 6: The following output is from a tcpdump al the edge of the co...
- Question 7: A manufacturing company uses a third-party service provider ...
- Question 8: Which of the following factors would determine the regulatio...
- Question 9: An organization has the following risk mitigation policy: Ri...
- Question 10: A company employee downloads an application from the interne...
- Question 11: After a remote command execution incident occurred on a web ...
- Question 12: An organization has a policy that requires servers to be ded...
- Question 13: An organization prohibits users from logging in to the admin...
- Question 14: In web application scanning, static analysis refers to scann...
- Question 15: A security analyst is reviewing the output of tcpdump to ana...
- Question 16: A security analyst recently observed evidence of an attack a...
- Question 17: A security analyst is reviewing the following log entries to...
- Question 18: Company A is m the process of merging with Company B As part...
- Question 19: Which of the following BEST describes how logging and monito...
- Question 20: A company's Chief Information Security Officer (CISO) publis...
- Question 21: While implementing a PKI for a company, a security analyst p...
- Question 22: A security technician configured a NIDS to monitor network t...
- Question 23: Which of the following APT adversary archetypes represent no...
- Question 24: The majority of a company's employees have stated they are u...
- Question 25: A security analyst is reviewing WAF alerts and sees the foll...
- Question 26: The Chief Information Security Officer (CISO) of a large fin...
- Question 27: In response to an audit finding, a company's Chief informati...
- Question 28: You are a penetration tester who is reviewing the system har...
- Question 29: Which of the following software assessment methods world pea...
- Question 30: A code review reveals a web application is using lime-based ...
- Question 31: An analyst is reviewing the following output as part of an i...
- Question 32: A security technician is testing a solution that will preven...
- Question 33: The security team decides to meet informally to discuss and ...
- Question 34: During a company's most recent incident, a vulnerability in ...
- Question 35: An organizational policy requires one person to input accoun...
- Question 36: During an Incident, it Is determined that a customer databas...
- Question 37: A security analyst is monitoring a company's network traffic...
- Question 38: While investigating reports or issues with a web server, a s...
- Question 39: Which of the following BEST describes how logging and monito...
- Question 40: Which of the following are considered PII by themselves? (Se...
- Question 41: The help desk is having difficulty keeping up with all onboa...
- Question 42: A security analyst needs to provide a copy of a hard drive f...
- Question 43: Given the Nmap request below: (Exhibit) Which of the followi...
- Question 44: During an audit, several customer order forms were found to ...
- Question 45: While reviewing a vulnerability assessment, an analyst notic...
- Question 46: Which of the following is a reason to use a nsk-based cybers...
- Question 47: To validate local system-hardening requirements, which of th...
- Question 48: During an incident response procedure, a security analyst co...
- Question 49: An analyst is responding 10 an incident involving an attack ...
- Question 50: An incident response team is responding to a breach of multi...
- Question 51: Wncn ol the following provides an automated approach 10 chec...
- Question 52: Which of the following is the BEST way to gather patch infor...
- Question 53: A company offers a hardware security appliance to customers ...
- Question 54: A security analyst is investigating a compromised Linux serv...
- Question 55: An organization is developing software to match customers' e...
- Question 56: During an audit several customer order forms were found to c...
- Question 57: Which of the following is an advantage of SOAR over SIEM?...
- Question 58: A security analyst who works in the SOC receives a new requi...
- Question 59: A cyber-security analyst is implementing a new network confi...
- Question 60: An IT security analyst has received an email alert regarding...
- Question 61: After a series of Group Policy Object updates, multiple serv...
- Question 62: A security analyst is investigating a reported phishing atte...
- Question 63: A security engineer is reviewing security products that iden...
- Question 64: Which of the following organizational initiatives would be M...
- Question 65: Which of the following BEST explains the function of a manag...
- Question 66: A Chief Executive Officer (CEO) is concerned about the compa...
- Question 67: A security manager has asked an analyst to provide feedback ...
- Question 68: A help desk technician inadvertently sent the credentials of...
- Question 69: A security analyst is reviewing the following server statist...
- Question 70: Which of the following is the software development process b...
- Question 71: Which of the following BEST explains the function of trusted...
- Question 72: A customer notifies a security analyst that a web applicatio...
- Question 73: The IT department is concerned about the possibility of a gu...
- Question 74: Which of the following ICS network protocols has no inherent...
- Question 75: A company's legal department is concerned that its incident ...
- Question 76: Due to a rise m cyberattackers seeking PHI, a healthcare com...
- Question 77: A security officer needs to find the most cost-effective sol...
- Question 78: An organization wants to move non-essential services into a ...
- Question 79: During routine monitoring a security analyst identified the ...
- Question 80: The developers recently deployed new code to three web serve...
- Question 81: A security analyst is attempting to resolve an incident in w...
- Question 82: industry partners from critical infrastructure organizations...
- Question 83: To prioritize the morning's work, an analyst is reviewing se...
- Question 84: An organization is focused on restructuring its data governa...
- Question 85: A company is experiencing a malware attack within its networ...
- Question 86: A company has a cluster of web servers that is critical to t...
- Question 87: Legacy medical equipment, which contains sensitive data, can...
- Question 88: A Chief Information Officer wants to implement a BYOD strate...
- Question 89: Which of the following BEST describes HSM?...
- Question 90: An email analysis system notifies a security analyst that th...
- Question 91: Ensuring that all areas of security have the proper controls...
- Question 92: An organization supports a large number of remote users. Whi...
- Question 93: While conducting a cloud assessment, a security analyst perf...
- Question 94: A new variant of malware is spreading on the company network...
- Question 95: A security analyst is handling an incident in which ransomwa...
- Question 96: Which of the following are the MOST likely reasons lo includ...
- Question 97: A security analyst needs to provide the development team wit...
- Question 98: A company's application development has been outsourced to a...
- Question 99: A security analyst performs various types of vulnerability s...
- Question 100: A security analyst is researching ways to improve the securi...
- Question 101: After examining a header and footer file, a security analyst...
- Question 102: An organization wants to ensure the privacy of the data that...
- Question 103: A security analyst is concerned the number of security incid...
- Question 104: A company recently experienced a breach of sensitive informa...
- Question 105: As part of an Intelligence feed, a security analyst receives...
- Question 106: A development team recently released a new version of a publ...
- Question 107: A security is reviewing a vulnerability scan report and note...
- Question 108: A product manager is working with an analyst to design a new...
- Question 109: A company uses an FTP server to support its critical busines...
- Question 110: A small business does not have enough staff in the accountin...
- Question 111: An organization has the following risk mitigation policies *...
- Question 112: Which of the following is MOST dangerous to the client envir...
- Question 113: An organization is adopting loT devices at an increasing rat...
- Question 114: An analyst determines a security incident has occurred Which...
- Question 115: A company's Chief Information Officer wants to use a CASB so...
- Question 116: During a routine review of service restarts a security analy...
[×]
Download PDF File
Enter your email address to download CuramSoftware.CS0-002.v2023-09-19.q116.pdf