ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-002 All Questions

View all questions & answers for the CS0-002 exam
Go to Exam

Exam CS0-002 topic 1 question 16 discussion

Actual exam question from CompTIA's CS0-002
Question #: 16
Topic #: 1
[All CS0-002 Questions]

A security analyst is performing a Diamond Model analysis of an incident the company had last quarter. A potential benefit of this activity is that it can identify:

  • A. detection and prevention capabilities to improve.
  • B. which systems were exploited more frequently.
  • C. possible evidence that is missing during forensic analysis.
  • D. which analysts require more training.
  • E. the time spent by analysts on each of the incidents.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Davar39 at May 10, 2022, 5:28 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Davar39
Highly Voted 2 years, 11 months ago
Correct answer.
upvoted 5 times
...
HereToStudy
Most Recent 2 years ago
Selected Answer: A
Those other choices are strange
upvoted 2 times
...
Leonidasss
2 years ago
Selected Answer: A
correct is the way
upvoted 1 times
...
2Fish
2 years, 1 month ago
Selected Answer: A
A. Is correct, Per Jason Dion.
upvoted 1 times
...
david124
2 years, 5 months ago
Selected Answer: A
A Correct answer.
upvoted 1 times
...
Study4America
2 years, 5 months ago
I will go with A
upvoted 1 times
...
EVE12
2 years, 7 months ago
The Diamond Model of Intrusion Analysis Finalized in 2013, the Diamond Model of Intrusion Analysis serves as a practical analytical methodology for cybersecurity analysts to utilize before, during, and after cybersecurity intrusions. Aimed at strengthening our intrusion analysis, it’s the first model of its kind that scientifically incorporates both the fundamentals of threat actors/activities (offense) and the analytical techniques needed to discover, understand, and counteract these threat actors/activities (defense).
upvoted 1 times
...
amateurguy
2 years, 7 months ago
Selected Answer: A
A is correct.
upvoted 1 times
...
Laudy
2 years, 7 months ago
Selected Answer: A
"an incident" = so not B.... Diamond Model has nothing to do with tracking training or time tracked, so not D or E. I was think C because the Diamond model is very evidence based, but it states forensics. That's likely outdated unless harddrives were kept. But A seems like a decent possibility as Diamond Model also focuses on enumerating the adversary and developing countermeasures.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago