Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us [email protected]
Menu
sale

Want to Unlock All Questions for this Exam?

Full Exam Access, Discussions, No Robots Checks

27
Students signed up in the last 24H

CompTIA CS0-003 Exam Actual Questions

The questions for CS0-003 were last updated on May 3, 2024.
  • Viewing page 1 out of 46 pages.
  • Viewing questions 1-5 out of 227 questions
 

Topic 1 - Exam A

Question #1 Topic 1

A recent zero-day vulnerability is being actively exploited, requires no user interaction or privilege escalation, and has a significant impact to confidentiality and integrity but not to availability. Which of the following CVE metrics would be most accurate for this zero-day threat?

  • A. CVSS:31/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:K/A:L
  • B. CVSS:31/AV:K/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L
  • C. CVSS:31/AV:N/AC:L/PR:N/UI:H/S:U/C:L/I:N/A:H
  • D. CVSS:31/AV:L/AC:L/PR:R/UI:R/S:U/C:H/I:L/A:H
Reveal Solution Hide Solution   Discussion   48

Correct Answer: A 🗳️

Question #2 Topic 1

Which of the following tools would work best to prevent the exposure of PII outside of an organization?

  • A. PAM
  • B. IDS
  • C. PKI
  • D. DLP
Reveal Solution Hide Solution   Discussion   9

Correct Answer: D 🗳️

Question #3 Topic 1

An organization conducted a web application vulnerability assessment against the corporate website, and the following output was observed:

Which of the following tuning recommendations should the security analyst share?

  • A. Set an HttpOnly flag to force communication by HTTPS
  • B. Block requests without an X-Frame-Options header
  • C. Configure an Access-Control-Allow-Origin header to authorized domains
  • D. Disable the cross-origin resource sharing header
Reveal Solution Hide Solution   Discussion   12

Correct Answer: B 🗳️

Question #4 Topic 1

Which of the following items should be included in a vulnerability scan report? (Choose two.)

  • A. Lessons learned
  • B. Service-level agreement
  • C. Playbook
  • D. Affected hosts
  • E. Risk score
  • F. Education plan
Reveal Solution Hide Solution   Discussion   3

Correct Answer: DE 🗳️

Question #5 Topic 1

The Chief Executive Officer of an organization recently heard that exploitation of new attacks in the industry was happening approximately 45 days after a patch was released. Which of the following would best protect this organization?

  • A. A mean time to remediate of 30 days
  • B. A mean time to detect of 45 days
  • C. A mean time to respond of 15 days
  • D. Third-party application testing
Reveal Solution Hide Solution   Discussion   30

Correct Answer: A 🗳️

Next Questions

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel