QUESTION: 61

A user downloads software that contains malware onto a computer that eventually infects numerous other systems.
Which of the following has the user become?

Hacktivist
Advanced persistent threat
Insider threat
Script kiddie

Answer(s): C

Show Answer Next Question

An organization has activated the CSIRT. A security analyst believes a single virtual server was compromised and immediately isolated from the network.
Which of the following should the CSIRT conduct next?

Take a snapshot of the compromised server and verify its integrity
Restore the affected server to remove any malware
Contact the appropriate government agency to investigate
Research the malware strain to perform attribution

Answer(s): A

Show Answer Next Question

QUESTION: 63

During an incident, an analyst needs to acquire evidence for later investigation.
Which of the following must be collected first in a computer system, related to its volatility level?

Disk contents
Backup data
Temporary files
Running processes

Answer(s): D

Show Answer Next Question

QUESTION: 64

A security analyst is trying to identify possible network addresses from different source networks belonging to the same company and region.
Which of the following shell script functions could help achieve the goal?

function w() { a=$(ping -c 1 $1 | awk-F ”/” ’END{print $1}’) && echo “$1 | $a” }
function x() { b=traceroute -m 40 $1 | awk ’END{print $1}’) && echo “$1 | $b” }
function y() { dig $(dig -x $1 | grep PTR | tail -n 1 | awk -F ”.in-addr” ’{print $1}’).origin.asn.cymru.com TXT +short }
function z() { c=$(geoiplookup$1) && echo “$1 | $c” }

Answer(s): C

Show Answer Next Question

Free CompTIA CS0-003 Exam Braindumps (page: 17)

QUESTION: 61

QUESTION: 62

QUESTION: 63

QUESTION: 64

CS0-003 Exam Discussions & Posts