Free CompTIA CS0-003 Exam Braindumps (page: 9)

93.3% Passing Rate DOWNLOAD PDF EXAM
473 Questions & Answers
Page 9 of 120

A security program was able to achieve a 30% improvement in MTTR by integrating security controls into a SIEM. The analyst no longer had to jump between tools.
Which of the following best describes what the security program did?

  1. Data enrichment
  2. Security control plane
  3. Threat feed combination
  4. Single pane of glass

Answer(s): D



Due to reports of unauthorized activity that was occurring on the internal network, an analyst is performing a network discovery. The analyst runs an Nmap scan against a corporate network to evaluate which devices were operating in the environment. Given the following output:


Which of the following choices should the analyst look at first?

  1. wh4dc-748gy.lan (192.168.86.152)
  2. officerokuplayer.lan (192.168.86.22)
  3. imaging.lan (192.168.86.150)
  4. xlaptop.lan (192.168.86.249)
  5. p4wnp1_aloa.lan (192.168.86.56)

Answer(s): E



When starting an investigation, which of the following must be done first?

  1. Notify law enforcement
  2. Secure the scene
  3. Seize all related evidence
  4. Interview the witnesses

Answer(s): B



Which of the following describes how a CSIRT lead determines who should be communicated with and when during a security incident?

  1. The lead should review what is documented in the incident response policy or plan
  2. Management level members of the CSIRT should make that decision
  3. The lead has the authority to decide who to communicate with at any t me
  4. Subject matter experts on the team should communicate with others within the specified area of expertise

Answer(s): A






Post your Comments and Discuss CompTIA CS0-003 exam prep with other Community members:

CS0-003 Exam Discussions & Posts