CS0-003 試験問題 291
最近、ゼロデイ脆弱性が活発に悪用されています。この脆弱性は、ユーザーの操作や権限昇格を必要とせず、機密性と整合性に重大な影響を与えますが、可用性には影響を与えません。このゼロデイ脅威に対して、以下のCVE指標のうちどれが最も正確でしょうか?
CS0-003 試験問題 292
A user is flagged for consistently consuming a high volume of network bandwidth over the past week. During the investigation, the security analyst finds traffic to the following websites:
Date/Time
URL
Destination Port
Bytes In
Bytes Out
12/24/2023 14:00:25
youtube.com
80
450000
4587
12/25/2023 14:09:30
translate.google.com
80
2985
3104
12/25/2023 14:10:00
tiktok.com
443
675000
105
12/25/2023 16:00:45
netflix.com
443
525900
295
12/26/2023 16:30:45
grnail.com
443
1250
525984
12/31/2023 17:30:25
office.com
443
350000
450
12/31/2023 17:35:00
youtube.com
443
300
350000
Which of the following data flows should the analyst investigate first?
Date/Time
URL
Destination Port
Bytes In
Bytes Out
12/24/2023 14:00:25
youtube.com
80
450000
4587
12/25/2023 14:09:30
translate.google.com
80
2985
3104
12/25/2023 14:10:00
tiktok.com
443
675000
105
12/25/2023 16:00:45
netflix.com
443
525900
295
12/26/2023 16:30:45
grnail.com
443
1250
525984
12/31/2023 17:30:25
office.com
443
350000
450
12/31/2023 17:35:00
youtube.com
443
300
350000
Which of the following data flows should the analyst investigate first?
CS0-003 試験問題 293
Thousands of computers were compromised in the compromise was detected on only three computers during the latest vulnerability scan. An analyst conducts an after action review to determine why the vulnerability was not detected on more computers. The analyst recreates the following configuration that was used to scan the network:
Which of the following best explains the reason the vulnerability was found only on three computers?
Which of the following best explains the reason the vulnerability was found only on three computers?
CS0-003 試験問題 294
インシデントの調査後にアナリストが実行する可能性が高いアクションは次のうちどれですか?
CS0-003 試験問題 295
SOCアナリストは、デバイスのオペレーティングシステムに関係なく、外部の脅威に対する保護を強化するために、すべてのエンドポイントに防御層を追加することを推奨しています。次のうち、この要件に最も合致するものはどれですか?
要件?
要件?