ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-002 All Questions

View all questions & answers for the CS0-002 exam
Go to Exam

Exam CS0-002 topic 1 question 362 discussion

Actual exam question from CompTIA's CS0-002
Question #: 362
Topic #: 1
[All CS0-002 Questions]

A security analyst recently observed evidence of an attack against a company’s web server. The analyst investigated the issue but was unable to find an exploit that adequately explained the observations. Which of the following is the most likely cause of this issue?

  • A. The security analyst needs updated forensic analysis tools.
  • B. The security analyst needs more training on threat hunting and research.
  • C. The security analyst has potentially found a zero-day vulnerability that has been exploited.
  • D. The security analyst has encountered a polymorphic piece of malware.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by CyberCEH at May 19, 2023, 3 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
JakeH
1 year, 7 months ago
On exam
upvoted 2 times
...
Rori791
1 year, 9 months ago
Selected Answer: C
A zero-day vulnerability is a type of vulnerability that is unknown to the software vendor or the security community, and therefore has no patch or fix available. If an attacker has used a zero-day vulnerability, it could explain why the analyst is unable to find an exploit that adequately explains the observations. Therefore, this option is the most likely cause of the issue.
upvoted 1 times
...
CyberCEH
1 year, 11 months ago
Answer C
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago