ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-003 All Questions

View all questions & answers for the CS0-003 exam
Go to Exam

Exam CS0-003 topic 1 question 243 discussion

Actual exam question from CompTIA's CS0-003
Question #: 243
Topic #: 1
[All CS0-003 Questions]

A security analyst receives an alert for suspicious activity on a company laptop. An excerpt of the log is shown below:



Which of the following has most likely occurred?

  • A. An Office document with a malicious macro was opened.
  • B. A credential-stealing website was visited.
  • C. A phishing link in an email was clicked.
  • D. A web browser vulnerability was exploited.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Chiniwini at July 28, 2024, 3:51 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Chiniwini
Highly Voted 9 months, 2 weeks ago
Selected Answer: A
The sequence involving PowerShell and Microsoft Word (Event 5) strongly suggests the execution of a macro or script. This is a typical behavior of a malicious macro embedded in an Office document, which often uses PowerShell to perform further actions, such as downloading additional payloads or altering system settings.
upvoted 16 times
...
thisguyfucks
Most Recent 5 months, 1 week ago
Selected Answer: A
Choosing A on test.
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago