CompTIA CS0-003 Exam Actual Questions

The questions for CS0-003 were last updated on Nov. 29, 2023.

Viewing page 1 out of 39 pages.
Viewing questions 1-4 out of 162 questions

Topic 1 - Exam A

Question #1 Topic 1

A recent zero-day vulnerability is being actively exploited, requires no user interaction or privilege escalation, and has a significant impact to confidentiality and integrity but not to availability. Which of the following CVE metrics would be most accurate for this zero-day threat?

A. CVSS:31/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:K/A:L
B. CVSS:31/AV:K/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L
C. CVSS:31/AV:N/AC:L/PR:N/UI:H/S:U/C:L/I:N/A:H
D. CVSS:31/AV:L/AC:L/PR:R/UI:R/S:U/C:H/I:L/A:H

Reveal Solution Discussion 17

Correct Answer: A 🗳️

Question #2 Topic 1

Which of the following tools would work best to prevent the exposure of PII outside of an organization?

A. PAM
B. IDS
C. PKI
D. DLP

Reveal Solution Discussion 6

Correct Answer: D 🗳️

Question #3 Topic 1

An organization conducted a web application vulnerability assessment against the corporate website, and the following output was observed:

Which of the following tuning recommendations should the security analyst share?

A. Set an HttpOnly flag to force communication by HTTPS
B. Block requests without an X-Frame-Options header
C. Configure an Access-Control-Allow-Origin header to authorized domains
D. Disable the cross-origin resource sharing header

Reveal Solution Discussion 8

Correct Answer: B 🗳️

Question #4 Topic 1

Which of the following items should be included in a vulnerability scan report? (Choose two.)

A. Lessons learned
B. Service-level agreement
C. Playbook
D. Affected hosts
E. Risk score
F. Education plan

Reveal Solution Discussion 3

Correct Answer: DE 🗳️

CompTIA CS0-003 Exam Actual Questions

The questions for CS0-003 were last updated on Nov. 29, 2023.

Topic 1 - Exam A

New Version GCP Professional Cloud Architect Certificate & Helpful Information

The 5 Most In-Demand Project Management Certifications of 2019