← Back to exam page

CS0-003 CompTIA CyberSecurity Analyst CySA+ Certification Exam

Loading demo links...

Showing 4–6 of 10 questions

Question 4

An incident response analyst notices multiple emails traversing the network that target only the administrators of the company. The email contains a concealed URL that leads to an unknown website in another country.

Which of the following best describes what is happening? (Choose two.)

Select all that apply, then click Submit answer.

  • Beaconinq

  • Domain Name System hijacking

  • Social engineering attack

  • On-path attack

  • Obfuscated links

  • Address Resolution Protocol poisoning
Question 5

Which of the following items should be included in a vulnerability scan report? (Choose two.)

Select all that apply, then click Submit answer.

  • Lessons learned

  • Service-level agreement

  • Playbook

  • Affected hosts

  • Risk score

  • Education plan
Question 6

A systems administrator is reviewing after-hours traffic flows from data-center servers and sees regular outgoing HTTPS connections from one of the servers to a public IP address. The server should not be making outgoing connections after hours. Looking closer, the administrator sees this traffic pattern around the clock during work hours as well. Which of the following is the most likely explanation?

Select an option, then click Submit answer.

  • C2 beaconing activity

  • Data exfiltration

  • Anomalous activity on unexpected ports

  • Network host IP address scanning

  • A rogue network device