CompTIA CS0-003 Practice Exams
Last updated on Apr 07,2025- Exam Code: CS0-003
- Exam Name: CompTIA Cybersecurity Analyst (CySA+) Exam
- Certification Provider: CompTIA
- Latest update: Apr 07,2025
A company is concerned with finding sensitive file storage locations that are open to the public. The current internal cloud network is flat.
Which of the following is the best solution to secure the network?
- A . Implement segmentation with ACLs.
- B . Configure logging and monitoring to the SIEM.
- C . Deploy MFA to cloud storage locations.
- D . Roll out an IDS.
Which of the following is the most important factor to ensure accurate incident response reporting?
- A . A well-defined timeline of the events
- B . A guideline for regulatory reporting
- C . Logs from the impacted system
- D . A well-developed executive summary
A small company does no! have enough staff to effectively segregate duties to prevent error and fraud in payroll management. The Chief Information Security Officer (CISO) decides to maintain and review logs and audit trails to mitigate risk.
Which of the following did the CISO implement?
- A . Corrective controls
- B . Compensating controls
- C . Operational controls
- D . Administrative controls
A software developer has been deploying web applications with common security risks to include insufficient logging capabilities.
Which of the following actions would be most effective to reduce risks associated with the application development?
- A . Perform static analyses using an integrated development environment.
- B . Deploy compensating controls into the environment.
- C . Implement server-side logging and automatic updates.
- D . Conduct regular code reviews using OWASP best practices.
Which Of the following techniques would be best to provide the necessary assurance for embedded software that drives centrifugal pumps at a power Plant?
- A . Containerization
- B . Manual code reviews
- C . Static and dynamic analysis
- D . Formal methods
A SOC receives several alerts indicating user accounts are connecting to the company’s identity provider through non-secure communications. User credentials for accessing sensitive, business-critical systems could be exposed.
Which of the following logs should the SOC use when determining malicious intent?
- A . DNS
- B . tcpdump
- C . Directory
- D . IDS
A Chief Information Security Officer (CISO) is concerned that a specific threat actor who is known to target the company’s business type may be able to breach the network and remain inside of it for an extended period of time.
Which of the following techniques should be performed to meet the CISO’s goals?
- A . Vulnerability scanning
- B . Adversary emulation
- C . Passive discovery
- D . Bug bounty
A security analyst found the following vulnerability on the company’s website:
<INPUT TYPE=“IMAGE” SRC=“javascript:alert(‘test’);”>
Which of the following should be implemented to prevent this type of attack in the future?
- A . Input sanitization
- B . Output encoding
- C . Code obfuscation
- D . Prepared statements
An organization is conducting a pilot deployment of an e-commerce application. The application’s source code is not available.
Which of the following strategies should an analyst recommend to evaluate the security of the software?
- A . Static testing
- B . Vulnerability testing
- C . Dynamic testing
- D . Penetration testing
An analyst is evaluating a vulnerability management dashboard. The analyst sees that a previously remediated vulnerability has reappeared on a database server.
Which of the following is the most likely cause?
- A . The finding is a false positive and should be ignored.
- B . A rollback had been executed on the instance.
- C . The vulnerability scanner was configured without credentials.
- D . The vulnerability management software needs to be updated.