CS0-003 Exam Question 181

A security alert was triggered when an end user tried to access a website that is not allowed per organizational policy. Since the action is considered a terminable offense, the SOC analyst collects the authentication logs, web logs, and temporary files, reflecting the web searches from the user's workstation, to build the case for the investigation. Which of the following is the best way to ensure that the investigation complies with HR or privacy policies?
  • CS0-003 Exam Question 182

    A security analyst reviews the following results of a Nikto scan:

    Which of the following should the security administrator investigate next?
  • CS0-003 Exam Question 183

    An organization's threat intelligence team notes a recent trend in adversary privilege escalation procedures. Multiple threat groups have been observed utilizing native Windows tools to bypass system controls and execute commands with privileged credentials. Which of the following controls would be most effective to reduce the rate of success of such attempts?
  • CS0-003 Exam Question 184

    Which of the following best explains the importance of network microsegmentation as part of a Zero Trust architecture?
  • CS0-003 Exam Question 185

    A security analyst performs a vulnerability scan. Given the following findings:

    Which of the following machines should the analyst address first? (Select two).