CS0-003 Exam Question 21

A malicious actor has gained access to an internal network by means of social engineering. The actor does not want to lose access in order to continue the attack. Which of the following best describes the current stage of the Cyber Kill Chain that the threat actor is currently operating in?
  • CS0-003 Exam Question 22

    A security analyst needs to mitigate a known, exploited vulnerability related not tack vector that embeds software through the USB interface. Which of the following should the analyst do first?
  • CS0-003 Exam Question 23

    A security analyst is trying to detect connections to a suspicious IP address by collecting the packet captures from the gateway. Which of the following commands should the security analyst consider running?
  • CS0-003 Exam Question 24

    Which of the following would a security analyst most likely use to compare TTPs between different known adversaries of an organization?
  • CS0-003 Exam Question 25

    During a recent site survey. an analyst discovered a rogue wireless access point on the network. Which of the following actions should be taken first to protect the network while preserving evidence?