New Year Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

  1. Home
  2. CompTIA
  3. CompTIA CySA+
  4. CS0-003 - CompTIA CyberSecurity Analyst CySA+ Certification Exam

CS0-003 Exam Dumps - CompTIA CyberSecurity Analyst CySA+ Certification Exam

Searching for workable clues to ace the CompTIA CS0-003 Exam? You’re on the right place! ExamCert has realistic, trusted and authentic exam prep tools to help you achieve your desired credential. ExamCert’s CS0-003 PDF Study Guide, Testing Engine and Exam Dumps follow a reliable exam preparation strategy, providing you the most relevant and updated study material that is crafted in an easy to learn format of questions and answers. ExamCert’s study tools aim at simplifying all complex and confusing concepts of the exam and introduce you to the real exam scenario and practice it with the help of its testing engine and real exam dumps

Go to page:
Question # 129

A SOC analyst observes reconnaissance activity from an IP address. The activity follows a pattern of short bursts toward a low number of targets. An open-source review shows that the IP has a bad reputation. The perimeter firewall logs indicate the inbound traffic was allowed. The destination hosts are high-value assets with EDR agents installed. Which of the following is the best action for the SOC to take to protect against any further activity from the source IP?

A.

Add the IP address to the EDR deny list.

B.

Create a SIEM signature to trigger on any activity from the source IP subnet detected by the web proxy or firewalls for immediate notification.

C.

Implement a prevention policy for the IP on the WAF

D.

Activate the scan signatures for the IP on the NGFWs.

Full Access
Go to page:

Hot Exams

AZ-900 Dumps
200-301 Dumps
350-401 Dumps
350-701 Dumps
AZ-104 Dumps
CS0-003 Dumps
N10-009 Dumps
SY0-701 Dumps
CAS-005 Dumps
PT0-003 Dumps
ZDTA Dumps