CS0-003 • Practice Test 2 — 10 Questions
Free CS0-003 practice test 2 — 10 questions with explanations. No signup required.
A SOC analyst reviews DNS telemetry and sees a workstation resolving hundreds of algorithmically generated domains at fixed intervals, with most responses returning NXDOMAIN. What evidence should the analyst prioritize to validate command-and-control beaconing? In the evidence source phase, Which evidence source best supports or refutes the detection?