CS0-003 • Practice Test 5 — 10 Questions
Free CS0-003 practice test 5 — 10 questions with explanations. No signup required.
A SOC analyst reviews DNS telemetry and sees a workstation resolving hundreds of algorithmically generated domains at fixed intervals, with most responses returning NXDOMAIN. What evidence should the analyst prioritize to validate command-and-control beaconing? In the detection engineering phase, Which detection or tuning approach would reduce noise without losing the signal?