CS0-003 • Practice Test 2
Free CS0-003 practice test — 10 questions with explanations. Set 2. No signup required.
A SOC analyst reviews DNS telemetry and sees a workstation resolving hundreds of algorithmically generated domains at fixed intervals, with most responses returning NXDOMAIN. What evidence should the analyst prioritize to validate command-and-control beaconing? In the evidence source phase, Which evidence source best supports or refutes the detection?