Back to CompTIA CySA+ CS0-003 questions

Scenario-based practice

Drag and Drop Matching Questions

Practise CompTIA CySA+ CS0-003 practice questions — original exam-style scenarios covering every exam domain, with detailed explanations, wrong-answer analysis, and common exam traps.

10
scenario questions
CS0-003
exam code
CompTIA
vendor

Scenario guide

How to approach drag and drop matching questions

Matching questions give you two columns — concepts, commands, or protocols on the left, and their definitions or use-cases on the right. You drag each left item to its correct match. These appear on most certification exams and punish superficial memorisation.

Quick answer

Drag and Drop Matching Questions questions test whether you can apply the concept in context, not just recognise a definition.

How the topic appears in realistic exam-style scenarios.

Which detail in the question changes the correct answer.

How to eliminate plausible but wrong options.

How to connect the question back to the wider exam objective.

Related practice questions

Related CS0-003 topic practice pages

Scenario questions usually connect to one or more exam topics. Use these links to review the underlying concepts behind the scenario.

Practice set

Practice scenarios

Question 1mediummatching
Full question →

Match each security tool to its primary purpose.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Network scanning and enumeration

Packet analysis

Exploitation framework

Web application security testing

Intrusion detection and prevention

Question 2mediummatching
Full question →

Match each network protocol to its well-known port number.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

22

443

53

25

3389

Question 3mediummatching
Full question →

Match each incident response phase to its activity.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Establish policies and tools

Identify potential incidents

Isolate affected systems

Remove threat from environment

Restore normal operations

Question 4mediummatching
Full question →

Match each threat intelligence source to its description.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Publicly available information

Sector-specific sharing community

Structured language for cyber threat intelligence

Protocol for exchanging threat intelligence

Open-source threat intelligence platform

Question 5mediummatching
Full question →

Match each log type to its typical source.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Windows Event Log (Security)

Linux/Unix system messages

Web server (e.g., Apache, IIS)

Database or application activity

Network firewall traffic records

Question 6mediummatching
Full question →

Match each vulnerability scanning concept to its definition.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Alert on non-existent vulnerability

Missed actual vulnerability

Scan with authenticated access

Scan without authenticated access

Standard severity rating for vulnerabilities

Question 7mediummatching
Full question →

Match each regulatory framework to its focus.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Data privacy in EU

Payment card security

Healthcare data protection

Financial reporting controls

Federal information security

Question 8mediummatching
Full question →

Match each analysis technique to its description.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Matches known patterns

Identifies deviations from baseline

Uses rules to detect suspicious behavior

Monitors actions over time

Applies mathematical models

Question 9mediummatching
Full question →

Match each security control to its category.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Preventive

Detective

Recovery

Administrative

Technical

Question 10mediummatching
Full question →

Match each attack type to its description.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Deceptive email to steal credentials

Malware that encrypts data for ransom

Overwhelming a service with traffic

Injecting malicious SQL queries

Intercepting communication between parties

These CS0-003 practice questions are part of Courseiva's free CompTIA certification practice question bank. Courseiva provides original exam-style CS0-003 questions with detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics.