CS0-001 exam

While a threat intelligence analyst was researching an indicator of compromise on a search engine, the web proxy generated an alert regarding the same indicator. The threat intelligence analyst states that related sites were not visited but were searched for in a search engine. Which of the following MOST likely...

After analyzing and correlating activity from multiple sensors, the security analyst has determined a group from a high-risk country is responsible for a sophisticated breach of the company network and continuous administration of targeted attacks for the past three months. Until now, the attacks went unnoticed. This is an example...

After completing a vulnerability scan, the following output was noted: Which of the following vulnerabilities has been identified?A . PKI transfer vulnerability.B . Active Directory encryption vulnerability.C . Web application cryptography vulnerability.D . VPN tunnel vulnerability.View AnswerAnswer: C

A software assurance lab is performing a dynamic assessment on an application by automatically generating and inputting different, random data sets to attempt to cause an error/failure condition. Which of the following software assessment capabilities is the lab performing AND during which phase of the SDLC should this occur? (Select...

A cybersecurity analyst is currently investigating a server outage. The analyst has discovered the following value was entered for the username: 0xbfff601a. Which of the following attacks may be occurring?A . Buffer overflow attackB . Man-in-the-middle attackC . Smurf attackD . Format string attackE . Denial of service attackView AnswerAnswer:...

An incident response report indicates a virus was introduced through a remote host that was connected to corporate resources. A cybersecurity analyst has been asked for a recommendation to solve this issue. Which of the following should be applied?A . MACB . TAPC . NACD . ACLView AnswerAnswer: C

A security professional is analyzing the results of a network utilization report. The report includes the following information: Which of the following servers needs further investigation?A . hr.dbprod.01B . R&C . file.srvr.01D . mrktg.file.srvr.02E . web.srvr.03View AnswerAnswer: A

In order to meet regulatory compliance objectives for the storage of PHI, vulnerability scans must be conducted on a continuous basis. The last completed scan of the network returned 5,682 possible vulnerabilities. The Chief Information Officer (CIO) would like to establish a remediation plan to resolve all known issues. Which...

SIMULATION The developers recently deployed new code to three web servers. A daily automated external device scan report shows server vulnerabilities that are failing items according to PCI DSS. If the vulnerability is not valid, the analyst must take the proper steps to get the scan clean. If the vulnerability...

An organization is requesting the development of a disaster recovery plan. The organization has grown and so has its infrastructure. Documentation, policies, and procedures do not exist. Which of the following steps should be taken to assist in the development of the disaster recovery plan?A . Conduct a risk assessment.B...