CS0-001 exam

Datacenter access is controlled with proximity badges that record all entries and exits from the datacenter. The access records are used to identify which staff members accessed the data center in the event of equipment theft. Which of the following MUST be prevented in order for this policy to be...

A security administrator determines several months after the first instance that a local privileged user has been routinely logging into a server interactively as “root” and browsing the Internet. The administrator determines this by performing an annual review of the security logs on that server. For which of the following...

A security analyst is performing a review of Active Directory and discovers two new user accounts in the accounting department. Neither of the users has elevated permissions, but accounts in the group are given access to the company’s sensitive financial management application by default . Which of the following is...

A web application has a newly discovered vulnerability in the authentication method used to validate known company users. The user ID of Admin with a password of “password” grants elevated access to the application over the Internet . Which of the following is the BEST method to discover the vulnerability...

A security professional is analyzing the results of a network utilization report. The report includes the following information: Which of the following servers needs further investigation?A . hr.dbprod.01B . R&C . file.srvr.01D . mrktg.file.srvr.02E . web.srvr.03View AnswerAnswer: A

A project lead is reviewing the statement of work for an upcoming project that is focused on identifying potential weaknesses in the organization’s internal and external network infrastructure. As part of the project, a team of external contractors will attempt to employ various attacks against the organization. The statement of...

Which of the following items represents a document that includes detailed information on when an incident was detected, how impactful the incident was, and how it was remediated, in addition to incident response effectiveness and any identified gaps needing improvement?A . Forensic analysis reportB . Chain of custody reportC ....

A security analyst is reviewing the following log after enabling key-based authentication. Given the above information, which of the following steps should be performed NEXT to secure the system?A . Disable anonymous SSH logins.B . Disable password authentication for SSD . Disable SSHv1.E . Disable remote root SSH logins.View AnswerAnswer:...

DRAG DROP You suspect that multiple unrelated security events have occurred on several nodes on a corporate network. You must review all logs and correlate events when necessary to discover each security event by clicking on each node. Only select corrective actions if the logs shown a security event that...

A technician receives a report that a user’s workstation is experiencing no network connectivity. The technician investigates and notices the patch cable running the back of the user’s VoIP phone is routed directly under the rolling chair and has been smashed flat over time. Which of the following is the...