CS0-002 exam

A Chief Information Secunty Officer has asked for a list of hosts that have critical and high-seventy findings as referenced in the CVE database. Which of the following tools would produce the assessment output needed to satisfy this request?A . Nessus B. Nikto C. Fuzzer D. Wireshark E. ProwlerView AnswerAnswer:...

An analyst is reviewing the following output as part of an incident: Which of the Wowing is MOST likely happening?A . The hosts are part of a reflective denial -of -service attack. B. Information is leaking from the memory of host 10.20 30.40 C. Sensitive data is being exfilltrated by...

An organization has specific technical nsk mitigation configurations that must be implemented before a new server can be approved for production Several critical servers were recently deployed with the antivirus missing unnecessary ports disabled and insufficient password complexity . Which of the following should the analyst recommend to prevent a...

Which of the following BEST explains the function of trusted firmware updates as they relate to hardware assurance?A . Trusted firmware updates provide organizations with development, compilation, remote access, and customization for embedded devices. B. Trusted firmware updates provide organizations with security specifications, open-source libraries, and custom toots for embedded...

During the security assessment of a new application, a tester attempts to log in to the application but receives the following message incorrect password for given username. Which of the following can the tester recommend to decrease the likelihood that a malicious attacker will receive helpful information?A . Set the...

During an incident response procedure, a security analyst acquired the needed evidence from the hard drive of a compromised machine. Which of the following actions should the analyst perform next to ensure the data integrity of the evidence?A . Generate hashes for each file from the hard drive. B. Create...

Which of the following organizational initiatives would be MOST impacted by data severighty issues?A . Moving to a cloud-based environment B. Migrating to locally hosted virtual servers C. Implementing non-repudiation controls D. Encrypting local database queriesView AnswerAnswer: A Explanation: Data sovereignty is the idea that data are subject to the...

A security analyst identified some potentially malicious processes after capturing the contents of memory from a machine during incident response. Which of the following procedures is the NEXT step for further in investigation?A . Data carving B. Timeline construction C. File cloning D. Reverse engineeringView AnswerAnswer: D Explanation: Reverse engineering...

An organization has the following policies: * Services must run on standard ports. * Unneeded services must be disabled. The organization has the following servers: * 192.168.10.1 - web server * 192.168.10.2 - database server A security analyst runs a scan on the servers and sees the following output: Which...

An organization has a strict policy that if elevated permissions are needed, users should always run commands under their own account, with temporary administrator privileges if necessary. A security analyst is reviewing syslog entries and sees the following: Which of the following entries should cause the analyst the MOST concern?A...