CS0-002 exam

A forensic analyst is conducting an investigation on a compromised server . Which of the following should the analyst do first to preserve evidence''A . Restore damaged data from the backup media B. Create a system timeline C. Monitor user access to compromised systems D. Back up all log files...

Which of the following APT adversary archetypes represent non-nation-state threat actors? (Select TWO)A . Kitten B. Panda C. Tiger D. Jackal E. Bear F. SpiderView AnswerAnswer: A,D Explanation: Kitten and Jackal are two APT (Advanced Persistent Threat) adversary archetypes that represent non-nation-state threat actors. APT adversary archetypes are categories of...

Which of the following is the greatest security concern regarding ICS?A . The involved systems are generally hard to identify. B. The systems are configured for automatic updates, leading to device failure. C. The systems are oftentimes air gapped, leading to fileless malware attacks. D. Issues on the systems cannot...

A cybersecunty analyst needs to harden a server that is currently being used as a web server. The server needs to be accessible when entenng www company com into the browser Additionally web pages require frequent updates which are performed by a remote contractor. Given the following output: Which of...

Which of the following BEST describes what an organizations incident response plan should cover regarding how the organization handles public or private disclosures of an incident?A . The disclosure section should focus on how to reduce the likelihood customers will leave due to the incident. B. The disclosure section should...

During a review of the vulnerability scan results on a server, an information security analyst notices the following: The MOST appropriate action for the analyst to recommend to developers is to change the web server so:A . It only accepts TLSvl 2 B. It only accepts cipher suites using AES...

After a remote command execution incident occurred on a web server, a security analyst found the following piece of code in an XML file: Which of the following it the BEST solution to mitigate this type of attack?A . Implement a better level of user input filters and content sanitization....

An organization supports a large number of remote users. Which of the following is the best option to protect the data on the remote users' laptops? A. Require the use of VPNs. B. Require employees to sign an NDA. C. Implement a DLP solution. D. Use whole disk encryption.View AnswerAnswer:...

An organizational policy requires one person to input accounts payable and another to do accounts receivable. A separate control requires one person to write a check and another person to sign all checks greater than $5,000 and to get an additional signature for checks greater than $10,000. Which of the...

A security analyst was transferred to an organization's threat-hunting team to track specific activity throughout the enterprise environment The analyst must observe and assess the number ot times this activity occurs and aggregate the results. Which of the following is the BEST threat-hunting method for the analyst to use?A ....