CS0-002 exam

An analyst is reviewing the following output as part of an incident: Which of the Wowing is MOST likely happening?A . The hosts are part of a reflective denial -of -service attack. B. Information is leaking from the memory of host 10.20 30.40 C. Sensitive data is being exfilltrated by...

A security analyst is monitoring a company's network traffic and finds ping requests going to accounting and human resources servers from a SQL server. Upon investigation, the analyst discovers a technician responded to potential network connectivity issues. Which of the following is the best way for the security analyst to...

A company's legal department is concerned that its incident response plan does not cover the countless ways security incidents can occur. The department has asked a security analyst to help tailor the response plan to provide broad coverage for many situations. Which of the following is the best way to...

CORRECT TEXT You are a penetration tester who is reviewing the system hardening guidelines for a company. Hardening guidelines indicate the following. ✑ There must be one primary server or service per device. ✑ Only default port should be used ✑ Non- secure protocols should be disabled. ✑ The corporate...

Which of the following BEST describes HSM?A . A computing device that manages cryptography, decrypts traffic, and maintains library calls B. A computing device that manages digital keys, performs encryption/decryption functions, and maintains other cryptographic functions C. A computing device that manages physical keys, encrypts devices, and creates strong cryptographic...

A security analyst sees the following OWASP ZAP output from a scan that was performed against a modern version of Windows while testing for client-side vulnerabilities: Which of the following is the MOST likely solution to the listed vulnerability?A . Enable the browser's XSS filter. B. Enable Windows XSS protection...

A financial organization has offices located globally. Per the organization’s policies and procedures, all executives who conduct Business overseas must have their mobile devices checked for malicious software or evidence of tempering upon their return. The information security department oversees the process, and no executive has had a device compromised....

When investigating a report of a system compromise, a security analyst views the following /var/log/secure log file: Which of the following can the analyst conclude from viewing the log file?A . The comptia user knows the sudo password. B. The comptia user executed the sudo su command. C. The comptia...

A security administrator needs to provide access from partners to an Isolated laboratory network inside an organization that meets the following requirements: • The partners' PCs must not connect directly to the laboratory network. • The tools the partners need to access while on the laboratory network must be available...

An organization wants to consolidate a number of security technologies throughout the organization and standardize a workflow for identifying security issues prioritizing the severity and automating a response . Which of the following would best meet the organization's needs'?A . MaaS B. SIEM C. SOAR D. CI/CDView AnswerAnswer: C Explanation:...