CS0-002 exam

A customer notifies a security analyst that a web application is vulnerable to information disclosure The analyst needs to indicate the seventy of the vulnerability based on its CVSS score, which the analyst needs to calculate When analyzing the vulnerability the analyst realizes that tor the attack to be successful,...

Which of the following BEST identifies the appropriate use of threat intelligence as a function of detection and response?A . To identify weaknesses in an organization's security posture B. To identify likely attack scenarios within an organization C. To build a business security plan for an organization D. To build...

The security team decides to meet informally to discuss and test the response plan for potential security breaches and emergency situations. Which of the following types of training will the security team perform?A . Tabletop exercise B. Red-team attack C. System assessment implementation D. Blue-team training E. White-team engagementView AnswerAnswer:...

A risk assessment concludes that the perimeter network has the highest potential for compromise by an attacker, and it is labeled as a critical risk environment. Which of the following is a valid compensating control to reduce the volume of valuable information in the perimeter network that an attacker could...

While conoXicting a cloud assessment, a security analyst performs a Prowler scan, which generates the following within the report: Based on the Prowler report, which of the following is the BEST recommendation?A . Delete Cloud Dev access key 1 B. Delete BusinessUsr access key 1. C. Delete access key 1....

During a forensic investigation, a security analyst reviews some Session Initiation Protocol packets that came from a suspicious IP address. Law enforcement requires access to a VoIP call that originated from the suspicious IP address. Which of the following should the analyst use to accomplish this task?A . Wireshark B....

According to a static analysis report for a web application, a dynamic code evaluation script injection vulnerability was found. Which of the following actions is the BEST option to fix the vulnerability in the source code?A . Delete the vulnerable section of the code immediately. B. Create a custom rule...

A software developer is correcting the error-handling capabilities of an application following the initial coding of the fix. Which of the following would the software developer MOST likely performed to validate the code poor to pushing it to production?A . Web-application vulnerability scan B. Static analysis C. Packet inspection D....

Which of the following is MOST important when developing a threat hunting program?A . Understanding penetration testing techniques B. Understanding how to build correlation rules within a SIEM C. Understanding security software technologies D. Understanding assets and categories of assetsView AnswerAnswer: D Explanation: Understanding assets and categories of assets is...

A security learn implemented a SCM as part for its security-monitoring program there is a requirement to integrate a number of sources Into the SIEM to provide better context relative to the events being processed. Which of the following BST describes the result the security learn hopes to accomplish by...