CS0-002 exam

While monitoring the information security notification mailbox, a security analyst notices several emails were repotted as spam. Which of the following should the analyst do FIRST?A . Block the sender In the email gateway. B. Delete the email from the company's email servers. C. Ask the sender to stop sending...

A Chief Executive Officer (CEO) is concerned about the company’s intellectual property being leaked to competitors. The security team performed an extensive review but did not find any indication of an outside breach. The data sets are currently encrypted using the Triple Data Encryption Algorithm. Which of the following courses...

After detecting possible malicious external scanning, an internal vulnerability scan was performed, and a critical server was found with an outdated version of JBoss. A legacy application that is running depends on that version of JBoss. Which of the following actions should be taken FIRST to prevent server compromise and...

As part of the senior leadership team's ongoing nsk management activities the Chief Information Security Officer has tasked a security analyst with coordinating the right training and testing methodology to respond to new business initiatives or significant changes to existing ones The management team wants to examine a new business...

A security officer needs to find the most cost-effective solution to the current data privacy and protection gap found in the last security assessment. Which of the following is the BEST recommendation?A . Require users to sign NDAs B. Create a data minimization plan. C. Add access control requirements. D....

An analyst received an alert regarding an application spawning a suspicious command shell process. Upon further investigation, the analyst observes the following registry change occurring immediately after the suspicious event: Which of the following was the suspicious event able to accomplish?A . Impair defenses. B. Establish persistence. C. Bypass file...

During a company’s most recent incident, a vulnerability in custom software was exploited on an externally facing server by an APT. The lessons-learned report noted the following: • The development team used a new software language that was not supported by the security team's automated assessment tools. • During the...

A company experienced a security compromise due to the inappropriate disposal of one of its hardware appliances. Sensitive information stored on the hardware appliance was not removed prior to disposal. Which of the following is the BEST manner in which to dispose of the hardware appliance?A . Ensure the hardware...

The following output is from a tcpdump al the edge of the corporate network: Which of the following best describes the potential security concern?A . Payload lengths may be used to overflow buffers enabling code execution. B. Encapsulated traffic may evade security monitoring and defenses C. This traffic exhibits a...

A security analyst is investigate an no client related to an alert from the threat detection platform on a host (10.0 1.25) in a staging environment that could be running a crypto mining tool because it in sending traffic to an IP address that are related to Bitcoin. The network...