CS0-002 exam

Wncn of the following provides an automated approach 10 checking a system configuration?A . SCAP B. CI/CD C. OVAL D. Scripting E. SOARView AnswerAnswer: A Explanation: SCAP stands for Security Content Automation Protocol, which is a set of standards and specifications that allows automated configuration and vulnerability management of systems....

Which of the following are the MOST likely reasons lo include reporting processes when updating an incident response plan after a breach? (Select TWO).A . To establish a clear chain of command B. To meet regulatory requirements for timely reporting C. To limit reputation damage caused by the breach D....

While reviewing system logs, a network administrator discovers the following entry: Which of the following occurred?A . An attempt was made to access a remote workstation. B. The PsExec services failed to execute. C. A remote shell failed to open. D. A user was trying to download a password file...

A help desk technician inadvertently sent the credentials of the company's CRM n clear text to an employee's personal email account. The technician then reset the employee's account using the appropriate process and the employee's corporate email, and notified the security team of the incident According to the incident response...

During an Incident, it Is determined that a customer database containing email addresses, first names, and last names was exfiltrated. Which ot the following should the security analyst do NEXT?A . Consult with the legal department for regulatory impact. B. Encrypt the database with available tools. C. Email the customers...

A security analyst is attempting to resolve an incident in which highly confidential company pricing information was sent to clients. It appears this information was unintentionally sent by an employee who attached it to public marketing material. Which of the following configuration changes would work BEST to limit the risk...

Which of the following is the BEST way to gather patch information on a specific server?A . Event Viewer B. Custom script C. SCAP software D. CI/CDView AnswerAnswer: B Explanation: A custom script is a piece of code that can be written to perform a specific task or automate a...

A security analyst responds to a series of events surrounding sporadic bandwidth consumption from an endpoint device. The security analyst then identifies the following additional details: • Bursts of network utilization occur approximately every seven days. • The content being transferred appears to be encrypted or obfuscated. • A separate...

A company wants to configure the environment to allow passive network monitonng. To avoid disrupting the sensitive network, which of the following must be supported by the scanner's NIC to assist with the company's request?A . Port bridging B. Tunnel all mode C. Full-duplex mode D. Port mirroring E. Promiscuous...

A security analyst is reviewing the network security monitoring logs listed below: Which of the following is the analyst most likely observing? (Select two).A . 10.1.1.128 sent potential malicious traffic to the web server. B. 10.1.1.128 sent malicious requests, and the alert is a false positive C. 10.1.1.129 successfully exploited...