CS0-002 exam

An organization has not had an incident for several months. The Chief Information Security Officer (CISO) wants to move to a more proactive stance for security investigations. Which of the following would BEST meet that goal?A . Root-cause analysis B. Active response C. Advanced antivirus D. Information-sharing community E. Threat...

A security analyst has observed several incidents within an organization that are affecting one specific piece of hardware on the network. Further investigation reveals the equipment vendor previously released a patch. Which of the following is the MOST appropriate threat classification for these incidents?A . Known threat B. Zero day...

Which of the following MOST accurately describes an HSM?A . An HSM is a low-cost solution for encryption. B. An HSM can be networked based or a removable USB C. An HSM is slower at encrypting than software D. An HSM is explicitly used for MFAView AnswerAnswer: B

A Chief Information Security Officer (CISO) wants to upgrade an organization's security posture by improving proactive activities associated with attacks from internal and external threats. Which of the following is the MOST proactive tool or technique that feeds incident response capabilities?A . Development of a hypothesis as part of threat...

A SIEM solution alerts a security analyst of a high number of login attempts against the company's webmail portal. The analyst determines the login attempts used credentials from a past data breach. Which of the following is the BEST mitigation to prevent unauthorized access?A . Single sign-on B. Mandatory access...

A cybersecurity analyst needs to rearchitect the network using a firewall and a VPN server to achieve the highest level of security To BEST complete this task, the analyst should place the:A . firewall behind the VPN server B. VPN server parallel to the firewall C. VPN server behind the...

A Chief Information Security Officer (CISO) is concerned the development team, which consists of contractors, has too much access to customer datA. Developers use personal workstations, giving the company little to no visibility into the development activities. Which of the following would be BEST to implement to alleviate the CISO's...

An organization has several systems that require specific logons Over the past few months, the security analyst has noticed numerous failed logon attempts followed by password resets. Which of the following should the analyst do to reduce the occurrence of legitimate failed logons and password resets?A . Use SSO across...

The computer incident response team at a multinational company has determined that a breach of sensitive data has occurred in which a threat actor has compromised the organization’s email system. Per the incident response procedures, this breach requires notifying the board immediately. Which of the following would be the BEST...

The inability to do remote updates of certificates, keys, software, and firmware is a security issue commonly associated with:A . web servers on private networks B. HVAC control systems C. smartphones D. firewalls and UTM devicesView AnswerAnswer: B