CS0-002 exam

A security analyst is providing a risk assessment for a medical device that will be installed on the corporate network. During the assessment, the analyst discovers the device has an embedded operating system that will be at the end of its life in two years. Due to the criticality of...

Which of the following software security best practices would prevent an attacker from being able to run arbitrary SQL commands within a web application? (Choose two.)A . Parameterized queries B. Session management C. Input validation D. Output encoding E. Data protection F. AuthenticationView AnswerAnswer: A,C Explanation: Reference: https://www.ptsecurity.com/ww-en/analytics/knowledge-base/how-to-prevent-sql-injection-attacks/

A company's modem response team is handling a threat that was identified on the network Security analysts have as at remote sites. Which of the following is the MOST appropriate next step in the incident response plan?A . Quarantine the web server B. Deploy virtual firewalls C. Capture a forensic...

A security analyst reviews the following aggregated output from an Nmap scan and the border firewall ACL: Which of the following should the analyst reconfigure to BEST reduce organizational risk while maintaining current functionality?A . PC1 B. PC2 C. Server1 D. Server2 E. FirewallView AnswerAnswer: B

An organization that handles sensitive financial information wants to perform tokenization of data to enable the execution of recurring transactions. The organization is most interested m a secure, built-in device to support its solution. Which of the following would MOST likely be required to perform the desired function?A . TPM...

Which of the following policies would state an employee should not disable security safeguards, such as host firewalls and antivirus on company systems?A . Code of conduct policy B. Account management policy C. Password policy D. Acceptable use policyView AnswerAnswer: D

A network attack that is exploiting a vulnerability in the SNMP is detected. Which of the following should the cybersecurity analyst do FIRST?A . Apply the required patches to remediate the vulnerability. B. Escalate the incident to senior management for guidance. C. Disable all privileged user accounts on the network....

A cybersecurity analyst is reading a daily intelligence digest of new vulnerabilities. The type of vulnerability that should be disseminated FIRST is one that:A . enables remote code execution that is being exploited in the wild. B. enables data leakage but is not known to be in the environment C....

During routine monitoring, a security analyst discovers several suspicious websites that are communicating with a local host. The analyst queries for IP 192.168.50.2 for a 24-hour period: To further investigate, the analyst should request PCAP for SRC 192.168.50.2 and.A . DST 138.10.2.5. B. DST 138.10.25.5. C. DST 172.10.3.5. D. DST...

A security analyst gathered forensics from a recent intrusion in preparation for legal proceedings. The analyst used EnCase to gather the digital forensics. cloned the hard drive, and took the hard drive home for further analysis. Which of the following of the security analyst violate?A . Cloning procedures B. Chain...