CS0-002 exam

A security architect is reviewing the options for performing input validation on incoming web form submissions . Which of the following should the architect as the MOST secure and manageable option?A . Client-side whitelisting B. Server-side whitelisting C. Server-side blacklisting D. Client-side blacklistingView AnswerAnswer: B

As part of a merger with another organization, a Chief Information Security Officer (CISO) is working with an assessor to perform a risk assessment focused on data privacy compliance. The CISO is primarily concerned with the potential legal liability and fines associated with data privacy. Based on the CISO's concerns,...

A security analyst is reviewing the following log from an email security service. Which of the following BEST describes the reason why the email was blocked? A. The To address is invalid. B. The email originated from the www.spamfilter.org URL. C. The IP address and the remote server name are...

Which of the following technologies can be used to house the entropy keys for task encryption on desktops and laptops?A . Self-encrypting drive B. Bus encryption C. TPM D. HSMView AnswerAnswer: A

A security analyst is investigating a compromised Linux server. The analyst issues the ps command and receives the following output. Which of the following commands should the administrator run NEXT to further analyze the compromised system?A . strace /proc/1301 B. rpm -V openash-server C. /bin/la -1 /proc/1301/exe D. kill -9...

During an investigation, an incident responder intends to recover multiple pieces of digital media. Before removing the media, the responder should initiate:A . malware scans. B. secure communications. C. chain of custody forms. D. decryption tools.View AnswerAnswer: C

Which of the following should be found within an organization's acceptable use policy?A . Passwords must be eight characters in length and contain at least one special character. B. Customer data must be handled properly, stored on company servers, and encrypted when possible C. Administrator accounts must be audited monthly,...

A web developer wants to create a new web part within the company website that aggregates sales from individual team sites. A cybersecurity analyst wants to ensure security measurements are implemented during this process . Which of the following remediation actions should the analyst take to implement a vulnerability management...

Because some clients have reported unauthorized activity on their accounts, a security analyst is reviewing network packet captures from the company's API server. A portion of a capture file is shown below: POST /services/v1_0/Public/Members.svc/soap <s:Envelope+xmlns:s="http://schemas.s/soap/envelope/"><s:Body><GetIPLocation+xmlns="http://tempuri.org/"> <request+xmlns:a="http://schemas.somesite.org"+xmlns:i="http://www.w3.org/2001/XMLSchema-instance"></s:Body></s:Envelope> 192.168.1.22 --api.somesite.com 200 0 1006 1001 0 192.168.1.22 POST /services/v1_0/Public/Members.svc/soap <<a:Password>Password123</a:Password><a:ResetPasswordToken+i:nil="true"/> <a:ShouldImpersonatedAuthenticationBePopulated+i:nil="true"/><a:Username>[email protected]</a:Username></request></Login></s:Body></s:Envelope> 192.168.5.66 --api.somesite.com...

After receiving reports latency, a security analyst performs an Nmap scan and observes the following output: Which of the following suggests the system that produced output was compromised?A . Secure shell is operating of compromise on this system. B. There are no indicators of compromise on this system. C. MySQL...