CS0-002 exam

A security analyst reviews the following aggregated output from an Nmap scan and the border firewall ACL: Which of the following should the analyst reconfigure to BEST reduce organizational risk while maintaining current functionality?A . PC1 B. PC2 C. Server1 D. Server2 E. FirewallView AnswerAnswer: B

Which of the following software security best practices would prevent an attacker from being able to run arbitrary SQL commands within a web application? (Choose two.)A . Parameterized queries B. Session management C. Input validation D. Output encoding E. Data protection F. AuthenticationView AnswerAnswer: A,C Explanation: Reference: https://www.ptsecurity.com/ww-en/analytics/knowledge-base/how-to-prevent-sql-injection-attacks/

A security analyst has observed several incidents within an organization that are affecting one specific piece of hardware on the network. Further investigation reveals the equipment vendor previously released a patch. Which of the following is the MOST appropriate threat classification for these incidents?A . Known threat B. Zero day...

Which of the following would MOST likely be included in the incident response procedure after a security breach of customer PII?A . Human resources B. Public relations C. Marketing D. Internal network operations centerView AnswerAnswer: B

A security analyst is investigating malicious traffic from an internal system that attempted to download proxy avoidance software as identified from the firewall logs but the destination IP is blocked and not captured . Which of the following should the analyst do?A . Shut down the computer B. Capture live...

A company was recently awarded several large government contracts and wants to determine its current risk from one specific APT. Which of the following threat modeling methodologies would be the MOST appropriate to use during this analysis?A . Attack vectors B. Adversary capability C. Diamond Model of Intrusion Analysis D....

A security analyst is investigating a system compromise. The analyst verities the system was up to date on OS patches at the time of the compromise . Which of the following describes the type of vulnerability that was MOST likely expiated?A . Insider threat B. Buffer overflow C. Advanced persistent...

A large amount of confidential data was leaked during a recent security breach. As part of a forensic investigation, the security team needs to identify the various types of traffic that were captured between two compromised devices. Which of the following should be used to identify the traffic?A . Carving...

For machine learning to be applied effectively toward security analysis automation, it requires.A . relevant training data. B. a threat feed API. C. a multicore, multiprocessor system. D. anomalous traffic signatures.View AnswerAnswer: A

A cybersecurity analyst is supposing an incident response effort via threat intelligence . Which of the following is the analyst MOST likely executing?A . Requirements analysis and collection planning B. Containment and eradication C. Recovery and post-incident review D. Indicator enrichment and research pivotingView AnswerAnswer: A