CS0-002 exam

A security analyst suspects a malware infection was caused by a user who downloaded malware after clicking http://<malwaresource>/A.php in a phishing email. To prevent other computers from being infected by the same malware variation, the analyst should create a rule on the. A. email server that automatically deletes attached executables....

It is important to parameterize queries to prevent:A . the execution of unauthorized actions against a database.B . a memory overflow that executes code with elevated privileges.C . the esrtablishment of a web shell that would allow unauthorized access.D . the queries from using an outdated library with security vulnerabilities.View...

A security analyst for a large financial institution is creating a threat model for a specific threat actor that is likely targeting an organization's financial assets. Which of the following is the BEST example of the level of sophistication this threat actor is using?A . Social media accounts attributed to...

A security analyst received an alert from the SIEM indicating numerous login attempts from users outside their usual geographic zones, all of which were initiated through the web-based mail server. The logs indicate all domain accounts experienced two login attempts during the same time frame. Which of the following is...

An organization is moving its infrastructure to the cloud in an effort to meet the budget and reduce staffing requirements. The organization has three environments: development, testing, and production. These environments have interdependencies but must remain relatively segmented. Which of the following methods would BEST secure the company's infrastructure and...

A security analyst has received reports of very slow, intermittent access to a public-facing corporate server. Suspecting the system may be compromised, the analyst runs the following commands: Based on the output from the above commands, which of the following should the analyst do NEXT to further the investigation?A ....

A security analyst is reviewing a web application. If an unauthenticated user tries to access a page in the application, the user is redirected to the login page. After successful authentication, the user is then redirected back to the original page. Some users have reported receiving phishing emails with a...

Which of the following would MOST likely be included in the incident response procedure after a security breach of customer PII?A . Human resourcesB . Public relationsC . MarketingD . Internal network operations centerView AnswerAnswer: B

A security analyst is reviewing the following log from an email security service. Which of the following BEST describes the reason why the email was blocked? A. The To address is invalid. B. The email originated from the www.spamfilter.org URL. C. The IP address and the remote server name are...

A security architect is reviewing the options for performing input validation on incoming web form submissions. Which of the following should the architect as the MOST secure and manageable option?A . Client-side whitelistingB . Server-side whitelistingC . Server-side blacklistingD . Client-side blacklistingView AnswerAnswer: B