CS0-002 exam

A security analyst is reviewing vulnerability scan results and notices new workstations are being flagged as having outdated antivirus signatures. The analyst observes the following plugin output: Antivirus is installed on the remote host: Installation path: C:Program FilesAVProductWin32 Product Engine: 14.12.101 Engine Version: 3.5.71 Scanner does not currently have information...

A security analyst is evaluating two vulnerability management tools for possible use in an organization. The analyst set up each of the tools according to the respective vendor's instructions and generated a report of vulnerabilities that ran against the same target server. Tool A reported the following: Tool B reported...

A security team is implementing a new vulnerability management program in an environment that has a historically poor security posture. The team is aware of issues patch management in the environment and expects a large number of findings. Which of the following would be the MOST efficient way to increase...

As part of an exercise set up by the information security officer, the IT staff must move some of the network systems to an off-site facility and redeploy them for testing. All staff members must ensure their respective systems can power back up and match their gold image. If they...

An analyst is reviewing a list of vulnerabilities, which were reported from a recent vulnerability scan of a Linux server. Which of the following is MOST likely to be a false positive?A . OpenSSH/OpenSSL Package Random Number Generator WeaknessB . Apache HTTP Server Byte Range DoSC . GDI+ Remote Code...

A security administrator needs to create an IDS rule to alert on FTP login attempts by root. Which of the following rules is the BEST solution? A . Option AB . Option BC . Option CD . Option DView AnswerAnswer: B

A security analyst received an email with the following key: Xj3XJ3LLc A second security analyst received an email with following key: 3XJ3xjcLLC The security manager has informed the two analysts that the email they received is a key that allows access to the company’s financial segment for maintenance. This is...

During an investigation, an incident responder intends to recover multiple pieces of digital media. Before removing the media, the responder should initiate:A . malware scans.B . secure communications.C . chain of custody forms.D . decryption tools.View AnswerAnswer: C

An analyst is participating in the solution analysis process for a cloud-hosted SIEM platform to centralize log monitoring and alerting capabilities in the SOC. Which of the following is the BEST approach for supply chain assessment when selecting a vendor?A . Gather information from providers, including datacenter specifications and copies...

A security analyst has received information from a third-party intelligence-sharing resource that indicates employee accounts were breached. Which of the following is the NEXT step the analyst should take to address the issue?A . Audit access permissions for all employees to ensure least privilege.B . Force a password reset for...