CS0-002 exam

An IT security analyst has received an email alert regarding vulnerability within the new fleet of vehicles the company recently purchased. Which of the following attack vectors is the vulnerability MOST likely targeting?A . SCADAB . CAN busC . ModbusD . loTView AnswerAnswer: B Explanation: CAN bus (Controller Area Network)...

While implementing a PKI for a company, a security analyst plans to utilize a dedicated server as the certAcate authority that is only used to sign intermediate certificates. Which of the following are the MOST secure states for the certificate authority server when it is not in use? (Select TWO)A...

Which of the following BEST describes what an organizations incident response plan should cover regarding how the organization handles public or private disclosures of an incident?A . The disclosure section should focus on how to reduce the likelihood customers will leave due to the incident.B . The disclosure section should...

A team of network security analysts is examining network traffic to determine if sensitive data was exfiltrated. Upon further investigation, the analysts believe confidential data was compromised. Which of the following capabilities would BEST defend against this type of sensitive data exfiltration?A . Deploy an edge firewall.B . Implement DLPC...

Which of the following organizational initiatives would be MOST impacted by data severighty issues?A . Moving to a cloud-based environmentB . Migrating to locally hosted virtual serversC . Implementing non-repudiation controlsD . Encrypting local database queriesView AnswerAnswer: A Explanation: Data sovereignty is the idea that data are subject to the...

In web application scanning, static analysis refers to scanning:A . the system for vulnerabilities before installing the application.B . the compiled code of the application to detect possible issues.C . an application that is installed and active on a system.D . an application that is installed on a system that...

While conoXicting a cloud assessment, a security analyst performs a Prowler scan, which generates the following within the report: Based on the Prowler report, which of the following is the BEST recommendation?A . Delete Cloud Dev access key 1B . Delete BusinessUsr access key 1.C . Delete access key 1.D...

industry partners from critical infrastructure organizations were victims of attacks on their SCADA devices. The attacks used privilege escalation to gain access to SCADA administration and access management solutions would help to mitigate this risk?A . Multifactor authenticationB . Manual access reviewsC . Endpoint detection and responseD . Role-based access...

Which of the following, BEST explains the function of TPM?A . To provide hardware-based security features using unique keysB . To ensure platform confidentiality by storing security measurementsC . To improve management of the OS installation.D . To implement encryption algorithms for hard drivesView AnswerAnswer: A Explanation: TPM (Trusted Platform...

An organization has the following policy statements: • AlI emails entering or leaving the organization will be subject to inspection for malware, policy violations, and unauthorized coolant. • AM network activity will be logged and monitored. • Confidential data will be tagged and tracked • Confidential data must never be...