CS0-002 exam

Which of the following technologies can be used to store digital certificates and is typically used in high security implementations where integrity is paramount?A . HSMB . eFuseC . UEFID . Self-encrypting driveView AnswerAnswer: A

A security analyst is reviewing the following web server log: Which of the following BEST describes the issue?A . Directory traversal exploitB . Cross-site scriptingC . SQL injectionD . Cross-site request forgeryView AnswerAnswer: A

During a routine log review, a security analyst has found the following commands that cannot be identified from the Bash history log on the root user. Which of the following commands should the analyst investigate FIRST?A . Line 1B . Line 2C . Line 3D . Line 4E . Line...

The computer incident response team at a multinational company has determined that a breach of sensitive data has occurred in which a threat actor has compromised the organization’s email system. Per the incident response procedures, this breach requires notifying the board immediately. Which of the following would be the BEST...

Which of me following BEST articulates the benefit of leveraging SCAP in an organization's cybersecurity analysis toolset?A . It automatically performs remedial configuration changes lo enterprise security servicesB . It enables standard checklist and vulnerability analysis expressions for automatonC . It establishes a continuous integration environment for software development operationsD...

A security analyst needs to assess the web server versions on a list of hosts to determine which are running a vulnerable version of the software and output that list into an XML file named webserverlist.xml. The host list is provided in a file named webserverlist.txt. Which of the following...

A software development team asked a security analyst to review some code for security vulnerabilities. Which of the following would BEST assist the security analyst while performing this task?A . Static analysisB . Dynamic analysisC . Regression testingD . User acceptance testingView AnswerAnswer: C

Joe, a penetration tester, used a professional directory to identify a network administrator and ID administrator for a client’s company. Joe then emailed the network administrator, identifying himself as the ID administrator, and asked for a current password as part of a security exercise. Which of the following techniques were...

An organization developed a comprehensive modern response policy Executive management approved the policy and its associated procedures. Which of the following activities would be MOST beneficial to evaluate personnel's familiarity with incident response procedures?A . A simulated breach scenario evolving the incident response teamB . Completion of annual information security...

During an incident investigation, a security analyst acquired a malicious file that was used as a backdoor but was not detected by the antivirus application. After performing a reverse-engineering procedure, the analyst found that part of the code was obfuscated to avoid signature detection. Which of the following types of...