CS0-002 exam

The help desk provided a security analyst with a screenshot of a user's desktop: For which of the following is aircrack-ng being used?A . Wireless access point discoveryB . Rainbow attackC . Brute-force attackD . PCAP data collectionView AnswerAnswer: C

A security analyst is evaluating two vulnerability management tools for possible use in an organization. The analyst set up each of the tools according to the respective vendor's instructions and generated a report of vulnerabilities that ran against the same target server. Tool A reported the following: Tool B reported...

A security analyst reviews SIEM logs and detects a well-known malicious executable running in a Windows machine. The up-to-date antivirus cannot detect the malicious executable. Which of the following is the MOST likely cause of this issue?A . The malware is being executed with administrative privileges.B . The antivirus does...

A security analyst needs to perform a search for connections with a suspicious IP on the network traffic. The company collects full packet captures at the Internet gateway and retains them for one week. Which of the following will enable the analyst to obtain the BEST results?A . grep -a...

A security analyst is investigating a system compromise. The analyst verities the system was up to date on OS patches at the time of the compromise. Which of the following describes the type of vulnerability that was MOST likely expiated?A . Insider threatB . Buffer overflowC . Advanced persistent threatD...

During routine monitoring, a security analyst discovers several suspicious websites that are communicating with a local host. The analyst queries for IP 192.168.50.2 for a 24-hour period: To further investigate, the analyst should request PCAP for SRC 192.168.50.2 and.A . DST 138.10.2.5.B . DST 138.10.25.5.C . DST 172.10.3.5.D . DST...

An executive assistant wants to onboard a new cloud based product to help with business analytics and dashboarding. When of the following would be the BEST integration option for the service?A . Manually log in to the service and upload data files on a regular basis.B . Have the internal...

A new on-premises application server was recently installed on the network. Remote access to the server was enabled for vendor support on required ports, but recent security reports show large amounts of data are being sent to various unauthorized networks through those ports. Which of the following configuration changes must...

Which of the following BEST describes the primary role ol a risk assessment as it relates to compliance with risk-based frameworks?A . It demonstrates the organization's mitigation of risks associated with internal threats.B . It serves as the basis for control selection.C . It prescribes technical control requirements.D . It...

During a review of vulnerability scan results an analyst determines the results may be flawed because a control-baseline system which is used to evaluate a scanning tools effectiveness was reported as not vulnerable Consequently, the analyst verifies the scope of the scan included the control-baseline host which was available on...