CS0-002 exam

As part of a review of incident response plans, which of the following is MOST important for an organization to understand when establishing the breach notification period?A . Organizational policiesB . Vendor requirements and contractsC . Service-level agreementsD . Legal requirementsView AnswerAnswer: D

Which of the following software security best practices would prevent an attacker from being able to run arbitrary SQL commands within a web application? (Choose two.)A . Parameterized queriesB . Session managementC . Input validationD . Output encodingE . Data protectionF . AuthenticationView AnswerAnswer: A,C Explanation: Reference: https://www.ptsecurity.com/ww-en/analytics/knowledge-base/how-to-prevent-sql-injection-attacks/

A security analyst received an alert from the SIEM indicating numerous login attempts from users outside their usual geographic zones, all of which were initiated through the web-based mail server. The logs indicate all domain accounts experienced two login attempts during the same time frame. Which of the following is...

An information security analyst on a threat-hunting team Is working with administrators to create a hypothesis related to an internally developed web application. The working hypothesis is as follows: • Due to the nature of the industry, the application hosts sensitive data associated with many clients and Is a significant...

A web-based front end for a business intelligence application uses pass-through authentication to authenticate users. The application then uses a service account, to perform queries and look up data m a database A security analyst discovers employees are accessing data sets they have not been authorized to use. Which of...

Which of the following is the MOST important objective of a post-incident review?A . Capture lessons learned and improve incident response processesB . Develop a process for containment and continue improvement effortsC . Identify new technologies and strategies to remediateD . Identify a new management strategyView AnswerAnswer: A

A developer wrote a script to make names and other Pll data unidentifiable before loading a database export into the testing system. Which of the following describes the type of control that is being used?A . Data encodingB . Data maskingC . Data loss preventionD . Data classificationView AnswerAnswer: C

The computer incident response team at a multinational company has determined that a breach of sensitive data has occurred in which a threat actor has compromised the organization’s email system. Per the incident response procedures, this breach requires notifying the board immediately. Which of the following would be the BEST...

A security manager has asked an analyst to provide feedback on the results of a penetration lest. After reviewing the results the manager requests information regarding the possible exploitation of vulnerabilities Much of the following information data points would be MOST useful for the analyst to provide to the security...

An executive assistant wants to onboard a new cloud based product to help with business analytics and dashboarding. When of the following would be the BEST integration option for the service?A . Manually log in to the service and upload data files on a regular basis.B . Have the internal...