CS0-002 exam

A security analyst has observed several incidents within an organization that are affecting one specific piece of hardware on the network. Further investigation reveals the equipment vendor previously released a patch. Which of the following is the MOST appropriate threat classification for these incidents?A . Known threatB . Zero dayC...

A team of security analysts has been alerted to potential malware activity. The initial examination indicates one of the affected workstations is beaconing on TCP port 80 to five IP addresses and attempting to spread across the network over port 445. Which of the following should be the team’s NEXT...

An organization wants to move non-essential services into a cloud computing environment. Management has a cost focus and would like to achieve a recovery time objective of 12 hours. Which of the following cloud recovery strategies would work BEST to attain the desired outcome?A . Duplicate all services in another...

The inability to do remote updates of certificates. keys software and firmware is a security issue commonly associated with:A . web servers on private networks.B . HVAC control systemsC . smartphonesD . firewalls and UTM devicesView AnswerAnswer: B

A cybersecurity analyst is responding to an incident. The company’s leadership team wants to attribute the incident to an attack group. Which of the following models would BEST apply to the situation?A . Intelligence cycleB . Diamond Model of Intrusion AnalysisC . Kill chainD . MITRE ATT&CKView AnswerAnswer: C

Which of the following software assessment methods would be BEST for gathering data related to an application’s availability during peak times?A . Security regression testingB . Stress testingC . Static analysis testingD . Dynamic analysis testingE . User acceptance testingView AnswerAnswer: B

A security analyst has received information from a third-party intelligence-sharing resource that indicates employee accounts were breached. Which of the following is the NEXT step the analyst should take to address the issue?A . Audit access permissions for all employees to ensure least privilege.B . Force a password reset for...

A security analyst received an email with the following key: Xj3XJ3LLc A second security analyst received an email with following key: 3XJ3xjcLLC The security manager has informed the two analysts that the email they received is a key that allows access to the company’s financial segment for maintenance. This is...

During an investigation, a security analyst determines suspicious activity occurred during the night shift over the weekend. Further investigation reveals the activity was initiated from an internal IP going to an external website. Which of the following would be the MOST appropriate recommendation to prevent the activity from happening in...

A security analyst is reviewing a web application. If an unauthenticated user tries to access a page in the application, the user is redirected to the login page. After successful authentication, the user is then redirected back to the original page. Some users have reported receiving phishing emails with a...