CS0-002 exam

A company’s Chief Information Security Officer (CISO) is concerned about the integrity of some highly confidential files. Any changes to these files must be tied back to a specific authorized user’s activity session. Which of the following is the BEST technique to address the CISO’s concerns?A . Configure DLP to...

A storage area network (SAN) was inadvertently powered off while power maintenance was being performed in a datacenter. None of the systems should have lost all power during the maintenance. Upon review, it is discovered that a SAN administrator moved a power plug when testing the SAN's fault notification features....

A security analyst recently discovered two unauthorized hosts on the campus's wireless network segment from a man-m-the-middle attack. The security analyst also verified that privileges were not escalated, and the two devices did not gain access to other network devices. Which of the following would BEST mitigate and improve the...

Which of the following technologies can be used to store digital certificates and is typically used in high-security implementations where integrity is paramount?A . HSMB . eFuseC . UEFID . Self-encrypting driveView AnswerAnswer: A

Bootloader malware was recently discovered on several company workstations. All the workstations run Windows and are current models with UEFI capability. Which of the following UEFI settings is the MOST likely cause of the infections?A . Compatibility modeB . Secure boot modeC . Native modeD . Fast boot modeView AnswerAnswer:...

A security team is implementing a new vulnerability management program in an environment that has a historically poor security posture. The team is aware of issues patch management in the environment and expects a large number of findings. Which of the following would be the MOST efficient way to increase...

During an investigation, an incident responder intends to recover multiple pieces of digital media. Before removing the media, the responder should initiate:A . malware scans.B . secure communications.C . chain of custody forms.D . decryption tools.View AnswerAnswer: C

A user receives a potentially malicious email that contains spelling errors and a PDF document. A security analyst reviews the email and decides to download the attachment to a Linux sandbox for review. Which of the following commands would MOST likely indicate if the email is malicious?A . sha256sum ~/Desktop/file.pdfB...

Ann, a user, reports to the security team that her browser began redirecting her to random sites while using her Windows laptop. Ann further reports that the OS shows the C: drive is out of space despite having plenty of space recently. Ann claims she not downloaded anything. The security...

Which of me following BEST articulates the benefit of leveraging SCAP in an organization's cybersecurity analysis toolset?A . It automatically performs remedial configuration changes lo enterprise security servicesB . It enables standard checklist and vulnerability analysis expressions for automatonC . It establishes a continuous integration environment for software development operationsD...