CS0-002 exam

An organization recently discovered that spreadsheet files containing sensitive financial data were improperly stored on a web server. The management team wants to find out if any of these files were downloaded by pubic users accessing the server. The results should be written to a text file and should induce...

A security analyst identified some potentially malicious processes after capturing the contents of memory from a machine during incident response. Which of the following procedures is the NEXT step for further in investigation?A . Data carvingB . Timeline constructionC . File cloningD . Reverse engineeringView AnswerAnswer: D Explanation: Reverse engineering...

Which of the following are the MOST likely reasons lo include reporting processes when updating an incident response plan after a breach? (Select TWO).A . To establish a clear chain of commandB . To meet regulatory requirements for timely reportingC . To limit reputation damage caused by the breachD ....

A security administrator needs to provide access from partners to an Isolated laboratory network inside an organization that meets the following requirements: • The partners' PCs must not connect directly to the laboratory network. • The tools the partners need to access while on the laboratory network must be available...

A help desk technician inadvertently sent the credentials of the company's CRM n clear text to an employee's personal email account. The technician then reset the employee's account using the appropriate process and the employee's corporate email, and notified the security team of the incident According to the incident response...

A routine vulnerability scan detected a known vulnerability in a critical enterprise web application. Which of the following would be the BEST next step?A . Submit a change request to have the system patchedB . Evaluate the risk and criticality to determine it further action is necessaryC . Notify a...

In SIEM software, a security analysis selected some changes to hash signatures from monitored files during the night followed by SMB brute-force attacks against the file servers. Based on this behavior, which of the following actions should be taken FIRST to prevent a more serious compromise?A . Fully segregate the...

A company's application development has been outsourced to a third-party development team. Based on the SLA. The development team must follow industry best practices for secure coding. Which of the following is the BEST way to verify this agreement? A. Input validation B. Security regression testing C. Application fuzzing D....

A security analyst is investigate an no client related to an alert from the threat detection platform on a host (10.0 1.25) in a staging environment that could be running a cryptomining tool because it in sending traffic to an IP address that are related to Bitcoin. The network rules...

A company has a cluster of web servers that is critical to the business. A systems administrator installed a utility to troubleshoot an issue, and the utility caused the entire cluster to 90 offline. Which of the following solutions would work BEST prevent to this from happening again?A . Change...