[Sep 15, 2021] Updates Up to 365 days On Valid CS0-002 Braindumps
Best QualityCS0-002 Exam Questions CompTIA Test To Gain Brilliante Result
NEW QUESTION 21
A cybersecurity analyst has identified a new mission-essential function that utilizes a public cloud- based system. The analyst needs to classify the information processed by the system with respect to CIA. Which of the following should provide the CIA classification for the information?
- A. The system administrator
- B. The data owner
- C. The cloud provider
- D. The cybersecurity analyst
Answer: B
NEW QUESTION 22
After receiving reports latency, a security analyst performs an Nmap scan and observes the following output:
Which of the following suggests the system that produced output was compromised?
- A. Standard HTP is open on the system and should be closed.
- B. There are no indicators of compromise on this system.
- C. Secure shell is operating of compromise on this system.
- D. MySQL services is identified on a standard PostgreSQL port.
Answer: B
NEW QUESTION 23
A security analyst is investigating a compromised Linux server.
The analyst issues the ps command and receives the following output.
Which of the following commands should the administrator run NEXT to further analyze the compromised system?
- A. kill -9 1301
- B. strace /proc/1301
- C. rpm -V openash-server
- D. /bin/la -1 /proc/1301/exe
Answer: B
NEW QUESTION 24
During a quarterly review of user accounts and activity, a security analyst noticed that after a password reset the head of human resources has been logging in from multiple locations, including several overseas. Further review of the account showed access rights to a number of corporate applications, including a sensitive accounting application used for employee bonuses.
Which of the following security methods could be used to mitigate this risk?
- A. RADIUS identity management
- B. Privilege escalation restrictions
- C. Elimination of self-service password resets
- D. Context-based authentication
Answer: D
NEW QUESTION 25
Which one of the following is an example of a computer security incident?
- A. Former employee crashes a server
- B. Intruder breaks into a building
- C. Administrator changes a file's permission settings
- D. User accesses a secure file
Answer: A
NEW QUESTION 26
After completing a vulnerability scan, the following output was noted:
Which of the following vulnerabilities has been identified?
- A. VPN tunnel vulnerability.
- B. Web application cryptography vulnerability.
- C. PKI transfer vulnerability.
- D. Active Directory encryption vulnerability.
Answer: B
NEW QUESTION 27
A cybersecurity analyst traced the source of an attack to compromised user credentials. Log analysis revealed that the attacker successfully authenticated from an unauthorized foreign country. Management asked the security analyst to research and implement a solution to help mitigate attacks based on compromised passwords.
Which of the following should the analyst implement?
- A. Single sign-on
- B. Context-based authentication
- C. Self-service password reset
- D. Password complexity
Answer: B
NEW QUESTION 28
A security analyst is building a malware analysis lab. The analyst wants to ensure malicious applications are not capable of escaping the virtual machines and pivoting to other networks.
To BEST mitigate this risk, the analyst should use.
- A. a managed switch to segment the lab into a separate VLAN.
- B. an 802.11ac wireless bridge to create an air gap.
- C. an unmanaged switch to segment the environments from one another.
- D. a firewall to isolate the lab network from all other networks.
Answer: D
NEW QUESTION 29
Given the Nmap request below:
Which of the following actions will an attacker be able to initiate directly against this host?
- A. An SQL injection
- B. ARP spoofing
- C. A brute-force attack
- D. Password sniffing
Answer: C
NEW QUESTION 30
A security analyst is investigating a compromised Linux server. The analyst issues the ps command and receives the following output.
Which of the following commands should the administrator run NEXT to further analyze the compromised system?
- A. kill -9 1301
- B. strace /proc/1301
- C. rpm -V openash-server
- D. /bin/la -1 /proc/1301/exe
Answer: B
NEW QUESTION 31
A security analyst is evaluating two vulnerability management tools for possible use in an organization. The analyst set up each of the tools according to the respective vendor's instructions and generated a report of vulnerabilities that ran against the same target server.
Tool A reported the following:
Tool B reported the following:
Which of the following BEST describes the method used by each tool? (Choose two.)
- A. Tool B is agent based.
- B. Tool A is unauthenticated.
- C. Tool A is agent based.
- D. Tool A used fuzzing logic to test vulnerabilities.
- E. Tool B is unauthenticated.
- F. Tool B utilized machine learning technology.
Answer: A,B
NEW QUESTION 32
A developer wrote a script to make names and other Pll data unidentifiable before loading a database export into the testing system.
Which of the following describes the type of control that is being used?
- A. Data masking
- B. Data encoding
- C. Data classification
- D. Data loss prevention
Answer: D
NEW QUESTION 33
A cybersecurity analyst has been asked to follow a corporate process that will be used to manage vulnerabilities for an organization. The analyst notices the policy has not been updated in three years. Which of the following should the analyst check to ensure the policy is still accurate?
- A. Governing regulations
- B. Technical constraints
- C. Corporate minutes
- D. Threat intelligence reports
Answer: D
NEW QUESTION 34
An organization has recently recovered from an incident where a managed switch had been accessed and reconfigured without authorization by an insider.
The incident response team is working on developing a lessons learned report with recommendations.
Which of the following recommendations will BEST prevent the same attack from occurring in the future?
- A. Remove and replace the managed switch with an unmanaged one.
- B. Install and configure NAC services to allow only authorized devices to connect to the network.
- C. Analyze normal behavior on the network and configure the IDS to alert on deviations from normal.
- D. Implement a separate logical network segment for management interfaces.
Answer: D
NEW QUESTION 35
Data spillage occurred when an employee accidentally emailed a sensitive file to an external recipient.
Which of the following controls would have MOST likely prevented this incident?
- A. WAF
- B. SSO
- C. VDI
- D. DLP
Answer: D
NEW QUESTION 36
In reviewing service desk requests, management has requested that the security analyst investigate the requests submitted by the new human resources manager. The requests consist of "unlocking" files that belonged to the previous human manager. The security analyst has uncovered a tool that is used to display five-level passwords. This tool is being used by several members of the service desk to unlock files. The content of these particular files is highly sensitive information pertaining to personnel.
Which of the following BEST describes this scenario? (Choose two.)
- A. Unauthorized controls
- B. Unauthorized software
- C. Unauthorized data exfiltration
- D. Unauthorized data masking
- E. Unauthorized access
Answer: A,E
NEW QUESTION 37
Which of the following software security best practices would prevent an attacker from being able to run arbitrary SQL commands within a web application? (Choose two.)
- A. Authentication
- B. Output encoding
- C. Data protection
- D. Input validation
- E. Parameterized queries
- F. Session management
Answer: D,E
Explanation:
Reference:
https://www.ptsecurity.com/ww-en/analytics/knowledge-base/how-to-prevent-sql-injection-attacks/
NEW QUESTION 38
A security analyst is reviewing a report from the networking department that describes an increase in network utilization, which is causing network performance issues on some systems.
A top talkers report over a five-minute sample is included.
Given the above output of the sample, which of the following should the security analyst accomplish FIRST to help track down the performance issues?
- A. Quarantine the top talker on the network and begin to investigate any potential threats caused by the excessive traffic.
- B. Perform reverse lookups on each of the IP addresses listed to help determine if the traffic is necessary.
- C. Put ACLs in place to restrict traffic destined for random or non-default application ports.
- D. Recommend that networking block the unneeded protocols such as Quicktime to clear up some of the congestion.
Answer: B
NEW QUESTION 39
While planning segmentation for an ICS environment, a security engineer determines IT resources will need access to devices within the ICS environment without compromising security.
To provide the MOST secure access model in this scenario, the jumpbox should be.
- A. bridged between the IT and operational technology networks to allow authenticated access.
- B. placed on the ICS network with a static firewall rule that allows IT network resources to authenticate.
- C. placed in an isolated network segment, authenticated on the IT side, and forwarded into the ICS network.
- D. placed on the IT side of the network, authenticated, and tunneled into the ICS environment.
Answer: C
NEW QUESTION 40
A security analyst wants to scan the network for active hosts. Which of the following host characteristics help to differentiate between a virtual and physical host?
- A. Gateway settings
- B. Host IPs
- C. DNS routing tables
- D. Reserved MACs
Answer: D
NEW QUESTION 41
......
Focus on CS0-002 All-in-One Exam Guide For Quick Preparation: https://www.actual4dump.com/CompTIA/CS0-002-actualtests-dumps.html
Tested Material Used To CS0-002: https://drive.google.com/open?id=1v9pmE4Sd3skfhupN5mC8Hm_bXP6dW5pw