How Many Questions Of CS0-002 Latest Exam

NEW QUESTION 1
An executive assistant wants to onboard a new cloud based product to help with business analytics and dashboarding. When of the following would be the BEST integration option for the service?

• A. Manually log in to the service and upload data files on a regular basis.
• B. Have the internal development team script connectivity and file translate to the new service.
• C. Create a dedicated SFTP sue and schedule transfers to ensue file transport security
• D. Utilize the cloud products API for supported and ongoing integrations

Answer: A

NEW QUESTION 2
Which of the following types of policies is used to regulate data storage on the network?

• A. Password
• B. Acceptable use
• C. Account management
• D. Retention

Answer: D

NEW QUESTION 3
A security team wants to make SaaS solutions accessible from only the corporate campus.
Which of the following would BEST accomplish this goal?

• A. Geofencing
• B. IP restrictions
• C. Reverse proxy
• D. Single sign-on

Answer: A

NEW QUESTION 4
Data spillage occurred when an employee accidentally emailed a sensitive file to an external recipient. Which of the following controls would have MOST likely prevented this incident?

• A. SSO
• B. DLP
• C. WAF
• D. VDI

Answer: B

NEW QUESTION 5
While analyzing logs from a WAF, a cybersecurity analyst finds the following:

Which of the following BEST describes what the analyst has found?

• A. This is an encrypted GET HTTP request
• B. A packet is being used to bypass the WAF
• C. This is an encrypted packet
• D. This is an encoded WAF bypass

Answer: D

NEW QUESTION 6
A user receives a potentially malicious email that contains spelling errors and a PDF document. A security analyst reviews the email and decides to download the attachment to a Linux sandbox for review.
Which of the following commands would MOST likely indicate if the email is malicious?

• A. sha256sum ~/Desktop/file.pdf
• B. file ~/Desktop/file.pdf
• C. strings ~/Desktop/file.pdf | grep "<script"
• D. cat < ~/Desktop/file.pdf | grep -i .exe

Answer: A

NEW QUESTION 7
A security analyst has received information from a third-party intelligence-sharing resource that indicates employee accounts were breached.
Which of the following is the NEXT step the analyst should take to address the issue?

• A. Audit access permissions for all employees to ensure least privilege.
• B. Force a password reset for the impacted employees and revoke any tokens.
• C. Configure SSO to prevent passwords from going outside the local network.
• D. Set up privileged access management to ensure auditing is enabled.

Answer: B

NEW QUESTION 8
During a cyber incident, which of the following is the BEST course of action?

• A. Switch to using a pre-approved, secure, third-party communication system.
• B. Keep the entire company informed to ensure transparency and integrity during the incident.
• C. Restrict customer communication until the severity of the breach is confirmed.
• D. Limit communications to pre-authorized parties to ensure response efforts remain confidential.

Answer: D

NEW QUESTION 9
For machine learning to be applied effectively toward security analysis automation, it requires.

• A. relevant training data.
• B. a threat feed API.
• C. a multicore, multiprocessor system.
• D. anomalous traffic signatures.

Answer: A

NEW QUESTION 10
A security analyst has been alerted to several emails that snow evidence an employee is planning malicious activities that involve employee Pll on the network before leaving the organization. The security analysis BEST response would be to coordinate with the legal department and:

• A. the public relations department
• B. senior leadership
• C. law enforcement
• D. the human resources department

Answer: D

NEW QUESTION 11
A security analyst conducted a risk assessment on an organization's wireless network and identified a high-risk element in the implementation of data confidentially protection. Which of the following is the BEST technical security control to mitigate this risk?

• A. Switch to RADIUS technology
• B. Switch to TACACS+ technology.
• C. Switch to 802 IX technology
• D. Switch to the WPA2 protocol.

Answer: B

NEW QUESTION 12
A security technician is testing a solution that will prevent outside entities from spoofing the company's email domain, which is comptia.org. The testing is successful, and the security technician is prepared to fully implement the solution.
Which of the following actions should the technician take to accomplish this task?

• A. Add TXT @ "v=spf1 mx include:_spf.comptia.org all" to the DNS record.
• B. Add TXT @ "v=spf1 mx include:_spf.comptia.org all" to the email server.
• C. Add TXT @ "v=spf1 mx include:_spf.comptia.org +all" to the domain controller.
• D. Add TXT @ "v=spf1 mx include:_spf.comptia.org +all" to the web server.

Answer: A

NEW QUESTION 13
A security analyst has discovered trial developers have installed browsers on all development servers in the company's cloud infrastructure and are using them to browse the Internet. Which of the following changes should the security analyst make to BEST protect the environment?

• A. Create a security rule that blocks Internet access in the development VPC
• B. Place a jumpbox m between the developers' workstations and the development VPC
• C. Remove the administrator profile from the developer user group in identity and access management
• D. Create an alert that is triggered when a developer installs an application on a server

Answer: A

NEW QUESTION 14
A security analyst is attempting to utilize the blowing threat intelligence for developing detection capabilities:

In which of the following phases is this APT MOST likely to leave discoverable artifacts?

• A. Data collection/exfiltration
• B. Defensive evasion
• C. Lateral movement
• D. Reconnaissance

Answer: A

NEW QUESTION 15
Which of the following technologies can be used to store digital certificates and is typically used in high-security implementations where integrity is paramount?

• A. HSM
• B. eFuse
• C. UEFI
• D. Self-encrypting drive

Answer: A

NEW QUESTION 16
An organization has several system that require specific logons Over the past few months, the security analyst has noticed numerous failed logon attempts followed by password resets. Which of the following should the analyst do to reduce the occurrence of legitimate failed logons and password resets?

• A. Use SSO across all applications
• B. Perform a manual privilege review
• C. Adjust the current monitoring and logging rules
• D. Implement multifactor authentication

Answer: B

NEW QUESTION 17
A security analyst has received reports of very slow, intermittent access to a public-facing corporate server. Suspecting the system may be compromised, the analyst runs the following commands:

Based on the output from the above commands, which of the following should the analyst do NEXT to further the investigation?

• A. Run crontab -r; rm -rf /tmp/.t to remove and disable the malware on the system.
• B. Examine the server logs for further indicators of compromise of a web application.
• C. Run kill -9 1325 to bring the load average down so the server is usable again.
• D. Perform a binary analysis on the /tmp/.t/t file, as it is likely to be a rogue SSHD server.

Answer: B

NEW QUESTION 18
Which of the following policies would slate an employee should not disable security safeguards, such as host firewalls and antivirus on company systems?

• A. Code of conduct policy
• B. Account management policy
• C. Password policy
• D. Acceptable use policy

Answer: D

NEW QUESTION 19
A small organization has proprietary software that is used internally. The system has not been well maintained and cannot be updated with the rest of the environment Which of the following is the BEST solution?

• A. Virtualize the system and decommission the physical machine.
• B. Remove it from the network and require air gapping.
• C. Only allow access to the system via a jumpbox
• D. Implement MFA on the specific system.

Answer: A

NEW QUESTION 20
A security analyst received an email with the following key: Xj3XJ3LLc
A second security analyst received an email with following key: 3XJ3xjcLLC
The security manager has informed the two analysts that the email they received is a key that allows access to the company’s financial segment for maintenance. This is an example of:

• A. dual control
• B. private key encryption
• C. separation of duties
• D. public key encryption
• E. two-factor authentication

Answer: A

NEW QUESTION 21
......