CS0-002

A security analyst is investigating a system compromise. The analyst verities the system was up to date on OS patches at the time of the compromise. Which of the following describes the type of vulnerability that was MOST likely expiated?A . Insider threatB . Buffer overflowC . Advanced persistent threatD...

When attempting to do a stealth scan against a system that does not respond to ping, which of the following Nmap commands BEST accomplishes that goal?A . nmap CsA CO <system> -nopingB . nmap CsT CO <system> -P0C . nmap CsS CO <system> -P0D . nmap CsQ CO <system> -P0View...

During routine monitoring, a security analyst discovers several suspicious websites that are communicating with a local host. The analyst queries for IP 192.168.50.2 for a 24-hour period: To further investigate, the analyst should request PCAP for SRC 192.168.50.2 and.A . DST 138.10.2.5.B . DST 138.10.25.5.C . DST 172.10.3.5.D . DST...

A Chief Security Officer (CSO) is working on the communication requirements (or an organization's incident response plan. In addition to technical response activities, which of the following is the main reason why communication must be addressed in an effective incident response program?A . Public relations must receive information promptly in...

An organization wants to move non-essential services into a cloud computing environment. Management has a cost focus and would like to achieve a recovery time objective of 12 hours. Which of the following cloud recovery strategies would work BEST to attain the desired outcome?A . Duplicate all services in another...

A system’s authority to operate (ATO) is set to expire in four days. Because of other activities and limited staffing, the organization has neglected to start reauthentication activities until now. The cybersecurity group just performed a vulnerability scan with the partial set of results shown below: Based on the scenario...

A security analyst is reviewing the logs from an internal chat server. The chat.log file is too large to review manually, so the analyst wants to create a shorter log file that only includes lines associated with a user demonstrating anomalous activity. Below is a snippet of the log: Which...

As a proactive threat-hunting technique, hunters must develop situational cases based on likely attack scenarios derived from the available threat intelligence information. After forming the basis of the scenario, which of the following may the threat hunter construct to establish a framework for threat assessment?A . Critical asset listB ....

A company's security administrator needs to automate several security processes related to testing for the existence of changes within the environment Conditionally other processes will need to be created based on input from prior processes Which of the following is the BEST method for accomplishing this task?A . Machine learning...

An analyst performs a routine scan of a host using Nmap and receives the following output: Which of the following should the analyst investigate FIRST?A . Port 21B . Port 22C . Port 23D . Port 80View AnswerAnswer: A