CS0-002

A security analyst has discovered trial developers have installed browsers on all development servers in the company's cloud infrastructure and are using them to browse the Internet. Which of the following changes should the security analyst make to BEST protect the environment?A . Create a security rule that blocks Internet...

A security architect is reviewing the options for performing input validation on incoming web form submissions. Which of the following should the architect as the MOST secure and manageable option?A . Client-side whitelistingB . Server-side whitelistingC . Server-side blacklistingD . Client-side blacklistingView AnswerAnswer: B

A security analyst is investigating a malware infection that occurred on a Windows system. The system was not connected to a network and had no wireless capability Company policy prohibits using portable media or mobile storage. The security analyst is trying to determine which user caused the malware to get...

Which of the following assessment methods should be used to analyze how specialized software performs during heavy loads?A . Stress testB . API compatibility lestC . Code reviewD . User acceptance testE . Input validationView AnswerAnswer: A

A security analyst has a sample of malicious software and needs to know what the sample does. The analyst runs the sample in a carefully controlled and monitored virtual machine to observe the software behavior. Which of the following malware analysis approaches is this?A . White box testingB . FuzzingC...

HOTSPOT Welcome to the Enterprise Help Desk System. Please work the ticket escalated to you in the desk ticket queue. INSTRUCTIONS Click on me ticket to see the ticket details Additional content is available on tabs within the ticket First, select the appropriate issue from the drop-down menu. Then, select...

A company's modem response team is handling a threat that was identified on the network Security analysts have as at remote sites. Which of the following is the MOST appropriate next step in the incident response plan?A . Quarantine the web serverB . Deploy virtual firewallsC . Capture a forensic...

A security analyst is conducting a post-incident log analysis to determine which indicators can be used to detect further occurrences of a data exfiltration incident. The analyst determines backups were not performed during this time and reviews the following: Which of the following should the analyst review to find out...

As part of a review of incident response plans, which of the following is MOST important for an organization to understand when establishing the breach notification period?A . Organizational policiesB . Vendor requirements and contractsC . Service-level agreementsD . Legal requirementsView AnswerAnswer: D

Which of the following software security best practices would prevent an attacker from being able to run arbitrary SQL commands within a web application? (Choose two.)A . Parameterized queriesB . Session managementC . Input validationD . Output encodingE . Data protectionF . AuthenticationView AnswerAnswer: A,C Explanation: Reference: https://www.ptsecurity.com/ww-en/analytics/knowledge-base/how-to-prevent-sql-injection-attacks/