CS0-002

An analyst is performing penetration testing and vulnerability assessment activities against a new vehicle automation platform. Which of the following is MOST likely an attack vector that is being utilized as part of the testing and assessment?A . FaaSB . RTOSC . SoCD . GPSE . CAN busView AnswerAnswer: E

A security analyst is supporting an embedded software team. Which of the following is the BEST recommendation to ensure proper error handling at runtime?A . Perform static code analysis.B . Require application fuzzing.C . Enforce input validationD . Perform a code reviewView AnswerAnswer: B

A cybersecurity analyst is contributing to a team hunt on an organization's endpoints. Which of the following should the analyst do FIRST?A . Write detection logic.B . Establish a hypothesis.C . Profile the threat actors and activities.D . Perform a process analysis.View AnswerAnswer: C Reference: https://www.cybereason.com/blog/blog-the-eight-steps-to-threat-hunting

While analyzing logs from a WAF, a cybersecurity analyst finds the following: Which of the following BEST describes what the analyst has found?A . This is an encrypted GET HTTP requestB . A packet is being used to bypass the WAFC . This is an encrypted packetD . This is...

A pharmaceutical company's marketing team wants to send out notifications about new products to alert users of recalls and newly discovered adverse drug reactions. The team plans to use the names and mailing addresses that users have provided. Which of the following data privacy standards does this violate?A . Purpose...

A security analyst reviews the following aggregated output from an Nmap scan and the border firewall ACL: Which of the following should the analyst reconfigure to BEST reduce organizational risk while maintaining current functionality?A . PC1B . PC2C . Server1D . Server2E . FirewallView AnswerAnswer: B

While planning segmentation for an ICS environment, a security engineer determines IT resources will need access to devices within the ICS environment without compromising security. To provide the MOST secure access model in this scenario, the jumpbox should be.A . placed in an isolated network segment, authenticated on the IT...

It is important to parameterize queries to prevent:A . the execution of unauthorized actions against a database.B . a memory overflow that executes code with elevated privileges.C . the establishment of a web shell that would allow unauthorized access.D . the queries from using an outdated library with security vulnerabilities.View...

D18912E1457D5D1DDCBD40AB3BF70D5D A security analyst scanned an internal company subnet and discovered a host with the following Nmap output. Based on the output of this Nmap scan, which of the following should the analyst investigate FIRST?A . Port 22B . Port 135C . Port 445D . Port 3389View AnswerAnswer: B

An audit has revealed an organization is utilizing a large number of servers that are running unsupported operating systems. As part of the management response phase of the audit, which of the following would BEST demonstrate senior management is appropriately aware of and addressing the issue?A . Copies of prior...