CS0-002

Because some clients have reported unauthorized activity on their accounts, a security analyst is reviewing network packet captures from the company's API server. A portion of a capture file is shown below: POST /services/v1_0/Public/Members.svc/soap <s:Envelope+xmlns:s="http://schemas.s/soap/envelope/"><s:Body><GetIPLocation+xmlns="http://tempuri.org/"> <request+xmlns:a="http://schemas.somesite.org"+xmlns:i="http://www.w3.org/2001/XMLSchema-instance"></s:Body></s:Envelope> 192.168.1.22 --api.somesite.com 200 0 1006 1001 0 192.168.1.22 POST /services/v1_0/Public/Members.svc/soap <<a:Password>Password123</a:Password><a:ResetPasswordToken+i:nil="true"/> <a:ShouldImpersonatedAuthenticationBePopulated+i:nil="true"/><a:Username>[email protected]</a:Username></request></Login></s:Body></s:Envelope> 192.168.5.66 --api.somesite.com...

During an investigation, an analyst discovers the following rule in an executive’s email client: IF * TO <[email protected]> THEN mailto: <[email protected]> SELECT FROM ‘sent’ THEN DELETE FROM <[email protected]> The executive is not aware of this rule. Which of the following should the analyst do FIRST to evaluate the potential impact...

A security analyst is attempting to utilize the blowing threat intelligence for developing detection capabilities: In which of the following phases is this APT MOST likely to leave discoverable artifacts?A . Data collection/exfiltrationB . Defensive evasionC . Lateral movementD . ReconnaissanceView AnswerAnswer: A

Which of the following types of policies is used to regulate data storage on the network?A . PasswordB . Acceptable useC . Account managementD . RetentionView AnswerAnswer: D Explanation: Reference: http://www.css.edu/administration/information-technologies/computing-policies/computer-and-network-policies.html

A network attack that is exploiting a vulnerability in the SNMP is detected. Which of the following should the cybersecurity analyst do FIRST?A . Apply the required patches to remediate the vulnerability.B . Escalate the incident to senior management for guidance.C . Disable all privileged user accounts on the network.D...

Which of the following should a database administrator implement to BEST protect data from an untrusted server administrator?A . Data encryptionB . Data deidentificationC . Data maskingD . Data minimizationView AnswerAnswer: A

A security analyst is reviewing the network security monitoring logs listed below: Which of the following is the analyst MOST likely observing? (Select TWO).A . 10.1.1.128 sent malicious requests, and the alert is a false positive.B . 10.1.1.129 sent potential malicious requests to the web server.C . 10.1.1.129 sent non-malicious...

A security analyst is supporting an embedded software team. Which of the following is the BEST recommendation to ensure proper error handling at runtime?A . Perform static code analysis.B . Require application fuzzing.C . Enforce input validationD . Perform a code reviewView AnswerAnswer: B

Which of the following data security controls would work BEST to prevent real Pll from being used in an organization's test cloud environment?A . Digital rights managementB . EncryptionC . Access controlD . Data loss preventionE . Data maskingView AnswerAnswer: E

The security team at a large corporation is helping the payment-processing team to prepare for a regulatory compliance audit and meet the following objectives: ✑ Reduce the number of potential findings by the auditors. ✑ Limit the scope of the audit to only devices used by the payment-processing team for...