CS0-002 V1

SIMULATION You are a cybersecurity analyst tasked with interpreting scan data from Company A's servers. You must verify the requirements are being met for all of the servers and recommend changes if you find they are not. The company's hardening guidelines indicate the following: • TLS 1.2 is the only...

Which of the following types of policies is used to regulate data storage on the network?A . PasswordB . Acceptable useC . Account managementD . RetentionView AnswerAnswer: D Explanation: Reference: http://www.css.edu/administration/information-technologies/computing-policies/computer-and-network-policies.html

Ransomware is identified on a company's network that affects both Windows and MAC hosts. The command and control channel for encryption for this variant uses TCP ports from 11000 to 65000. The channel goes to good1. Iholdbadkeys.com, which resolves to IP address 72.172.16.2. Which of the following is the MOST...

A security analyst needs to reduce the overall attack surface. Which of the following infrastructure changes should the analyst recommend?A . Implement a honeypot.B . Air gap sensitive systems.C . Increase the network segmentation.D . Implement a cloud-based architecture.View AnswerAnswer: C Explanation: Reference: https://www.securitymagazine.com/articles/89283-ways-to-reduce-your-attack-surface

A company was recently awarded several large government contracts and wants to determine its current risk from one specific APT. Which of the following threat modeling methodologies would be the MOST appropriate to use during this analysis?A . Attack vectorsB . Adversary capabilityC . Diamond Model of Intrusion AnalysisD ....

A security analyst is building a malware analysis lab. The analyst wants to ensure malicious applications are not capable of escaping the virtual machines and pivoting to other networks. To BEST mitigate this risk, the analyst should use.A . an 802.11ac wireless bridge to create an air gap.B . a...

An information security analyst observes anomalous behavior on the SCADA devices in a power plant. This behavior results in the industrial generators overheating and destabilizing the power supply. Which of the following would BEST identify potential indicators of compromise?A . Use Burp Suite to capture packets to the SCADA device's...

A pharmaceutical company's marketing team wants to send out notifications about new products to alert users of recalls and newly discovered adverse drug reactions. The team plans to use the names and mailing addresses that users have provided. Which of the following data privacy standards does this violate?A . Purpose...

A web developer wants to create a new web part within the company website that aggregates sales from individual team sites. A cybersecurity analyst wants to ensure security measurements are implemented during this process. Which of the following remediation actions should the analyst take to implement a vulnerability management process?A...

While planning segmentation for an ICS environment, a security engineer determines IT resources will need access to devices within the ICS environment without compromising security. To provide the MOST secure access model in this scenario, the jumpbox should be.A . placed in an isolated network segment, authenticated on the IT...