CS0-002 V1

During a cyber incident, which of the following is the BEST course of action?A . Switch to using a pre-approved, secure, third-party communication system.B . Keep the entire company informed to ensure transparency and integrity during the incident.C . Restrict customer communication until the severity of the breach is confirmed.D...

Ann, a user, reports to the security team that her browser began redirecting her to random sites while using her Windows laptop. Ann further reports that the OS shows the C: drive is out of space despite having plenty of space recently. Ann claims she not downloaded anything. The security...

Which of the following should be found within an organization's acceptable use policy?A . Passwords must be eight characters in length and contain at least one special character.B . Customer data must be handled properly, stored on company servers, and encrypted when possibleC . Administrator accounts must be audited monthly,...

Which of the following software security best practices would prevent an attacker from being able to run arbitrary SQL commands within a web application? (Choose two.)A . Parameterized queriesB . Session managementC . Input validationD . Output encodingE . Data protectionF . AuthenticationView AnswerAnswer: A, C Explanation: Reference: https://www.ptsecurity.com/ww-en/analytics/knowledge-base/how-to-prevent-sql-injection-attacks/

During routine monitoring, a security analyst discovers several suspicious websites that are communicating with a local host. The analyst queries for IP 192.168.50.2 for a 24-hour period: To further investigate, the analyst should request PCAP for SRC 192.168.50.2 and.A . DST 138.10.2.5.B . DST 138.10.25.5.C . DST 172.10.3.5.D . DST...

A security analyst has a sample of malicious software and needs to know what the sample does?. The analyst runs the sample in a carefully controlled and monitored virtual machine to observe the software behavior. Which of the following malware analysis approaches is this?A . White box testingB . FuzzingC...

During an investigation, a security analyst identified machines that are infected with malware the antivirus was unable to detect. Which of the following is the BEST place to acquire evidence to perform data carving?A . The system memoryB . The hard driveC . Network packetsD . The Windows RegistryView AnswerAnswer:...

A security team wants to make SaaS solutions accessible from only the corporate campus. Which of the following would BEST accomplish this goal?A . GeofencingB . IP restrictionsC . Reverse proxyD . Single sign-onView AnswerAnswer: A Explanation: Reference: https://bluedot.io/library/what-is-geofencing/

A security analyst suspects a malware infection was caused by a user who downloaded malware after clicking http://<malwaresource>/A.php in a phishing email. To prevent other computers from being infected by the same malware variation, the analyst should create a rule on the. A. email server that automatically deletes attached executables....

It is important to parameterize queries to prevent:A . the execution of unauthorized actions against a database.B . a memory overflow that executes code with elevated privileges.C . the esrtablishment of a web shell that would allow unauthorized access.D . the queries from using an outdated library with security vulnerabilities.View...