CS0-002 V1

A security analyst for a large financial institution is creating a threat model for a specific threat actor that is likely targeting an organization's financial assets. Which of the following is the BEST example of the level of sophistication this threat actor is using?A . Social media accounts attributed to...

A security analyst received an alert from the SIEM indicating numerous login attempts from users outside their usual geographic zones, all of which were initiated through the web-based mail server. The logs indicate all domain accounts experienced two login attempts during the same time frame. Which of the following is...

An organization is moving its infrastructure to the cloud in an effort to meet the budget and reduce staffing requirements. The organization has three environments: development, testing, and production. These environments have interdependencies but must remain relatively segmented. Which of the following methods would BEST secure the company's infrastructure and...

A security analyst has received reports of very slow, intermittent access to a public-facing corporate server. Suspecting the system may be compromised, the analyst runs the following commands: Based on the output from the above commands, which of the following should the analyst do NEXT to further the investigation?A ....

A security analyst is reviewing a web application. If an unauthenticated user tries to access a page in the application, the user is redirected to the login page. After successful authentication, the user is then redirected back to the original page. Some users have reported receiving phishing emails with a...

Which of the following would MOST likely be included in the incident response procedure after a security breach of customer PII?A . Human resourcesB . Public relationsC . MarketingD . Internal network operations centerView AnswerAnswer: B

A security analyst is reviewing the following log from an email security service. Which of the following BEST describes the reason why the email was blocked? A. The To address is invalid. B. The email originated from the www.spamfilter.org URL. C. The IP address and the remote server name are...

A security architect is reviewing the options for performing input validation on incoming web form submissions. Which of the following should the architect as the MOST secure and manageable option?A . Client-side whitelistingB . Server-side whitelistingC . Server-side blacklistingD . Client-side blacklistingView AnswerAnswer: B

A security analyst is reviewing vulnerability scan results and notices new workstations are being flagged as having outdated antivirus signatures. The analyst observes the following plugin output: Antivirus is installed on the remote host: Installation path: C:Program FilesAVProductWin32 Product Engine: 14.12.101 Engine Version: 3.5.71 Scanner does not currently have information...

A security analyst is evaluating two vulnerability management tools for possible use in an organization. The analyst set up each of the tools according to the respective vendor's instructions and generated a report of vulnerabilities that ran against the same target server. Tool A reported the following: Tool B reported...