Tag - CS0-001 exam

A vulnerability scan has returned the following information: Which of the following describes the meaning of these results?A . There is an unknown bug in a Lotus server with no Bugtraq IC . Connecting to the host using a null session allows enumeration of share names.D . Trend Micro has...

A cybersecurity analyst has received a report that multiple systems are experiencing slowness as a result of a DDoS attack. Which of the following would be the BEST action for the cybersecurity analyst to perform?A . Continue monitoring critical systems.B . Shut down all server interfaces.C . Inform management of...

A cybersecurity analyst has several SIEM event logs to review for possible APT activity. The analyst was given several items that include lists of indicators for both IP addresses and domains. Which of the following actions is the BEST approach for the analyst to perform?A . Use the IP addresses...

An alert has been distributed throughout the information security community regarding a critical Apache vulnerability. Which of the following courses of action would ONLY identify the known vulnerability?A . Perform an unauthenticated vulnerability scan on all servers in the environment.B . Perform a scan for the specific vulnerability on all...

A system administrator recently deployed and verified the installation of a critical patch issued by the company’s primary OS vendor. This patch was supposed to remedy a vulnerability that would allow an adversary to remotely execute code from over the network. However, the administrator just ran a vulnerability assessment of...

A security audit revealed that port 389 has been used instead of 636 when connecting to LDAP for the authentication of users. The remediation recommended by the audit was to switch the port to 636 wherever technically possible. Which of the following is the BEST response?A . Correct the audit....

An administrator has been investigating the way in which an actor had been exfiltrating confidential data from a web server to a foreign host. After a thorough forensic review, the administrator determined the server’s BIOS had been modified by rootkit installation. After removing the rootkit and flashing the BIOS to...

Which of the following best practices is used to identify areas in the network that may be vulnerable to penetration testing from known external sources?A . Blue team training exercisesB . Technical control reviewsC . White team training exercisesD . Operational control reviewsView AnswerAnswer: A

A cybersecurity analyst is conducting a security test to ensure that information regarding the web server is protected from disclosure. The cybersecurity analyst requested an HTML file from the web server, and the response came back as follows: Which of the following actions should be taken to remediate this security...

A reverse engineer was analyzing malware found on a retailer’s network and found code extracting track data in memory. Which of the following threats did the engineer MOST likely uncover?A . POS malwareB . RootkitC . Key loggerD . RansomwareView AnswerAnswer: A