Tag - CS0-002 exam

A company's security administrator needs to automate several security processes related to testing for the existence of changes within the environment Conditionally other processes will need to be created based on input from prior processes Which of the following is the BEST method for accomplishing this task?A . Machine learning...

An analyst performs a routine scan of a host using Nmap and receives the following output: Which of the following should the analyst investigate FIRST?A . Port 21B . Port 22C . Port 23D . Port 80View AnswerAnswer: A

Because some clients have reported unauthorized activity on their accounts, a security analyst is reviewing network packet captures from the company's API server. A portion of a capture file is shown below: POST /services/v1_0/Public/Members.svc/soap <s:Envelope+xmlns:s="http://schemas.s/soap/envelope/"><s:Body><GetIPLocation+xmlns="http://tempuri.org/"> <request+xmlns:a="http://schemas.somesite.org"+xmlns:i="http://www.w3.org/2001/XMLSchema-instance"></s:Body></s:Envelope> 192.168.1.22 --api.somesite.com 200 0 1006 1001 0 192.168.1.22 POST /services/v1_0/Public/Members.svc/soap <<a:Password>Password123</a:Password><a:ResetPasswordToken+i:nil="true"/> <a:ShouldImpersonatedAuthenticationBePopulated+i:nil="true"/><a:Username>[email protected]</a:Username></request></Login></s:Body></s:Envelope> 192.168.5.66 --api.somesite.com...

During an investigation, an analyst discovers the following rule in an executive’s email client: IF * TO <[email protected]> THEN mailto: <[email protected]> SELECT FROM ‘sent’ THEN DELETE FROM <[email protected]> The executive is not aware of this rule. Which of the following should the analyst do FIRST to evaluate the potential impact...

A security analyst is attempting to utilize the blowing threat intelligence for developing detection capabilities: In which of the following phases is this APT MOST likely to leave discoverable artifacts?A . Data collection/exfiltrationB . Defensive evasionC . Lateral movementD . ReconnaissanceView AnswerAnswer: A

Which of the following types of policies is used to regulate data storage on the network?A . PasswordB . Acceptable useC . Account managementD . RetentionView AnswerAnswer: D Explanation: Reference: http://www.css.edu/administration/information-technologies/computing-policies/computer-and-network-policies.html

A network attack that is exploiting a vulnerability in the SNMP is detected. Which of the following should the cybersecurity analyst do FIRST?A . Apply the required patches to remediate the vulnerability.B . Escalate the incident to senior management for guidance.C . Disable all privileged user accounts on the network.D...

Which of the following should a database administrator implement to BEST protect data from an untrusted server administrator?A . Data encryptionB . Data deidentificationC . Data maskingD . Data minimizationView AnswerAnswer: A

A security analyst is reviewing the network security monitoring logs listed below: Which of the following is the analyst MOST likely observing? (Select TWO).A . 10.1.1.128 sent malicious requests, and the alert is a false positive.B . 10.1.1.129 sent potential malicious requests to the web server.C . 10.1.1.129 sent non-malicious...

A security analyst is supporting an embedded software team. Which of the following is the BEST recommendation to ensure proper error handling at runtime?A . Perform static code analysis.B . Require application fuzzing.C . Enforce input validationD . Perform a code reviewView AnswerAnswer: B