Harness the power of open-mindedness as you delve into the vast universe of knowledge contained within the CS0-002 dumps. Designed to cater to a modern learner\’s evolving needs, the CS0-002 dumps shine a spotlight on a diverse range of practice questions, facilitating a holistic understanding. Whether it\’s the crisp clarity of the PDFs that piques curiosity or the immersive experience of the VCE format that fosters engagement, the CS0-002 dumps are your companions in this journey. A pioneering study guide, in perfect harmony with the CS0-002 dumps, navigates the vast seas of knowledge, ensuring smooth sailing. Embracing the transformative potential of these tools, we proudly uphold our 100% Pass Guarantee.
Lay your hands on the free resources, featuring the latest CS0-002 practice answers in our dumps
Question 1:
A security analyst is running a routine vulnerability scan against a web farm. The farm consists of a single server acting as a load-balancing reverse proxy and offloads cryptographic processes to the backend servers. The backend servers consist of four servers that process the inquiries for the front end.
A web service SSL query of each server responds with the same output:
Connected (0x000003) depth=0 /0=farm.company.com/CN=farm.company.com/OU=Domain Control Validated Which of the following results BEST addresses these findings?
A. Advise the application development team that the SSL certificates on the backend servers should be revoked and reissued to match their hostnames
B. Notify the application development team of the findings and advise management of the results
C. Create an exception in the vulnerability scanner, as the results and false positives and can be ignored safely
D. Require that the application development team renews the farm certificate and includes a wildcard for the `local\’ domain in the certificate SAN field
Correct Answer: C
Question 2:
While reviewing a cyber-risk assessment, an analyst notes there are concerns related to FPGA usage. Which of the following statements would BEST convince the analyst\’s supervisor to use additional controls?
A. FPGAs are expensive and can only be programmed once. Code deployment safeguards are needed.
B. FPGAs have an inflexible architecture. Additional training for developers is needed.
C. FPGAs are vulnerable to malware installation and require additional protections for their codebase.
D. FPGAs are expensive to produce. Anti-counterfeiting safeguards are needed.
Correct Answer: C
Question 3:
A company recently experienced a break-in whereby a number of hardware assets were stolen through unauthorized access at the back of the building. Which of the following would BEST prevent this type of theft from occurring in the future?
A. Motion detection
B. Perimeter fencing
C. Monitored security cameras
D. Badged entry
Correct Answer: A
Question 4:
A vulnerability scan came back with critical findings for a Microsoft SharePoint server:
Which of the following actions should be taken?
A. Remove Microsoft Office from the server.
B. Document the finding as an exception.
C. Install a newer version of Microsoft Office on the server.
D. Patch Microsoft Office on the server.
Correct Answer: D
Question 5:
An analyst is responding 10 an incident involving an attack on a company-owned mobile device that was being used by an employee to collect data from clients in the held. Maiware was loaded on the device via the installation of a third-party software package The analyst has baselined the device.
Which of the following should the analyst do to BEST mitigate future attacks?
A. Implement MDM
B. Update the maiware catalog
C. Patch the mobile device\’s OS
D. Block third-party applications
Correct Answer: A
Question 6:
An organization is performing a risk assessment to prioritize resources for mitigation and remediation based on impact. Which of the following metrics, in addition to the CVSS for each CVE, would best enable the organization to prioritize is efforts?
A. OS type
B. OS or application versions
C. Patch availability
D. System architecture
E. Mission criticality
Correct Answer: E
Question 7:
A new policy requires the security team to perform web application and OS vulnerability scans. All of the company\’s web applications use federated authentication and are accessible via a central portal. Which of the following should be implemented to ensure a more thorough scan of the company\’s web application, while at the same time reducing false positives?
A. The vulnerability scanner should be configured to perform authenticated scans.
B. The vulnerability scanner should be installed on the web server.
C. The vulnerability scanner should implement OS and network service detection.
D. The vulnerability scanner should scan for known and unknown vulnerabilities.
Correct Answer: A
Question 8:
The help desk notified a security analyst that emails from a new email server are not being sent out. The new email server was recently added to the existing ones. The analyst runs the following command on the new server:
Given the output, which of the following should the security analyst check NEXT?
A. The DNS name of the new email server
B. The version of SPF that is being used
C. The IP address of the new email server
D. The DMARC policy
Correct Answer: A
Question 9:
A security operations team was alerted to abnormal DNS activity coming from a user\’s machine. The team performed a forensic investigation and discovered a host had been compromised. Malicious code was using DNS as a tunnel to extract data from the client machine, which had been leaked and transferred to an unsecure public Internet site. Which of the following BEST describes the attack?
A. Phishing
B. Pharming
C. Cache poisoning
D. Data exfiltration
Correct Answer: D
Question 10:
As part of a review of incident response plans, which of the following is MOST important for an organization to understand when establishing the breach notification period?
A. Organizational policies
B. Vendor requirements and contracts
C. Service-level agreements
D. Legal requirements
Correct Answer: D
Question 11:
Various devices are connecting and authenticating to a single evil twin within the network. Which of the following are MOST likely being targeted?
A. Mobile devices
B. All endpoints
C. VPNs
D. Network infrastructure
E. Wired SCADA devices
Correct Answer: A
Reference: http://www.corecom.com/external/livesecurity/eviltwin1.htm
Question 12:
An insurance company employs quick-response team drivers that carry corporate-issued mobile devices with the insurance company\’s app installed on them. Devices are configuration-hardened by an MDM and kept up to date. The employees use the app to collect insurance claim information and process payments. Recently, a number of customers have filed complaints of credit card fraud against the insurance company, which occurred shortly after their payments were processed via the mobile app. The cyber-incident response team has been asked to investigate. Which of the following is MOST likely the cause?
A. The MDM server is misconfigured.
B. The app does not employ TLS.
C. USB tethering is enabled.
D. 3G and less secure cellular technologies are not restricted.
Correct Answer: B
Question 13:
NOTE: Question IP must be 192.168.192.123
During a network reconnaissance engagement, a penetration tester was given perimeter firewall ACLs to accelerate the scanning process. The penetration tester has decided to concentrate on trying to brute force log in to destination IP address 192.168.192.132 via secure shell.
Given a source IP address of 10.10.10.30, which of the following ACLs will permit this access?
A. Option A
B. Option B
C. Option C
D. Option D
Correct Answer: C
Question 14:
An organization has a policy that requires servers to be dedicated to one function and unneeded services to be disabled. Given the following output from an Nmap scan of a web server:
Which of the following ports should be closed?
A. 22
B. 80
C. 443
D. 1433
Correct Answer: D
“servers to be dedicated to one function…” http/s and SQL are two functions. I will select D, but agree with folks that the question is horribly written, and the person who wrote it was most likely drunk.
Question 15:
An organization needs to limit its exposure to accidental disclosure when employees send emails that contain personal information to recipients outside the company
Which of the following technical controls would BEST accomplish this goal?
A. DLP
B. Encryption
C. Data masking
D. SPF
Correct Answer: A