Exam Logo

Comptia (CS0-002) Exam Questions And Answers page 11

While planning segmentation for an ICS environment, a security engineer determines IT resources will need access to devices within the ICS environment without compromising security.

To provide the MOST secure access model in this scenario, the jumpbox should be __________.
Security Architecture and Tool Sets Security Operations and Monitoring
Because some clients have reported unauthorized activity on their accounts, a security analyst is reviewing network packet captures from the company's API server. A portion of a capture file is shown below:


Which of the following MOST likely explains how the clients' accounts were compromised?
Threat Management Cyber Incident Response
A small marketing firm uses many SaaS applications that hold sensitive information. The firm has discovered terminated employees are retaining access to systems for many weeks after their end date. Which of the following would BEST resolve the issue of lingering access?
Threat Management Cybersecurity Tool Sets
A security analyst is reviewing a web application. If an unauthenticated user tries to access a page in the application, the user is redirected to the login page. After successful authentication, the user is then redirected back to the original page. Some users have reported receiving phishing emails with a link that takes them to the application login page but then redirects to a fake login page after successful authentication.

Which of the following will remediate this software vulnerability?
Cyber Incident Response Cybersecurity Tool Sets
An analyst is reviewing the following code output of a vulnerability scan:


Which of the following types of vulnerabilities does this MOST likely represent?
Security Architecture and Tool Sets Cybersecurity Tool Sets
SIMULATION

You are a cybersecurity analyst tasked with interpreting scan data from Company A's servers. You must verify the requirements are being met for all of the servers and recommend changes if you find they are not.

The company's hardening guidelines indicate the following:

" TLS 1.2 is the only version of TLS running.
" Apache 2.4.18 or greater should be used.
" Only default ports should be used.

INSTRUCTIONS

Using the supplied data, record the status of compliance with the company's guidelines for each server.

The question contains two parts: make sure you complete Part 1 and Part 2. Make recommendations for issues based ONLY on the hardening guidelines provided.





Cybersecurity Tool Sets Compliance and Assessment
A security analyst discovers accounts in sensitive SaaS-based systems are not being removed in a timely manner when an employee leaves the organization. To BEST resolve the issue, the organization should implement:
Threat Management Cybersecurity Tool Sets
A security analyst is reviewing vulnerability scan results and notices new workstations are being flagged as having outdated antivirus signatures. The analyst observes the following plugin output:


The analyst uses the vendor's website to confirm the oldest supported version is correct.

Which of the following BEST describes the situation?
Threat Management Cybersecurity Tool Sets
An organization that uses SPF has been notified emails sent via its authorized third-party partner are getting rejected. A security analyst reviews the DNS entry and sees the following:

v=spf1 ip4:180.10.6.5 ip4:180.10.6.10 include:robustmail.com all

The organization s primary mail server IP is 180.10.6.6, and the secondary mail server IP is 180.10.6.5. The organization s third-party mail provider is Robust Mail with the domain name robustmail.com. Which of the following is the MOST likely reason for the rejected emails?
Threat Management Security Architecture and Tool Sets
A security analyst is conducting a post-incident log analysis to determine which indicators can be used to detect further occurrences of a data exfiltration incident. The analyst determines backups were not performed during this time and reviews the following:


Which of the following should the analyst review to find out how the data was exfiltrated?
Cyber Incident Response Cybersecurity Tool Sets