Comptia (CS0-002) Exam Questions And Answers page 18
A company s marketing emails are either being found in a spam folder or not being delivered at all. The security analyst investigates the issue and discovers the emails in question are being sent on behalf of the company by a third party, mail.marketing.com. Below is the existing SPF record:
v=spf1 a mx -all
Which of the following updates to the SPF record will work BEST to prevent the emails from being marked as spam or blocked?
v=spf1 a mx -all
Which of the following updates to the SPF record will work BEST to prevent the emails from being marked as spam or blocked?
v=spf1 a mx include:mail.marketing.com -all
v=spf1 a mx +all
v=spf1 a mx include:mail.marketing.com ~all
Threat Management
Security Operations and Monitoring
A security analyst is reviewing the following requirements for new time clocks that will be installed in a shipping warehouse:
• The clocks must be configured so they do not respond to ARP broadcasts.
• The server must be configured with static ARP entries for each clock.
Which of the following types of attacks will this configuration mitigate?
• The clocks must be configured so they do not respond to ARP broadcasts.
• The server must be configured with static ARP entries for each clock.
Which of the following types of attacks will this configuration mitigate?
Spoofing
Overflows
Rootkits
Sniffing
Security Architecture and Tool Sets
A pharmaceutical company's marketing team wants to send out notifications about new products to alert users of recalls and newly discovered adverse drug reactions. The team plans to use the names and mailing addresses that users have provided.
Which of the following data privacy standards does this violate?
Which of the following data privacy standards does this violate?
Purpose limitation
Sovereignty
Data minimization
Retention
Compliance and Assessment
Clients are unable to access a company s API to obtain pricing data. An analyst discovers sources other than clients are scraping the API for data, which is causing the servers to exceed available resources. Which of the following would be BEST to protect the availability of the APIs?
IP whitelisting
Certificate-based authentication
Virtual private network
Web application firewall
Security Operations and Monitoring
An organization s network administrator uncovered a rogue device on the network that is emulating the characteristics of a switch. The device is trunking protocols and inserting tagging values to control the flow of traffic at the data link layer. Which of the following BEST describes the attack?
DNS pharming
VLAN hopping
Spoofing
Injection attack
Security Architecture and Tool Sets
Cybersecurity Tool Sets
A security analyst needs to assess the web server versions on a list of hosts to determine which are running a vulnerable version of the software and output that list into an XML file named webserverlist.xml. The host list is provided in a file named webserverlist.txt. Which of the following Nmap commands would BEST accomplish this goal?
nmap -iL webserverlist.txt -sC -p 443 -oX webserverlist.xml
nmap -iL webserverlist.txt -sV -p 443 -oX webserverlist.xml
nmap -iL webserverlist.txt -F -p 443 -oX webserverlist.xml
nmap --takefile webserverlist.txt --outputfileasXML webserverlist.xml scanports 443
Security Operations and Monitoring
While reviewing a cyber-risk assessment, an analyst notes there are concerns related to FPGA usage. Which of the following statements would BEST convince the analyst s supervisor to use additional controls?
FPGAs are expensive and can only be programmed once. Code deployment safeguards are needed.
FPGAs have an inflexible architecture. Additional training for developers is needed.
FPGAs are vulnerable to malware installation and require additional protections for their codebase.
FPGAs are expensive to produce. Anti-counterfeiting safeguards are needed.
Security Architecture and Tool Sets
Security Operations and Monitoring
An organization s Chief Information Security Officer (CISO) has asked department leaders to coordinate on communication plans that can be enacted in response to different cybersecurity incident triggers. Which of the following is a benefit of having these communication plans?
They can help to prevent the inadvertent release of damaging information outside the organization.
They can help to limit the spread of worms by coordinating with help desk personnel earlier in the recovery phase.
They can quickly inform the public relations team to begin coordinating with the media as soon as a breach is detected.
They can help to keep the organization s senior leadership informed about the status of patching during the recovery phase.
Cyber Incident Response
Security Operations and Monitoring
What is the destination IP address?
Single Choice
During routine monitoring, a security analyst discovers several suspicious websites that are communicating with a local host. The analyst queries for IP 192.168.50.2 for a 24-hour period:
To further investigate, the analyst should request PCAP for SRC 192.168.50.2 and __________.
To further investigate, the analyst should request PCAP for SRC 192.168.50.2 and __________.
DST 138.10.2.5.
DST 138.10.25.5.
DST 172.10.3.5.
DST 172.10.45.5.
DST 175.35.20.5.
Threat Management
Security Architecture and Tool Sets
What could account for the disparity in outcomes?
Single Choice
A security analyst is trying to determine if a host is active on a network. The analyst first attempts the following:
The analyst runs the following command next:
Which of the following would explain the difference in results?
The analyst runs the following command next:
Which of the following would explain the difference in results?
ICMP is being blocked by a firewall.
The routing tables for ping and hping3 were different.
The original ping command needed root permission to execute.
hping3 is returning a false positive.
Security Operations and Monitoring
Comments