Exam Logo

Comptia (CS0-002) Exam Questions And Answers page 21

A Chief Information Security Officer (CISO) wants to upgrade an organization's security posture by improving proactive activities associated with attacks from internal and external threats.

Which of the following is the MOST proactive tool or technique that feeds incident response capabilities?
Cyber Incident Response Security Architecture and Tool Sets
A cybersecurity analyst has access to several threat feeds and wants to organize them while simultaneously comparing intelligence against network traffic.

Which of the following would BEST accomplish this goal?
Threat Management Cybersecurity Tool Sets
A security analyst is reviewing the following log from an email security service.


Which of the following BEST describes the reason why the email was blocked?
Security Architecture and Tool Sets Security Operations and Monitoring
A remote code execution vulnerability was discovered in the RDP. An organization currently uses RDP for remote access to a portion of its VDI environment. The analyst verified network-level authentication is enabled. Which of the following is the BEST remediation for this vulnerability?
Security Architecture and Tool Sets Cybersecurity Tool Sets
An analyst is reviewing the following code output of a vulnerability scan:


Which of the following types of vulnerabilities does this MOST likely represent?
Security Architecture and Tool Sets Cybersecurity Tool Sets
SIMULATION

Welcome to the Enterprise Help Desk System. Please work the ticket escalated to you in the help desk ticket queue.

INSTRUCTIONS

Click on the ticket to see the ticket details. Additional content is available on tabs within the ticket.

First, select the appropriate issue from the drop-down menu. Then, select the MOST likely root cause from second drop-down menu.

If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.






Threat Management Security Operations and Monitoring
An organization supports a large number of remote users. Which of the following is the BEST option to protect the data on the remote users laptops?
Security Operations and Monitoring
A security analyst reviews the following aggregated output from an Nmap scan and the border firewall ACL:


Which of the following should the analyst reconfigure to BEST reduce organizational risk while maintaining current functionality?
Security Operations and Monitoring
A user's computer has been running slowly when the user tries to access web pages. A security analyst runs the command netstat -aon from the command line and receives the following output:


Which of the following lines indicates the computer may be compromised?
Security Operations and Monitoring
A security analyst is investigating malicious traffic from an internal system that attempted to download proxy avoidance as identified from the firewall logs, but the destination IP is blocked and not captured. Which of the following should the analyst do?
Threat Management Cyber Incident Response