Exam Logo

Comptia (CS0-002) Exam Questions And Answers page 24

A security analyst working in the SOC recently discovered instances in which hosts visited a specific set of domains and IPs and became infected with malware. Which of the following is the MOST appropriate action to take in this situation?
Cyber Incident Response Security Operations and Monitoring
A product manager is working with an analyst to design a new application that will perform as a data analytics platform and will be accessible via a web browser. The product manager suggests using a PaaS provider to host the application.

Which of the following is a security concern when using a PaaS solution?
Security Operations and Monitoring
A security analyst has been alerted to several emails that show evidence an employee is planning malicious activities that involve employee PII on the network before leaving the organization. The security analyst s BEST response would be to coordinate with the legal department and:
Threat Management Cyber Incident Response
A security analyst is investigating a system compromise. The analyst verifies the system was up to date on OS patches at the time of the compromise. Which of the following describes the type of vulnerability that was MOST likely exploited?
Threat Management Cyber Incident Response
Given the Nmap request below:


Which of the following actions will an attacker be able to initiate directly against this host?
Security Operations and Monitoring
Massivelog.log has grown to 40GB on a Windows server. At this size, local tools are unable to read the file, and it cannot be moved off the virtual server where it is located. Which of the following lines of PowerShell script will allow a user to extract the last 10,000 lines of the log for review?
Security Operations and Monitoring
A security analyst is reviewing the logs from an internal chat server. The chat.log file is too large to review manually, so the analyst wants to create a shorter log file that only includes lines associated with a user demonstrating anomalous activity. Below is a snippet of the log:


Which of the following commands would work BEST to achieve the desired result?
Security Operations and Monitoring
Employees of a large financial company are continuously being infected by strands of malware that are not detected by EDR tools. Which of the following is the BEST security control to implement to reduce corporate risk while allowing employees to exchange files at client sites?
Threat Management Cyber Incident Response
A security analyst is evaluating two vulnerability management tools for possible use in an organization. The analyst set up each of the tools according to the respective vendor's instructions and generated a report of vulnerabilities that ran against the same target server.

Tool A reported the following:


Tool B reported the following:


Which of the following BEST describes the method used by each tool? (Choose two.)
Security Operations and Monitoring
Which of the following software security best practices would prevent an attacker from being able to run arbitrary SQL commands within a web application? (Choose two.)
Threat Management Cyber Incident Response