Exam Logo

Comptia (CS0-002) Exam Questions And Answers page 25

A SIEM solution alerts a security analyst of a high number of login attempts against the company's webmail portal. The analyst determines the login attempts used credentials from a past data breach.

Which of the following is the BEST mitigation to prevent unauthorized access?
Threat Management Cyber Incident Response
An organization used a third party to conduct a security audit and discovered several deficiencies in the cybersecurity program. The findings noted many external vulnerabilities that were not caught by the vulnerability scanning software, numerous weaknesses that allowed lateral movement, and gaps in monitoring that did not detect the activity of the auditors. Based on these findings, which of the following would be the BEST long-term enhancement to the security program?
Cybersecurity Tool Sets Compliance and Assessment
An information security analyst discovered a virtual machine server was compromised by an attacker. Which of the following should be the FIRST step to confirm and respond to the incident?
Cyber Incident Response
An information security analyst on a threat-hunting team is working with administrators to create a hypothesis related to an internally developed web application. The working hypothesis is as follows:
• Due to the nature of the industry, the application hosts sensitive data associated with many clients and is a significant target.
• The platform is most likely vulnerable to poor patching and inadequate server hardening, which expose vulnerable services.
• The application is likely to be targeted with SQL injection attacks due to the large number of reporting capabilities within the application.

As a result, the systems administrator upgrades outdated service applications and validates the endpoint configuration against an industry benchmark. The analyst suggests developers receive additional training on implementing identity and access management, and also implements a WAF to protect against SQL injection attacks. Which of the following BEST represents the technique in use?
Threat Management Cybersecurity Tool Sets
Which of the following is the BEST security practice to prevent ActiveX controls from running malicious code on a user s web application?
Security Architecture and Tool Sets Cybersecurity Tool Sets
The Chief Information Officer (CIO) for a large manufacturing organization has noticed a significant number of unknown devices with possible malware infections are on the organization's corporate network. Which of the following would work BEST to prevent the issue?
Threat Management Cyber Incident Response
A security analyst is reviewing the following web server log:

GET %2f..%2f..%2f.. %2f.. %2f.. %2f.. %2f../etc/passwd

Which of the following BEST describes the issue?
Cyber Incident Response Cybersecurity Tool Sets
A security analyst is looking at the headers of a few emails that appear to be targeting all users at an organization:



Which of the following technologies would MOST likely be used to prevent this phishing attempt?
Threat Management Cyber Incident Response
A development team uses open-source software and follows an Agile methodology with two-week sprints. Last month, the security team filed a bug for an insecure version of a common library. The DevOps team updated the library on the server, and then the security team rescanned the server to verify it was no longer vulnerable. This month, the security team found the same vulnerability on the server.

Which of the following should be done to correct the cause of the vulnerability?
Cybersecurity Tool Sets Compliance and Assessment
During a cyber incident, which of the following is the BEST course of action?
Cyber Incident Response