Exam Logo

Comptia (CS0-002) Exam Questions And Answers page 28

A security analyst gathered forensics from a recent intrusion in preparation for legal proceedings. The analyst used EnCase to gather the digital forensics, cloned the hard drive, and took the hard drive home for further analysis. Which of the following did the security analyst violate?
Cyber Incident Response Security Operations and Monitoring
An organization wants to move non-essential services into a cloud computing environment. Management has a cost focus and would like to achieve a recovery time objective of 12 hours. Which of the following cloud recovery strategies would work BEST to attain the desired outcome?
Security Operations and Monitoring
A company s legal department is concerned that its incident response plan does not cover the countless ways security incidents can occur. They have asked a security analyst to help tailor the response plan to provide broad coverage for many situations. Which of the following is the BEST way to achieve this goal?
Cyber Incident Response Security Operations and Monitoring
A security analyst recently used Arachni to perform a vulnerability assessment of a newly developed web application. The analyst is concerned about the following output:


Which of the following is the MOST likely reason for this vulnerability?
Threat Management Security Architecture and Tool Sets
After a breach involving the exfiltration of a large amount of sensitive data, a security analyst is reviewing the following firewall logs to determine how the breach occurred:


Which of the following IP addresses does the analyst need to investigate further?
Security Operations and Monitoring
Following a recent security breach, a company decides to investigate account usage to ensure privileged accounts are only being utilized during typical business hours. During the investigation, a security analyst determines an account was consistently utilized in the middle of the night. Which of the following actions should the analyst take NEXT?
Security Operations and Monitoring
Which of the following sources would a security analyst rely on to provide relevant and timely threat information concerning the financial services industry?
Threat Management
A security analyst needs to reduce the overall attack surface.

Which of the following infrastructure changes should the analyst recommend?
Security Architecture and Tool Sets
After a breach involving the exfiltration of a large amount of sensitive data, a security analyst is reviewing the following firewall logs to determine how the breach occurred:


Which of the following IP addresses does the analyst need to investigate further?
Security Operations and Monitoring
A security analyst recently used Arachni to perform a vulnerability assessment of a newly developed web application. The analyst is concerned about the following output:


Which of the following is the MOST likely reason for this vulnerability?
Threat Management Security Architecture and Tool Sets