Comptia (CS0-002) Exam Questions And Answers page 7
An organization is upgrading its network and all of its workstations. The project will occur in phases, with infrastructure upgrades each month and workstation installs every other week. The schedule should accommodate the enterprise-wide changes, while minimizing the impact to the network. Which of the following schedules BEST addresses these requirements?
Monthly topology scans, biweekly host discovery scans, monthly vulnerability scans
Monthly host discovery scans, biweekly vulnerability scans, monthly topology scans
Monthly topology scans, biweekly host discovery scans, weekly vulnerability scans
Security Operations and Monitoring
The inability to do remote updates of certificates, keys, software, and firmware is a security issue commonly associated with:
web servers on private networks
HVAC control systems
smartphones
firewalls and UTM devices
Cybersecurity Tool Sets
Security Operations and Monitoring
A security analyst is investigating a reported phishing attempt that was received by many users throughout the company. The text of one of the emails shown below:
Office 365 User,
It looks like your account has been locked out. Please click this link and follow the prompts to restore access.
Regards,
Security Team
Due to the size of the company and the high storage requirements, the company does not log DNS requests or perform packet captures of network traffic, but it does log network flow data. Which of the following commands will the analyst most likely execute NEXT?
Office 365 User,
It looks like your account has been locked out. Please click this link and follow the prompts to restore access.
Regards,
Security Team
Due to the size of the company and the high storage requirements, the company does not log DNS requests or perform packet captures of network traffic, but it does log network flow data. Which of the following commands will the analyst most likely execute NEXT?
telnet off1ce365.com 25
tracert 122.167.40.119
curl http://accountfix-office356.com/login.php
nslookup accountfix-office356.com
Cyber Incident Response
When attempting to do a stealth scan against a system that does not respond to ping, which of the following Nmap commands BEST accomplishes that goal?
nmap sA O -noping
nmap sT O -P0
nmap sS O -P0
nmap sQ O -P0
Security Architecture and Tool Sets
Security Operations and Monitoring
Which of the following BEST describes the process by which code is developed, tested, and deployed in small batches?
Agile
Waterfall
SDLC
Dynamic code analysis
Security Operations and Monitoring
A security analyst has received a report that servers are no longer able to connect to the network. After many hours of troubleshooting, the analyst determines a Group Policy Object is responsible for the network connectivity issues. Which of the following solutions should the security analyst recommend to prevent an interruption of service in the future?
CI/CD pipeline
Impact analysis and reporting
Appropriate network segmentation
Change management process
Threat Management
Cybersecurity Tool Sets
A security analyst is reviewing packet captures from a system that was compromised. The system was already isolated from the network, but it did have network access for a few hours after being compromised. When viewing the capture in a packet analyzer, the analyst sees the following:
Which of the following can the analyst conclude?
Which of the following can the analyst conclude?
The system is scanning ajgidwle.com for PII.
Malware is attempting to beacon to 128.50.100.3.
The system is running a DoS attack against ajgidwle.com.
Data is being exfiltrated over DNS.
Threat Management
Cyber Incident Response
The Chief Information Officer (CIO) of a large cloud software vendor reports that many employees are falling victim to phishing emails because they appear to come from other employees. Which of the following would BEST prevent this issue?
Include digital signatures on messages originating within the company.
Require users to authenticate to the SMTP server.
Implement DKIM to perform authentication that will prevent this issue.
Set up an email analysis solution that looks for known malicious links within the email.
Threat Management
Cyber Incident Response
SIMULATION
Welcome to the Enterprise Help Desk System. Please work the ticket escalated to you in the help desk ticket queue.
INSTRUCTIONS
Click on the ticket to see the ticket details. Additional content is available on tabs within the ticket.
First, select the appropriate issue from the drop-down menu. Then, select the MOST likely root cause from second drop-down menu.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Welcome to the Enterprise Help Desk System. Please work the ticket escalated to you in the help desk ticket queue.
INSTRUCTIONS
Click on the ticket to see the ticket details. Additional content is available on tabs within the ticket.
First, select the appropriate issue from the drop-down menu. Then, select the MOST likely root cause from second drop-down menu.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Security Operations and Monitoring
An organization that handles sensitive financial information wants to perform tokenization of data to enable the execution of recurring transactions. The organization is most interested in a secure, built-in device to support its solution. Which of the following would MOST likely be required to perform the desired function?
TPM
eFuse
FPGA
HSM
UEFI
Security Architecture and Tool Sets
Comments