CompTIA CS0-002 Online Practice Questions and Exam Preparation

CompTIA CS0-002 Online Questions & Answers

• Question 661:

  According to a static analysis report for a web application, a dynamic code evaluation script injection vulnerability was found.

  Which of the following actions is the BEST option to fix the vulnerability in the source code?

  A. Delete the vulnerable section of the code immediately.
  B. Create a custom rule on the web application firewall.
  C. Validate user input before execution and interpretation.
  D. Use parameterized queries.
  C. Validate user input before execution and interpretation.

• Question 662:

  A cybersecurity analyst is reviewing log data and sees the output below:

  

  Which of the following technologies MOST likely generated this log?

  A. Stateful inspection firewall
  B. Network-based intrusion detection system
  C. Web application firewall
  D. Host-based intrusion detection system
  C. Web application firewall

• Question 663:

  A security professional is analyzing the results of a network utilization report. The report includes the following information:

  

  Which of the following servers needs further investigation?

  A. hr.dbprod.01
  B. RandD.file.srvr.01
  C. mrktg.file.srvr.02
  D. web.srvr.03
  A. hr.dbprod.01

• Question 664:

  A cybersecunty analyst needs to harden a server that is currently being used as a web server The server needs to be accessible when entenng www company com into the browser Additionally web pages require frequent updates which are performed by a remote contractor Given the following output:

  

  Which of the following should the cybersecunty analyst recommend to harden the server? (Select TWO).

  A. Uninstall the DNS service
  B. Perform a vulnerability scan
  C. Change the server's IP to a private IP address
  D. Disable the Telnet service
  E. Block port 80 with the host-based firewall
  F. Change the SSH port to a non-standard port
  A. Uninstall the DNS service
  D. Disable the Telnet service

  ---

  Explanation/Reference:

  Web Server does not need the DNS role installed and with SSH already installed why would you keep Telnet.

• Question 665:

  A company has alerted planning the implemented a vulnerability management procedure. However, to security maturity level is low, so there are some prerequisites to complete before risk calculation and prioritization. Which of the following should be completed FIRST?

  A. A business Impact analysis
  B. A system assessment
  C. Communication of the risk factors
  D. A risk identification process
  B. A system assessment

• Question 666:

  A security analyst is building a malware analysis lab. The analyst wants to ensure malicious applications are not capable of escaping the virtual machines and pivoting to other networks. To BEST mitigate this risk, the analyst should use __________.

  A. an 802.11ac wireless bridge to create an air gap.
  B. a managed switch to segment the lab into a separate VLAN.
  C. a firewall to isolate the lab network from all other networks.
  D. an unmanaged switch to segment the environments from one another.
  B. a managed switch to segment the lab into a separate VLAN.

• Question 667:

  A security analyst is reviewing packet captures to determine the extent of success during an attacker's reconnaissance phase following a recent incident.

  The following is a hex and ASCII dump of one such packet:

  

  Which of the following BEST describes this packet?

  A. DNS BIND version request
  B. DNS over UDP standard query
  C. DNS over TCP server status query
  D. DNS zone transfer request
  A. DNS BIND version request

• Question 668:

  A security operations team was alerted to abnormal DNS activity coming from a user's machine. The team performed a forensic investigation and discovered a host had been compromised. Malicious code was using DNS as a tunnel to extract data from the client machine, which had been leaked and transferred to an unsecure public Internet site. Which of the following BEST describes the attack?

  A. Phishing
  B. Pharming
  C. Cache poisoning
  D. Data exfiltration
  D. Data exfiltration

• Question 669:

  Considering confidentiality and integrity, which of the following make servers more secure than desktops? (Select THREE).

  A. VLANs
  B. OS
  C. Trained operators
  D. Physical access restriction
  E. Processing power
  F. Hard drive capacity
  B. OS
  C. Trained operators
  D. Physical access restriction

• Question 670:

  SIMULATION

  You are a penetration tester who is reviewing the system hardening guidelines for a company. Hardening guidelines indicate the following:

  1. There must be one primary server or service per device.

  2. Only default port should be used

  3. Non- secure protocols should be disabled.

  The corporate internet presence should be placed in a protected subnet Instructions :

  Using the available tools, discover devices on the corporate network and the services running on these devices. You must determine ip address of each device The primary server or service each device The protocols that should be disabled based on the hardening guidelines

  

  Hot Area:

  

  

  ---

  Explanation/Reference:

  CandyManCarl.Local Role: File Server IP address: 192.168.1.20 Non-Compliant Service: FTP 21 Farmerlaura.Local Role: Mail Server IP address: 192.168.1.30 Non-Compliant Service: IMAP 143

  Sandwich $ara.Local Role: Database IP address: 192.168.1.40 Non-Compliant Service: DNS 53

  FarmaerTed.Local Role: Switch IP address: 192.168.1.10 Non-Compliant Service: Telnet 23

  Lunch TimeMike.Local Role: Web Server IP address: 10.10.10.25 Non-Compliant Service: HTTP 80