CompTIA CS0-002 Online Practice Questions and Exam Preparation

CompTIA CS0-002 Online Questions & Answers

• Question 841:

  Which of the following are the most likely reasons to include reporting processes when updating an incident response plan after a breach? (Choose two.)

  A. To use the SLA to determine when to deliver the report
  B. To meet regulatory requirements for timely reporting
  C. To limit reputation damage caused by the breach
  D. To remediate vulnerabilities that led to the breach
  E. To isolate potential insider threats
  F. To provide secure network design changes
  B. To meet regulatory requirements for timely reporting
  C. To limit reputation damage caused by the breach

  ---

  Explanation/Reference:

• Question 842:

  An organization is adopting loT devices at an increasing rate and will need to account for firmware updates in its vulnerability management programs. Despite the number of devices being deployed, the organization has only focused on software patches so far. leaving hardware-related weaknesses open to compromise.

  Which of the following best practices will help the organization to track and deploy trusted firmware updates as part of its vulnerability management programs?

  A. Utilize threat intelligence to guide risk evaluation activities and implement critical updates after proper testing.
  B. Apply all firmware updates as soon as they are released to mitigate the risk of compromise.
  C. Determine an annual patch cadence to ensure all patching occurs at the same time.
  D. Implement an automated solution that detects when vendors release firmware updates and immediately deploy updates to production.
  A. Utilize threat intelligence to guide risk evaluation activities and implement critical updates after proper testing.

• Question 843:

  A cybersecurity consultant found common vulnerabilities across the following services used by multiple servers at an organization: VPN, SSH, and HTTPS. Which of the following is the MOST likely reason for the discovered vulnerabilities?

  A. Leaked PKI private key
  B. Vulnerable version of OpenSSL
  C. Common initialization vector
  D. Weak level of encryption entropy
  E. Vulnerable implementation of PEAP
  D. Weak level of encryption entropy

• Question 844:

  An application development company released a new version of its software to the public. A few days after the release, the company is notified by end users that the application is notably slower, and older security bugs have reappeared in the new release. The development team has decided to include the security analyst during their next development cycle to help address the reported issues. Which of the following should the security analyst focus on to remedy the existing reported problems?

  A. The security analyst should perform security regression testing during each application development cycle.
  B. The security analyst should perform end user acceptance security testing during each application development cycle.
  C. The security analyst should perform secure coding practices during each application development cycle.
  D. The security analyst should perform application fuzzing to locate application vulnerabilities during each application development cycle.
  A. The security analyst should perform security regression testing during each application development cycle.

• Question 845:

  A recent vulnerability scan found four vulnerabilities on an organization's public Internet-facing IP addresses. Prioritizing in order to reduce the risk of a breach to the organization, which of the following should be remediated FIRST?

  A. A cipher that is known to be cryptographically weak.
  B. A website using a self-signed SSL certificate.
  C. A buffer overflow that allows remote code execution.
  D. An HTTP response that reveals an internal IP address.
  C. A buffer overflow that allows remote code execution.

• Question 846:

  A university wants to increase the security posture of its network by implementing vulnerability scans of both centrally managed and student/employee laptops. The solution should be able to scale, provide minimum false positives and high accuracy of results, and be centrally managed through an enterprise console. Which of the following scanning topologies is BEST suited for this environment?

  A. A passive scanning engine located at the core of the network infrastructure
  B. A combination of cloud-based and server-based scanning engines
  C. A combination of server-based and agent-based scanning engines
  D. An active scanning engine installed on the enterprise console
  D. An active scanning engine installed on the enterprise console

• Question 847:

  Which of me following BEST articulates the benefit of leveraging SCAP in an organization's cybersecurity analysis toolset?

  A. It automatically performs remedial configuration changes lo enterprise security services
  B. It enables standard checklist and vulnerability analysis expressions for automaton
  C. It establishes a continuous integration environment for software development operations
  D. It provides validation of suspected system vulnerabilities through workflow orchestration
  B. It enables standard checklist and vulnerability analysis expressions for automaton

• Question 848:

  A security analyst is handling an incident in which ransomware has encrypted the disks of several company workstations. Which of the following would work BEST to prevent this type of incident in the future?

  A. Implement a UTM instead of a stateful firewall and enable gateway antivirus.
  B. Back up the workstations to facilitate recovery and create a gold image.
  C. Establish a ransomware awareness program and implement secure and verifiable backups.
  D. Virtualize all the endpoints with daily snapshots of the virtual machines.
  C. Establish a ransomware awareness program and implement secure and verifiable backups.

• Question 849:

  An analyst is reviewing the following code output of a vulnerability scan:

  

  Which of the following types of vulnerabilities does this MOST likely represent?

  A. A XSS vulnerability
  B. An HTTP response split vulnerability
  C. A credential bypass vulnerability
  D. A carriage-return, line-feed vulnerability
  C. A credential bypass vulnerability

• Question 850:

  An email analysis system notifies a security analyst that the following message was quarantined and requires further review.

  From: [email protected]

  To: [email protected]

  Subject: [EXTERNAL] Gift card purchase ASAP

  Body:

  Please purchase gift cards to any major electronics store and reply with pictures of them to this email!

  Which of the following actions should the security analyst take?

  A. Release the email for delivery due to its importance
  B. Immediately contact a purchasing agent to expedite.
  C. Delete the email and block the sender.
  D. Purchase the gift cards and submit an expense report.
  C. Delete the email and block the sender.