Is this exam completely free?

Examcademy offers a free preview for every exam, covering around 20% of the total questions. Full access is available with a paid upgrade.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! Examcademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our mock exams are built and reviewed with the help of AI and community contributions, staying aligned with real-world exam objectives.

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!

CS0-001Free trial

By comptia

Verified

25Q per page

Question 51

A cybersecurity analyst was hired to resolve a security issue within a company after it was reported that many employee account passwords had been compromised. Upon investigating the incident, the cybersecurity analyst found that a brute force attack was launched against the company.
Which of the following remediation actions should the cybersecurity analyst recommend to senior management to address these security issues?

A: Prohibit password reuse using a GPO.
B: Deploy multifactor authentication.
C: Require security awareness training.
D: Implement DLP solution.

—

Question 52

An analyst has initiated an assessment of an organization's security posture. As a part of this review, the analyst would like to determine how much information about the organization is exposed externally. Which of the following techniques would BEST help the analyst accomplish this goal? (Choose two.)

A: Fingerprinting
B: DNS query log reviews
C: Banner grabbing
D: Internet searches
E: Intranet portal reviews
F: Sourcing social network sites
G: Technical control audits

—

Question 53

Scan results identify critical Apache vulnerabilities on a company's web servers. A security analyst believes many of these results are false positives because the web environment mostly consists of Windows servers.
Which of the following is the BEST method of verifying the scan results?

A: Run a service discovery scan on the identified servers.
B: Refer to the identified servers in the asset inventory.
C: Perform a top-ports scan against the identified servers.
D: Review logs of each host in the SIEM.

—

Question 54

A retail corporation with widely distributed store locations and IP space must meet PCI requirements relating to vulnerability scanning. The organization plans to outsource this function to a third party to reduce costs.
Which of the following should be used to communicate expectations related to the execution of scans?

A: Vulnerability assessment report
B: Lessons learned documentation
C: SLA
D: MOU

—

Question 55

A cybersecurity professional wants to determine if a web server is running on a remote host with the IP address 192.168.1.100. Which of the following can be used to perform this task?

A: nc 192.168.1.100 -1 80
B: ps aux 192.168.1.100
C: nmap 192.168.1.100 ""p 80 ""A
D: dig www 192.168.1.100
E: ping ""p 80 192.168.1.100

—

Question 56

A security analyst at a small regional bank has received an alert that nation states are attempting to infiltrate financial institutions via phishing campaigns. Which of the following techniques should the analyst recommend as a proactive measure to defend against this type of threat?

A: Honeypot
B: Location-based NAC
C: System isolation
D: Mandatory access control
E: Bastion host

—

That’s the end of your free questions

You’ve reached the preview limit for CS0-001

Consider upgrading to gain full access!

Page 3 of 12 • Questions 51-75 of 277

←

1 2 3 4 5

→

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!