Free preview mode
Enjoy the free questions and consider upgrading to gain full access!
CS0-002
Free trial
Verified
Question 76
A cybersecurity analyst needs to harden a server that is currently being used as a web server. The server needs to be accessible when entering www.company.com into the browser. Additionally, web pages require frequent updates, which are performed by a remote contractor. Given the following output:
Which of the following should the cybersecurity analyst recommend to harden the server? (Choose two.)
- A: Uninstall the DNS service
- B: Perform a vulnerability scan.
- C: Change the server's IP to a private IP address.
- D: Disable the Telnet service.
- E: Block port 80 with the host-based firewall.
- F: Change the SSH port to a non-standard port.
Question 77
A financial organization has offices located globally. Per the organization's policies and procedures, all executives who conduct business overseas must have their mobile devices checked for malicious software or evidence of tampering upon their return. The information security department oversees this process, and no executive has had a device compromised. The Chief Information Security Officer wants to implement an additional safeguard to protect the organization's data.
Which of the following controls would work BEST to protect the privacy of the data if a device is stolen?
- A: Implement a mobile device wiping solution for use once the device returns home.
- B: Install a DLP solution to track data flow.
- C: Install an encryption solution on all mobile devices.
- D: Train employees to report a lost or stolen laptop to the security department immediately.
Question 78
The majority of a company's employees have stated they are unable to perform their job duties due to outdated workstations, so the company has decided to institute BYOD. Which of the following would a security analyst MOST likely recommend for securing the proposed solution?
- A: A Linux-based system and mandatory training on Linux for all BYOD users
- B: A firewalled environment for client devices and a secure VDI for BYOD users
- C: A standardized anti-malware platform and a unified operating system vendor
- D: 802.1X to enforce company policy on BYOD user hardware
Question 79
An IT security analyst has received an email alert regarding a vulnerability within the new fleet of vehicles the company recently purchased. Which of the following attack vectors is the vulnerability MOST likely targeting?
- A: SCADA
- B: CAN bus
- C: Modbus
- D: IoT
Question 80
A security analyst is correlating, ranking, and enriching raw data into a report that will be interpreted by humans or machines to draw conclusions and create actionable recommendations. Which of the following steps in the intelligence cycle is the security analyst performing?
- A: Analysis and production
- B: Processing and exploitation
- C: Dissemination and evaluation
- D: Data collection
- E: Planning and direction
Question 81
Some hard disks need to be taken as evidence for further analysis during an incident response. Which of the following procedures must be completed FIRST for this type of evidence acquisition?
- A: Extract the hard drives from the compromised machines and then plug them into a forensics machine to apply encryption over the stored data to protect it from nonauthorized access.
- B: Build the chain-of-custody document, noting the media model, serial number, size, vendor, date, and time of acquisition.
- C: Perform a disk sanitization using the command #dd if=/dev/zero of=/dev/sdc bs=1M over the media that will receive a copy of the collected data.
- D: Execute the command #dd if-/dev/sda of=/dev/sdc bs=512 to clone the evidence data to external media to prevent any further change.
Question 82
An organization needs to limit its exposure to accidental disclosure when employees send emails that contain personal information to recipients outside the company. Which of the following technical controls would BEST accomplish this goal?
- A: DLP
- B: Encryption
- C: Data masking
- D: SPF
Question 83
A security analyst is concerned the number of security incidents being reported has suddenly gone down. Daily business interactions have not changed, and no additional security controls have been implemented. Which of the following should the analyst review FIRST?
- A: The DNS configuration
- B: Privileged accounts
- C: The IDS rule set
- D: The firewall ACL
Question 84
Which of the following is an advantage of SOAR over SIEM?
- A: SOAR is much less expensive.
- B: SOAR reduces the amount of human intervention required.
- C: SOAR can aggregate data from many sources.
- D: SOAR uses more robust encryption protocols.
Question 85
A company uses an FTP server to support its critical business functions. The FTP server is configured as follows:
✑ The FTP service is running with the data directory configured in /opt/ftp/data.
✑ The FTP server hosts employees' home directories in /home.
✑ Employees may store sensitive information in their home directories.
An IoC revealed that an FTP directory traversal attack resulted in sensitive data loss. Which of the following should a server administrator implement to reduce the risk of current and future directory traversal attacks targeted at the FTP server?
- A: Implement file-level encryption of sensitive files.
- B: Reconfigure the FTP server to support FTPS.
- C: Run the FTP server in a chroot environment.
- D: Upgrade the FTP server to the latest version.
That’s the end of your free questions
You’ve reached the preview limit for CS0-002Consider upgrading to gain full access!
Free preview mode
Enjoy the free questions and consider upgrading to gain full access!