CS0-002 Dumps Special Discount for limited time Try FOR FREE [Q81-Q98]

Share

CS0-002 Dumps Special Discount for limited time Try FOR FREE

CS0-002 Dumps for success in Actual Exam May-2024]

NEW QUESTION # 81
After reviewing security logs, it is noticed that sensitive data is being transferred over an insecure network. Which of the following would a cybersecurity analyst BEST recommend that the organization implement?

  • A. Segment the networks.
  • B. Use FIM.
  • C. Use a digital watermark.
  • D. Update the data classification matrix.
  • E. Use a VPN

Answer: E


NEW QUESTION # 82
The IT department is concerned about the possibility of a guest device infecting machines on the corporate network or taking down the company's singe internet connection. Which of the following should a security analyst recommend to BEST meet the requirements outlined by the IT Department?

  • A. Configure the IPS with rules that will detect common malware signatures traveling from the guest network.
  • B. Require the guest machines to install the corporate-owned EDR solution.
  • C. Configure NAC to only allow machines on the network that are patched and have active antivirus.
  • D. Place a firewall In between the corporate network and the guest network

Answer: D

Explanation:
A firewall is a device or software that monitors and controls incoming and outgoing network traffic based on predefined rules or policies. A firewall can help prevent unauthorized or malicious traffic from entering or leaving a network, and protect network resources from external threats. Placing a firewall in between the corporate network and the guest network can help prevent a guest device from infecting machines on the corporate network or taking down the company's single internet connection, as it can block or filter any unwanted or harmful traffic from the guest network.


NEW QUESTION # 83
While analyzing logs from a WAF, a cybersecurity analyst finds the following:

Which of the following BEST describes what the analyst has found?

  • A. This is an encrypted packet
  • B. This is an encrypted GET HTTP request
  • C. This is an encoded WAF bypass
  • D. A packet is being used to bypass the WAF

Answer: C


NEW QUESTION # 84
There have been several exploits to critical devices within the network. However, there is currently no process to perform vulnerability analysis.
Which of the following should the security analyst implement during production hours to identify critical threats and vulnerabilities?

  • A. Scanning of all types of data regardless of sensitivity levels
  • B. Vulnerability scanning frequency that does not interrupt workflow
  • C. Daily automated reports of exploited devices
  • D. Asset inventory of all critical devices

Answer: B


NEW QUESTION # 85
A security professional is analyzing the results of a network utilization report. The report includes the following information:

Which of the following servers needs further investigation?

  • A. R&D.file.srvr.01
  • B. mrktg.file.srvr.02
  • C. hr.dbprod.01
  • D. web.srvr.03

Answer: C


NEW QUESTION # 86
A company has several internal-only, web-based applications on the internal network. Remote employees are allowed to connect to the internal corporate network with a company-supplied VPN client. During a project to upgrade the internal application, contractors were hired to work on a database server and were given copies of the VPN client so they could work remotely. A week later, a security analyst discovered an internal web-server had been compromised by malware that originated from one of the contractor's laptops. Which of the following changes should be made to BEST counter the threat presented in this scenario?

  • A. Deploy a web application firewall in the DMZ to stop Internet-based attacks on the web server.
  • B. Create a restricted network segment for contractors, and set up a jump box for the contractors to use to access internal resources.
  • C. Require the contractors to bring their laptops on site when accessing the internal network instead of using the VPN from a remote location.
  • D. Deploy an application layer firewall with network access control lists at the perimeter, and then create alerts for suspicious Layer 7 traffic.
  • E. Implement NAC to check for updated anti-malware signatures and location-based rules for PCs connecting to the internal network.

Answer: E


NEW QUESTION # 87
A company has a cluster of web servers that is critical to the business. A systems administrator installed a utility to troubleshoot an issue, and the utility caused the entire cluster to 90 offline. Which of the following solutions would work BEST prevent to this from happening again?

  • A. Change management
  • B. Privilege management
  • C. Application whitelisting
  • D. Asset management

Answer: A


NEW QUESTION # 88
Legacy medical equipment, which contains sensitive data, cannot be patched. Which of the following is the BEST solution to improve the equipment's security posture?

  • A. Implement a VPN between the legacy systems and the local network.
  • B. Move the legacy systems behind a WAF
  • C. Implement an air gap for the legacy systems.
  • D. Place the legacy systems in the DMZ

Answer: B


NEW QUESTION # 89
As a proactive threat-hunting technique, hunters must develop situational cases based on likely attack scenarios derived from the available threat intelligence information. After forming the basis of the scenario, which of the following may the threat hunter construct to establish a framework for threat assessment?

  • A. Hypothesis
  • B. Critical asset list
  • C. Threat vector
  • D. Attack profile

Answer: B


NEW QUESTION # 90
A security analyst is auditing firewall rules with the goal of scanning some known ports to check the firewall's behavior and responses. The analyst executes the following commands:

The analyst then compares the following results for port 22:
nmap returns "Closed"
hping3 returns "flags=RA"
Which of the following BEST describes the firewall rule?

  • A. DROP
  • B. DNAT --to-destination 1.1.1.1:3000
  • C. REJECT with --tcp-reset
  • D. LOG --log-tcp-sequence

Answer: C

Explanation:
Explanation
No doubt does the nmap result mean its being rejected as it returns closed. However, what threw me for a loop was the hping3 response. After further web surfing I found that the "flag=RA" means actually means "flag= RST, ACK" which means that it too was rejected.


NEW QUESTION # 91
A cross-site scripting attack is an example of what type of threat vector?

  • A. Impersonation
  • B. Attrition
  • C. Email
  • D. Web

Answer: D


NEW QUESTION # 92
Which of the following factors would determine the regulations placed on data under data sovereignty laws?

  • A. The company's data security policy
  • B. The data laws of the country in which the company is located
  • C. The type of data the company stores
  • D. What the company intends to do with the data it owns

Answer: B

Explanation:
The data laws of the country in which the company is located would determine the regulations placed on data under data sovereignty laws. Data sovereignty laws are laws that govern how data is collected, stored, processed, and transferred within a country's jurisdiction. Data sovereignty laws can vary from country to country, depending on their legal system, political system, culture, and values. Data sovereignty laws can affect how companies handle their data, especially when they operate across borders or use cloud services. For example, some countries may have strict data protection or privacy laws that require companies to obtain consent from data subjects before collecting or processing their data. Some countries may also have data localization or data residency laws that require companies to store their data within the country's borders or limit cross-border data transfers.


NEW QUESTION # 93
Company A suspects an employee has been exfiltrating PII via a USB thumb drive. An analyst is tasked with attempting to locate the information on the drive. The PII in question includes the following:

Which of the following would BEST accomplish the task assigned to the analyst?

  • A. \d(3)-d(2)-\d(4)
  • B. 3 [0-9]\d-2[0-9]\d-4[0-9]\d
  • C. \d[9] `XXX-XX-XX'
  • D. ?[3]-?[2]-?[3]

Answer: A


NEW QUESTION # 94
In order to the leverage the power of data correlation with Nessus, a cybersecurity analyst must first be able to create a table for the scan results.
Given the following snippet of code:

Which of the following output items would be correct?

  • A.
  • B.
  • C.
  • D.

Answer: A


NEW QUESTION # 95
A new on-premises application server was recently installed on the network. Remote access to the server was enabled for vendor support on required ports, but recent security reports show large amounts of data are being sent to various unauthorized networks through those ports. Which of the following configuration changes must be implemented to resolve this security issue while still allowing remote vendor access?

  • A. Enable port security.
  • B. Whitelist the application server.
  • C. Apply a firewall application server rule.
  • D. Sandbox the application server.
  • E. Block the unauthorized networks.

Answer: B


NEW QUESTION # 96
A security analyst has been asked to scan a subnet. During the scan, the following output was generated:

Based on the output above, which of the following is MOST likely?

  • A. Both hosts are mail servers
  • B. 192.168.100.145 is a DNS server
  • C. 192.168.100.214 is a web server
  • D. 192.168.100.214 is a secure FTP server

Answer: C


NEW QUESTION # 97
Which of the following organizations would have to remediate embedded controller vulnerabilities?

  • A. Public universities
  • B. Banking institutions
  • C. Regulatory agencies
  • D. Hydroelectric facilities

Answer: D


NEW QUESTION # 98
......

Accurate CS0-002 Answers 365 Days Free Updates: https://www.dumpexam.com/CS0-002-valid-torrent.html

Realistic CS0-002 100% Pass Guaranteed Download  Exam Q&A: https://drive.google.com/open?id=10vS-72KsSK8dcHTC9XmWKLQj_8cZPUJL