CompTIA CS0-002 Free Practice Questions

NEW QUESTION 1
Which of the following BEST describes the process by which code is developed, tested, and deployed in small batches?

• A. Agile
• B. Waterfall
• C. SDLC
• D. Dynamic code analysis

Answer: A

NEW QUESTION 2
Risk management wants IT to implement a solution that will permit an analyst to intercept, execute, and analyze potentially malicious files that are downloaded from the Internet.
Which of the following would BEST provide this solution?

• A. File fingerprinting
• B. Decomposition of malware
• C. Risk evaluation
• D. Sandboxing

Answer: D

NEW QUESTION 3
A security analyst has discovered trial developers have installed browsers on all development servers in the company's cloud infrastructure and are using them to browse the Internet. Which of the following changes should the security analyst make to BEST protect the environment?

• A. Create a security rule that blocks Internet access in the development VPC
• B. Place a jumpbox m between the developers' workstations and the development VPC
• C. Remove the administrator profile from the developer user group in identity and access management
• D. Create an alert that is triggered when a developer installs an application on a server

Answer: A

NEW QUESTION 4
Which of the following are components of the intelligence cycle? (Select TWO.)

• A. Collection
• B. Normalization
• C. Response
• D. Analysis
• E. Correction
• F. Dissension

Answer: BE

NEW QUESTION 5
A malicious hacker wants to gather guest credentials on a hotel 802.11 network. Which of the following tools is the malicious hacker going to use to gain access to information found on the hotel network?

• A. Nikto
• B. Aircrak-ng
• C. Nessus
• D. tcpdump

Answer: A

NEW QUESTION 6
While planning segmentation for an ICS environment, a security engineer determines IT resources will need access to devices within the ICS environment without compromising security.
To provide the MOST secure access model in this scenario, the jumpbox should be.

• A. placed in an isolated network segment, authenticated on the IT side, and forwarded into the ICS network.
• B. placed on the ICS network with a static firewall rule that allows IT network resources to authenticate.
• C. bridged between the IT and operational technology networks to allow authenticated access.
• D. placed on the IT side of the network, authenticated, and tunneled into the ICS environment.

Answer: D

NEW QUESTION 7
Which of the following software assessment methods would be BEST for gathering data related to an application’s availability during peak times?

• A. Security regression testing
• B. Stress testing
• C. Static analysis testing
• D. Dynamic analysis testing
• E. User acceptance testing

Answer: B

NEW QUESTION 8
A cybersecurity analyst is supposing an incident response effort via threat intelligence. Which of the following is the analyst MOST likely executing?

• A. Requirements analysis and collection planning
• B. Containment and eradication
• C. Recovery and post-incident review
• D. Indicator enrichment and research pivoting

Answer: D

NEW QUESTION 9
After receiving reports latency, a security analyst performs an Nmap scan and observes the following output:

Which of the following suggests the system that produced output was compromised?

• A. Secure shell is operating of compromise on this system.
• B. There are no indicators of compromise on this system.
• C. MySQL services is identified on a standard PostgreSQL port.
• D. Standard HTP is open on the system and should be closed.

Answer: B

NEW QUESTION 10
An analyst is working with a network engineer to resolve a vulnerability that was found in a piece of legacy hardware, which is critical to the operation of the organization's production line. The legacy hardware does not have third-party support, and the OEM manufacturer of the controller is no longer in operation. The analyst documents the activities and verifies these actions prevent remote exploitation of the vulnerability.
Which of the following would be the MOST appropriate to remediate the controller?

• A. Segment the network to constrain access to administrative interfaces.
• B. Replace the equipment that has third-party support.
• C. Remove the legacy hardware from the network.
• D. Install an IDS on the network between the switch and the legacy equipment.

Answer: A

NEW QUESTION 11
A company's marketing emails are either being found in a spam folder or not being delivered at all. The security analyst investigates the issue and discovers the emails in question are being sent on behalf of the company by a third party in1marketingpartners.com Below is the exiting SPP word:

Which of the following updates to the SPF record will work BEST to prevent the emails from being marked as spam or blocked?
A)

B)

C)

D)

• A. Option A
• B. Option B
• C. Option C
• D. Option D

Answer: B

NEW QUESTION 12
A security administrator needs to create an IDS rule to alert on FTP login attempts by root. Which of the following rules is the BEST solution?

• A. Option A
• B. Option B
• C. Option C
• D. Option D

Answer: B

NEW QUESTION 13
A hybrid control is one that:

• A. is implemented differently on individual systems
• B. is implemented at the enterprise and system levels
• C. has operational and technical components
• D. authenticates using passwords and hardware tokens

Answer: B

NEW QUESTION 14
A security analyst received an email with the following key: Xj3XJ3LLc
A second security analyst received an email with following key: 3XJ3xjcLLC
The security manager has informed the two analysts that the email they received is a key that allows access to the company’s financial segment for maintenance. This is an example of:

• A. dual control
• B. private key encryption
• C. separation of duties
• D. public key encryption
• E. two-factor authentication

Answer: A

NEW QUESTION 15
A pharmaceutical company's marketing team wants to send out notifications about new products to alert users of recalls and newly discovered adverse drug reactions. The team plans to use the names and mailing addresses that users have provided.
Which of the following data privacy standards does this violate?

• A. Purpose limitation
• B. Sovereignty
• C. Data minimization
• D. Retention

Answer: A

NEW QUESTION 16
An organization developed a comprehensive modern response policy Executive management approved the policy and its associated procedures. Which of the following activities would be MOST beneficial to evaluate personnel's familiarity with incident response procedures?

• A. A simulated breach scenario evolving the incident response team
• B. Completion of annual information security awareness training by ail employees
• C. Tabtetop activities involving business continuity team members
• D. Completion of lessons-learned documentation by the computer security incident response team
• E. External and internal penetration testing by a third party

Answer: A

NEW QUESTION 17
The inability to do remote updates of certificates, keys, software, and firmware is a security issue commonly associated with:

• A. web servers on private networks
• B. HVAC control systems
• C. smartphones
• D. firewalls and UTM devices

Answer: D

NEW QUESTION 18
Approximately 100 employees at your company have received a phishing email. As a security analyst you have been tasked with handling this situation.
INSTRUCTIONS
Review the information provided and determine the following:
* 1. How many employees clicked on the link in the phishing email?
* 2. On how many workstations was the malware installed?
* 3. What is the executable file name or the malware?

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 19
......