最近更新の2024年06月テストエンジンとPDF CompTIA CS0-002テストあなたの最速CompTIA合格準備を保証させる! [Q187-Q208]

Share

最近更新の2024年06月テストエンジンとPDF CompTIA CS0-002テストあなたの最速CompTIA合格準備を保証させる!

完全版CS0-002練習テスト371別格な問題と解釈が待ってます。今すぐゲット!

質問 # 187
An organization is concerned about the proper handling of data and wants to implement measures to help safeguard customer data and the organization's proprietary information from exposure. Which of the following is the first step to improve awareness of overall privacy and protection?

  • A. Implement corporate policies.
  • B. Review data classification processes.
  • C. Perform user acceptance testing.
  • D. Conduct biannual training.

正解:B

解説:
Data classification is the process of categorizing data based on its level of sensitivity, value, and risk. Data classification can help determine the appropriate level of protection and access control for each type of data.
Data classification processes should be reviewed regularly to ensure that they are aligned with the organization's goals, policies, and standards. Data classification processes should also reflect the changing nature and value of data, as well as the evolving threats and regulations in the data environment.
Reviewing data classification processes can help improve awareness of overall privacy and protection by:
Educating data owners and users about their roles and responsibilities in handling data.
Establishing clear and consistent criteria for labeling and handling data.
Identifying and prioritizing the most critical and sensitive data assets.
Applying the appropriate security measures and controls for each data category.
Reducing the risk of data loss, theft, or misuse.


質問 # 188
An incident responder successfully acquired application binaries off a mobile device for later forensic analysis.
Which of the following should the analyst do NEXT?

  • A. Decompile each binary to derive the source code.
  • B. Perform a factory reset on the affected mobile device.
  • C. Encrypt the binaries using an authenticated AES-256 mode of operation.
  • D. Compute SHA-256 hashes for each binary.
  • E. Inspect the permissions manifests within each application.

正解:D


質問 # 189
A security team wants to make SaaS solutions accessible from only the corporate campus Which of the following would BEST accomplish this goal?

  • A. Geofencing
  • B. IP restrictions
  • C. Reverse proxy
  • D. Single sign-on

正解:A


質問 # 190
Wncn ol the following provides an automated approach 10 checking a system configuration?

  • A. SOAR
  • B. Scripting
  • C. CI/CD
  • D. OVAL
  • E. SCAP

正解:E

解説:
SCAP stands for Security Content Automation Protocol, which is a set of standards and specifications that allows automated configuration and vulnerability management of systems. SCAP provides an automated approach to checking a system configuration by using standardized expressions and formats to evaluate the system's compliance with predefined policies or benchmarks. CI/CD, OVAL, scripting, or SOAR are other terms related to automation or security, but they do not provide an automated approach to checking a system configuration. Reference: https://csrc.nist.gov/projects/security-content-automation-protocol


質問 # 191
A security analyst discovers a vulnerability on an unpatched web server that is used for testing machine learning on Big Data sets. Exploitation of the vulnerability could cost the organization
$1.5 million in lost productivity. The server is located on an isolated network segment that has a
5% chance of being compromised. Which of the following is the value of this risk?

  • A. $75,000
  • B. $1.425 million
  • C. $1.5 million
  • D. $300,000

正解:A


質問 # 192
A vulnerability scanner has identified an out-of-support database software version running on a server. The software update will take six to nine months to complete. The management team has agreed to a one-year extended support contract with the software vendor. Which of the following BEST describes the risk treatment in this scenario?

  • A. The company is accepting the inherent risk of the vulnerability.
  • B. The extended support mitigates any risk associated with the software.
  • C. The company is transferring the risk for the vulnerability to the software vendor.
  • D. The extended support contract changes this vulnerability finding to a false positive.

正解:A

解説:
Risk Acceptance
A risk response that involves determining that a risk is within the organization's risk appetite and no countermeasures other than ongoing monitoring will be needed
* Mitigation
* Control
* Avoidance
* Changing plans
* Transference
* Insurance
* Acceptance
* Low risk


質問 # 193
Which of the following factors would determine the regulations placed on data under data sovereignty laws?

  • A. The type of data the company stores
  • B. The data laws of the country in which the company is located
  • C. The company's data security policy
  • D. What the company intends to do with the data it owns

正解:B

解説:
The data laws of the country in which the company is located would determine the regulations placed on data under data sovereignty laws. Data sovereignty laws are laws that govern how data is collected, stored, processed, and transferred within a country's jurisdiction. Data sovereignty laws can vary from country to country, depending on their legal system, political system, culture, and values. Data sovereignty laws can affect how companies handle their data, especially when they operate across borders or use cloud services. For example, some countries may have strict data protection or privacy laws that require companies to obtain consent from data subjects before collecting or processing their data. Some countries may also have data localization or data residency laws that require companies to store their data within the country's borders or limit cross-border data transfers.


質問 # 194
A technician receives a report that a user's workstation is experiencing no network connectivity.
The technician investigates and notices the patch cable running from the back of the user's VoIP phone is routed directly under the rolling chair and has been smashes flat over time.
Which of the following is the most likely cause of this issue?

  • A. Electromagnetic interference
  • B. Split pairs
  • C. Cross-talk
  • D. Excessive collisions

正解:D


質問 # 195
To prioritize the morning's work, an analyst is reviewing security alerts that have not yet been investigated. Which of the following assets should be investigated FIRST?

  • A. The laptop of the vice president that is on the corporate LAN
  • B. The workstation of a developer who is installing software on a web server
  • C. A new test web server that is in the process of initial installation
  • D. An accounting supervisor's laptop that is connected to the VPN

正解:A


質問 # 196
Which of the following would MOST likely be included in the incident response procedure after a security breach of customer PII?

  • A. Marketing
  • B. Human resources
  • C. Internal network operations center
  • D. Public relations

正解:D


質問 # 197
An organization's Chief Information Security Officer (CISO) has asked department leaders to coordinate on communication plans that can be enacted in response to different cybersecurity incident triggers Which of the following is a benefit of having these communication plans?

  • A. They can help to limit the spread of worms by coordinating with help desk personnel earlier in the recovery phase.
  • B. They can quickly inform the public relations team to begin coordinating with the media as soon as a breach is detected.
  • C. They can help to prevent the inadvertent release of damaging information outside the organization.
  • D. They can help to keep the organization's senior leadership informed about the status of patching during the recovery phase.

正解:D


質問 # 198
A software development company in the manufacturing sector has just completed the alpha version of its flagship application. The application has been under development for the past three years. The SOC has seen intrusion attempts made by indicators associated with a particular APT.
The company has a hot site location for COOP. Which of the following threats would most likely incur the BIGGEST economic impact for the company?

  • A. ICS destruction
  • B. IP theft
  • C. DDoS
  • D. IPS evasion

正解:C


質問 # 199
A web application has a newly discovered vulnerability in the authentication method used to validate known company users. The user ID of Admin with a password of "password" grants elevated access to the application over the Internet. Which of the following is the BEST method to discover the vulnerability before a production deployment?

  • A. Stress test the application
  • B. Input validation
  • C. Manual peer review
  • D. User acceptance testing

正解:B


質問 # 200
An analyst is searching a log for potential credit card leaks. The log stores all data encoded in hexadecimal. Which of the following commands will allow the security analyst to confirm the incident?

  • A. cat log | xxd -r -p egrep '(0-9) (16)'
  • B. cat log xxd -r -p | egrep ' [0-9] {16}
  • C. egrep '(3(0-9)) (16) ' log
  • D. egrep ' (0-9) (16) ' log | xxdc

正解:A


質問 # 201
A worm was detected on multiple PCs within the remote office. The security analyst recommended that the remote office be blocked from the corporate network during the incident response. Which of the following processes BEST describes this recommendation?

  • A. Segmentation of the network
  • B. Logical isolation of the remote office
  • C. Sanitization of the network environment
  • D. Secure disposal of affected systems

正解:B


質問 # 202
A security analyst is reviewing packet captures from a system that was compromised. The system was already isolated from the network, but it did have network access for a few hours after being compromised. When viewing the capture in a packet analyzer, the analyst sees the following:

Which of the following can the analyst conclude?

  • A. Malware is attempting to beacon to 128.50.100.3.
  • B. Data is being exfiltrated over DNS.
  • C. The system is running a DoS attack against ajgidwle.com.
  • D. The system is scanning ajgidwle.com for PII.

正解:B


質問 # 203
The Chief Executive Officer (CEO) instructed the new Chief Information Security Officer (CISO) to provide a list of enhancement to the company's cybersecurity operation. As a result, the CISO has identified the need to align security operations with industry best practices. Which of the following industry references is appropriate to accomplish this?

  • A. NIST
  • B. PCI
  • C. OWASP
  • D. OSSIM

正解:A

解説:
https://www.nist.gov/sites/default/files/documents/itl/Cybersecurity_Green- Paper_FinalVersion.pdf


質問 # 204
Which of the following command line utilities would an analyst use on an end-user PC to determine the ports it is listening on?

  • A. netstat
  • B. nslookup
  • C. tracert
  • D. ping

正解:A


質問 # 205
While analyzing logs from a WAF, a cybersecurity analyst finds the following:
"GET /form.php?id=463225%2b%2575%256e%2569%256f%256e%2b%2573%2574%
2box3133333731,1223,1224&name=&state=IL"
Which of the following BEST describes what the analyst has found?

  • A. A packet is being used to bypass the WAF
  • B. This is an encrypted packet
  • C. This is an encrypted GET HTTP request
  • D. This is an encoded WAF bypass

正解:D


質問 # 206
An administrator has been investigating the way in which an actor had been exfiltrating confidential data from a web server to a foreign host.
After a thorough forensic review, the administrator determined the server's BIOS had been modified by rootkit installation.
After removing the rootkit and flashing the BIOS to a known good state, which of the following would BEST protect against future adversary access to the BIOS, in case another rootkit is installed?

  • A. Anti-malware application
  • B. TPM data sealing
  • C. File integrity monitoring
  • D. Host-based IDS

正解:B


質問 # 207
During a review of vulnerability scan results an analyst determines the results may be flawed because a control-baseline system which is used to evaluate a scanning tools effectiveness was reported as not vulnerable Consequently, the analyst verifies the scope of the scan included the control-baseline host which was available on the network during the scan. The use of a control-baseline endpoint in this scenario assists the analyst in confirming.

  • A. false negatives
  • B. the criticality index
  • C. verification of mitigation
  • D. false positives
  • E. hardening validation.

正解:D


質問 # 208
......

最新のCS0-002問題集試験問題を取得:https://drive.google.com/open?id=1APtVPIhBYhMLmPRfun4PFdlLyG5974J3

完全版CS0-002練習テスト371別格な問題と解釈が待ってます。:https://jp.fast2test.com/CS0-002-premium-file.html


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어