Free CS0-002 Exam Braindumps

- (Exam Topic 3)
A financial institution's business unit plans to deploy a new technology in a manner that violates existing information security standards. Which of the following actions should the Chief Information Security Officer (CISO) take to manage any type of violation?

1. A. Enforce the existing security standards and controls.
2. B. Perform a risk analysis and qualify the risk with legal.
3. C. Perform research and propose a better technology.
4. D. Enforce the standard permits.

Correct Answer: B
The International Standards Organization, or ISO, develops standards for businesses around the world so that they may operate using a uniform set of best practices. These standards are not enforceable laws, but companies who choose to follow them stand to gain international credibility from their compliance; standards are set as guidance for best practices but are not enforceable laws

- (Exam Topic 1)
A security analyst receives an alert that highly sensitive information has left the company's network Upon investigation, the analyst discovers an outside IP range has had connections from three servers more than 100 times m the past month The affected servers are virtual machines Which of the following is the BEST course of action?

1. A. Shut down the servers as soon as possible, move them to a clean environment, restart, run a vulnerability scanner to find weaknesses determine the root cause, remediate, and report
2. B. Report the data exfiltration to management take the affected servers offline, conduct an antivirus scan, remediate all threats found, and return the servers to service.
3. C. Disconnect the affected servers from the network, use the virtual machine console to access the systems, determine which information has left the network, find the security weakness, and remediate
4. D. Determine if any other servers have been affected, snapshot any servers found, determine the vector that was used to allow the data exfiltratio
5. E. fix any vulnerabilities, remediate, and report.

Correct Answer: A

- (Exam Topic 2)
A security analyst is researching an incident and uncovers several details that may link to other incidents. The security analyst wants to determine if other incidents are related to the current incident Which of the followinq threat research methodoloqies would be MOST appropriate for the analyst to use?

1. A. Reputation data
2. B. CVSS score
3. C. Risk assessment
4. D. Behavioral analysis

Correct Answer: D

- (Exam Topic 3)
Which of the following is a reason to use a nsk-based cybersecunty framework?

1. A. A risk-based approach always requires quantifying each cyber nsk faced by an organization
2. B. A risk-based approach better allocates an organization's resources against cyberthreats and vulnerabilities
3. C. A risk-based approach is driven by regulatory compliance and es required for most organizations
4. D. A risk-based approach prioritizes vulnerability remediation by threat hunting and other qualitative-based processes

Correct Answer: B

- (Exam Topic 1)
A security analyst is investigating a compromised Linux server. The analyst issues the ps command and receives the following output.

Which of the following commands should the administrator run NEXT to further analyze the compromised system?

1. A. strace /proc/1301
2. B. rpm -V openash-server
3. C. /bin/la -1 /proc/1301/exe
4. D. kill -9 1301

Correct Answer: A