Free CS0-002 Exam Braindumps

- (Exam Topic 2)
A user reports the system is behaving oddly following the installation of an approved third-party software application. The application executable was sourced from an internal repository Which of the following will
ensure the application is valid?

1. A. Ask the user to refresh the existing definition file for the antivirus software
2. B. Perform a malware scan on the file in the internal repository
3. C. Hash the application's installation file and compare it to the hash provided by the vendor
4. D. Remove the user's system from the network to avoid collateral contamination

Correct Answer: C

- (Exam Topic 2)
A security analyst reviews the latest reports from the company's vulnerability scanner and discovers the following:

Which of the following changes should the analyst recommend FIRST?

1. A. Configuring SSL ciphers to use different encryption blocks
2. B. Programming changes to encode output
3. C. Updating the 'mod_status' module
4. D. Disabling HTTP connection debugging commands

Correct Answer: C

- (Exam Topic 3)
During routine monitoring a security analyst identified the following enterpnse network traffic: Packet capture output:

Which of the following BEST describes what the security analyst observed?

1. A. 66.187.224.210 set up a DNS hijack with 192.168.12.21.
2. B. 192.168.12.21 made a TCP connection to 66 187 224 210
3. C. 192.168.12.21 made a TCP connection to 209 132 177 50
4. D. 209.132.177.50 set up a TCP reset attack to 192 168 12 21

Correct Answer: C

- (Exam Topic 2)
A cybersecurity analyst is investigating a potential incident affecting multiple systems on a company's internal network. Although there is a negligible impact to performance, the following symptom present on each of the affected systems:
• Existence of a new and unexpected svchost exe process
• Persistent, outbound TCP/IP connections to an unknown external host with routine keep-alives transferred
• DNS query logs showing successful name resolution for an Internet-resident dynamic DNS domain If this situation remains unresolved, which of the following will MOST likely occur?

1. A. The affected hosts may participate in a coordinated DDoS attack upon command
2. B. An adversary may leverage the affected hosts to reconfigure the company's router ACLs.
3. C. Key files on the affected hosts may become encrypted and require ransom payment for unlock.
4. D. The adversary may attempt to perform a man-in-the-middle attack.

Correct Answer: C

- (Exam Topic 2)
The management team assigned the following values to an inadvertent breach of privacy regulations during the original risk assessment:
Probability = 25%
Magnitude = $1,015 per record Total records = 10,000
Two breaches occurred during the fiscal year. The first compromised 35 records, and the second compromised 65 records. Which of the following is the value of the records that were compromised?

1. A. $10,150
2. B. $25,375
3. C. $101,500
4. D. $2,537,500

Correct Answer: A