Free CS0-002 Exam Braindumps

- (Exam Topic 3)
A Chief Executive Officer (CEO) is concerned about the company’s intellectual property being leaked to competitors. The security team performed an extensive review but did not find any indication of an outside breach. The data sets are currently encrypted using the Triple Data Encryption Algorithm. Which of the following courses of action is appropriate?

1. A. Limit all access to the sensitive data based on geographic access requirements with strict role-based access controls.
2. B. Enable data masking and reencrypt the data sets using AES-256.
3. C. Ensure the data is correctly classified and labeled, and that DLP rules are appropriate to prevent disclosure.
4. D. Use data tokenization on sensitive fields, reencrypt the data sets using AES-256, and then create an MD5 hash.

Correct Answer: C

- (Exam Topic 1)
A team of security analysis has been alerted to potential malware activity. The initial examination indicates one of the affected workstations on beaconing on TCP port 80 to five IP addresses and attempting to spread across the network over port 445. Which of the following should be the team's NEXT step during the detection phase of this response process?

1. A. Escalate the incident to management ,who will then engage the network infrastructure team to keep them informed
2. B. Depending on system critically remove each affected device from the network by disabling wired and wireless connections
3. C. Engage the engineering team to block SMB traffic internally and outbound HTTP traffic to the five IP addresses Identify potentially affected systems by creating a correlation
4. D. Identify potentially affected system by creating a correlation search in the SIEM based on the networktraffic.

Correct Answer: D

- (Exam Topic 2)
An organization is upgrading its network and all of its workstations. The project will occur in phases, with infrastructure upgrades each month and workstation installs every other week. The schedule should accommodate the enterprise-wide changes, while minimizing the impact to the network. Which of the
following schedules BEST addresses these requirements?

1. A. Monthly topology scans, biweekly host discovery scans, weekly vulnerability scans
2. B. Monthly vulnerability scans, biweekly topology scans, daily host discovery scans
3. C. Monthly host discovery scans; biweekly vulnerability scans, monthly topology scans
4. D. Monthly topology scans, biweekly host discovery scans, monthly vulnerability scans

Correct Answer: D

- (Exam Topic 3)
Due to continued support of legacy applications, an organization's enterprise password complexity rules are inadequate for its required security posture. Which of the following is the BEST compensating control to help reduce authentication compromises?

1. A. Smart cards
2. B. Multifactor authentication
3. C. Biometrics
4. D. Increased password-rotation frequency

Correct Answer: D

- (Exam Topic 1)
Which of the following will allow different cloud instances to share various types of data with a minimal amount of complexity?

1. A. Reverse engineering
2. B. Application log collectors
3. C. Workflow orchestration
4. D. API integration
5. E. Scripting

Correct Answer: D