Free CS0-002 Exam Braindumps

- (Exam Topic 1)
Which of the following sets of attributes BEST illustrates the characteristics of an insider threat from a security perspective?

1. A. Unauthorized, unintentional, benign
2. B. Unauthorized, intentional, malicious
3. C. Authorized, intentional, malicious
4. D. Authorized, unintentional, benign

Correct Answer: C
Reference: https://www.sciencedirect.com/topics/computer-science/insider-attack

- (Exam Topic 1)
An analyst identifies multiple instances of node-to-node communication between several endpoints within the 10.200.2.0/24 network and a user machine at the IP address 10.200.2.5. This user machine at the IP address 10.200.2.5 is also identified as initiating outbound communication during atypical business hours with several IP addresses that have recently appeared on threat feeds.
Which of the following can be inferred from this activity?

1. A. 10.200.2.0/24 is infected with ransomware.
2. B. 10.200.2.0/24 is not routable address space.
3. C. 10.200.2.5 is a rogue endpoint.
4. D. 10.200.2.5 is exfiltrating datA.

Correct Answer: D

- (Exam Topic 3)
As part of the senior leadership team's ongoing nsk management activities the Chief Information Security Officer has tasked a security analyst with coordinating the right training and testing methodology to respond to new business initiatives or significant changes to existing ones The management team wants to examine a new business process that would use existing infrastructure to process and store sensitive data Which of the following would be appropnate for the security analyst to coordinate?

1. A. A black-box penetration testing engagement
2. B. A tabletop exercise
3. C. Threat modeling
4. D. A business impact analysis

Correct Answer: D

- (Exam Topic 1)
While planning segmentation for an ICS environment, a security engineer determines IT resources will need access to devices within the ICS environment without compromising security.
To provide the MOST secure access model in this scenario, the jumpbox should be.

1. A. placed in an isolated network segment, authenticated on the IT side, and forwarded into the ICS network.
2. B. placed on the ICS network with a static firewall rule that allows IT network resources to authenticate.
3. C. bridged between the IT and operational technology networks to allow authenticated access.
4. D. placed on the IT side of the network, authenticated, and tunneled into the ICS environment.

Correct Answer: A

- (Exam Topic 2)
Portions of a legacy application are being refactored to discontinue the use of dynamic SQL Which of the following would be BEST to implement in the legacy application?

1. A. Multifactor authentication
2. B. Web-application firewall
3. C. SQL injection
4. D. Parameterized queries
5. E. Input validation

Correct Answer: A