Free CS0-002 Exam Braindumps

- (Exam Topic 2)
A security team identified some specific known tactics and techniques to help mitigate repeated credential access threats, such as account manipulation and brute forcing. Which of the following frameworks or models did the security team MOST likely use to identify the tactics and techniques'?

1. A. Kill chain
2. B. Diamond Model of Intrusion Analysis
3. C. MITRE ATT&CK
4. D. ITIL

Correct Answer: C

- (Exam Topic 2)
An organisation is assessing risks so it can prioritize its mitigation actions. Following are the risks and their probability and impact:

Which of the following is the order of priority for risk mitigation from highest to lowest?

1. A. A, B, C, D
2. B. A, D, B, C
3. C. B, C, A, D
4. D. C, B, D, A
5. E. D, A, C, B

Correct Answer: A

- (Exam Topic 1)
An analyst is investigating an anomalous event reported by the SOC. After reviewing the system logs the analyst identifies an unexpected addition of a user with root-level privileges on the endpoint. Which of the following data sources will BEST help the analyst to determine whether this event constitutes an incident?

1. A. Patching logs
2. B. Threat feed
3. C. Backup logs
4. D. Change requests
5. E. Data classification matrix

Correct Answer: D

- (Exam Topic 2)
Which of the following assessment methods should be used to analyze how specialized software performs during heavy loads?

1. A. Stress test
2. B. API compatibility lest
3. C. Code review
4. D. User acceptance test
5. E. Input validation

Correct Answer: A

- (Exam Topic 1)
A company was recently awarded several large government contracts and wants to determine its current risk from one specific APT.
Which of the following threat modeling methodologies would be the MOST appropriate to use during this analysis?

1. A. Attack vectors
2. B. Adversary capability
3. C. Diamond Model of Intrusion Analysis
4. D. Kill chain
5. E. Total attack surface

Correct Answer: B
Reference: https://www.secureworks.com/blog/advanced-persistent-threats-apt-b