Category Archives: comptia cybersecurity analyst (cysa+) pdf

[2021 Update] Free online testing of the latest CompTIA CS0-002 exam exercise questions

Posted on by

Best way to pass the CompTIA CS0-002 exam: Need the latest CompTIA CS0-002 exam exercise questions! The complete CompTIA CS0-002 exam dumps help you easily pass the exam! ((CS0-002 VCE and CS0-002 PDF)

[Latest CompTIA CySA+ CS0-002 dumps pdf] CompTIA CS0-002 pdf free download

Free Share CompTIA CS0-002 exercise questions from Pass4itsure CompTIA CySA+ CS0-002 dumps


Latest CompTIA CySA+ CS0-002 exam exercise questions 1-13 online

A development team uses open-source software and follows an Agile methodology with two-week sprints. Last month,
the security team filed a bug for an insecure version of a common library. The DevOps team updated the library on the
server, and then the security team rescanned the server to verify it was no longer vulnerable. This month, the security
team found the same vulnerability on the server.
Which of the following should be done to correct the cause of the vulnerability?
A. Deploy a WAF in front of the application.
B. Implement a software repository management tool.
C. Install a HIPS on the server.
D. Instruct the developers to use input validation in the code.
Correct Answer: B

An employee in the billing department accidentally sent a spreadsheet containing payment card data to a recipient
outside the organization The employee intended to send the spreadsheet to an internal staff member with a similar
name and was unaware of the mistake until the recipient replied to the message In addition to retraining the employee,
which of the following would prevent this from happening in the future?
A. Implement outgoing filter rules to quarantine messages that contain card data
B. Configure the outgoing mail filter to allow attachments only to addresses on the whitelist
C. Remove all external recipients from the employee\\’s address book
D. Set the outgoing mail filter to strip spreadsheet attachments from all messages.
Correct Answer: B

During routine monitoring, a security analyst discovers several suspicious websites that are communicating with a local
host. The analyst queries for IP for a 24-hour period:

cs0-002 exam questions-q3

To further investigate, the analyst should request PCAP for SRC and __________.
Correct Answer: C

Which of the following technologies can be used to house the entropy keys for disk encryption on desktops and
A. Self-encrypting drive
B. Bus encryption
Correct Answer: A

A web developer wants to create a new web part within the company website that aggregates sales from individual team
sites. A cybersecurity analyst wants to ensure security measurements are implemented during this process. Which of
the following remediation actions should the analyst take to implement a vulnerability management process?
A. Personnel training
B. Vulnerability scan
C. Change management
D. Sandboxing
Correct Answer: C

Which of the following is the use of tools to simulate the ability for an attacker to gain access to a specified network?
A. Reverse engineering
B. Fuzzing
C. Penetration testing
D. Network mapping
Correct Answer: C

A Chief Information Security Officer (CISO) is concerned the development team, which consists of contractors, has too
much access to customer data. Developers use personal workstations, giving the company little to no visibility into the
development activities.
Which of the following would be BEST to implement to alleviate the CISO\\’s concern?
B. Encryption
C. Test data
Correct Answer: A

A security analyst conducted a risk assessment on an organization\\’s wireless network and identified a high-risk
element in the implementation of data confidentially protection. Which of the following is the BEST technical security
control to mitigate this risk?
A. Switch to RADIUS technology
B. Switch to TACACS+ technology.
C. Switch to 802 IX technology
D. Switch to the WPA2 protocol.
Correct Answer: B

Which of the following should be found within an organization\\’s acceptable use policy?
A. Passwords must be eight characters in length and contain at least one special character.
B. Customer data must be handled properly, stored on company servers, and encrypted when possible
C. Administrator accounts must be audited monthly, and inactive accounts should be removed.
D. Consequences of violating the policy could include discipline up to and including termination.
Correct Answer: D

Bootloader malware was recently discovered on several company workstations. All the workstations run Windows and
are current models with UEFI capability. Which of the following UEFI settings is the MOST likely cause of the
A. Compatibility mode
B. Secure boot mode
C. Native mode
D. Fast boot mode
Correct Answer: A

A security analyst is responding to an incident on a web server on the company network that is making a large number
of outbound requests over DNS Which of the following is the FIRST step the analyst should take to evaluate this
potential indicator of compromise\\’?
A. Run an anti-malware scan on the system to detect and eradicate the current threat
B. Start a network capture on the system to look into the DNS requests to validate command and control traffic.
C. Shut down the system to prevent further degradation of the company network
D. Reimage the machine to remove the threat completely and get back to a normal running state.
E. Isolate the system on the network to ensure it cannot access other systems while evaluation is underway.
Correct Answer: A

A security analyst is reviewing the logs from an internal chat server. The chat.log file is too large to review manually, so
the analyst wants to create a shorter log file that only includes lines associated with a user demonstrating anomalous
activity. Below is a snippet of the log:

cs0-002 exam questions-q12

Which of the following commands would work BEST to achieve the desired result?
A. grep -v chatter14 chat.log
B. grep -i pythonfun chat.log
C. grep -i javashark chat.log
D. grep -v javashark chat.log
E. grep -v pythonfun chat.log
F. grep -i chatter14 chat.log
Correct Answer: D

During an investigation, a security analyst identified machines that are infected with malware the antivirus was unable to
detect. Which of the following is the BEST place to acquire evidence to perform data carving?
A. The system memory
B. The hard drive
C. Network packets
D. The Windows Registry
Correct Answer: A

CompTIA CS0-002 exercise questions video learn

CS0-002 vs CS0-001

Why choose pass4itsure CompTIA dumps


All issues have been corrected! Guaranteed to be true and effective!

Share the CompTIA CS0-002 exam discount code for free

Pass4itsure discount code 2020


Free CompTIA CS0-002 online practice tests to help test your true strength! CompTIA CS0-002 dumps pdf download online! please click on the full CompTIA CS0-002 exam dumps.

Free CompTIA CS0-002 pdf dumps download from Google Drive: