This page was exported from All The Latest MCTS Exam Questions And Answers For Free Share
[
https://www.mctsdump.com
]
Export date: Fri Mar 29 11:19:23 2024 / +0000 GMT
New Updated CS0-001 Exam Questions from PassLeader CS0-001 PDF dumps! Welcome to download the newest PassLeader CS0-001 VCE dumps: https://www.passleader.com/cs0-001.html (321 Q&As) Keywords: CS0-001 exam dumps, CS0-001 exam questions, CS0-001 VCE dumps, CS0-001 PDF dumps, CS0-001 practice tests, CS0-001 study guide, CS0-001 braindumps, CompTIA Cybersecurity Analyst (CSA+) Exam P.S. New CS0-001 dumps PDF: https://drive.google.com/open?id=0B-ob6L_QjGLpaXd6TXJ4T3ItSDQ NEW QUESTION 300 A. Phishing Answer: D NEW QUESTION 301 A. Place the malware on an isolated virtual server disconnected from the network. Answer: A NEW QUESTION 302 A. Increase scan frequency. Answer: B NEW QUESTION 303 A. Logic bomb Answer: D NEW QUESTION 304 A. To create a chain of evidence to demonstrate when the servers were patched. Answer: B NEW QUESTION 305 A. Develop a request for proposal. Answer: C NEW QUESTION 306 A. Allow incoming IPSec traffic into the vendor's IP address. Answer: B NEW QUESTION 307 A. Configure a VPN concentrator to terminate in the DMZ to allow help desk personnel access to resources. Answer: A NEW QUESTION 308 A. Data ownership policy Answer: BF NEW QUESTION 309 A. Newly discovered PII on a server. Answer: B NEW QUESTION 310 A. Banner grab Answer: D NEW QUESTION 311 A. Access control list network segmentation that prevents access to the SCADA devices inside the network. Answer: B NEW QUESTION 312 A. Microsoft Office Remote Code Execution Answer: A NEW QUESTION 313 A. Personnel training Answer: D NEW QUESTION 314 A. Implement a group policy on company systems to block access to SCADA networks. Answer: A NEW QUESTION 315 A. CIS benchmark Answer: A NEW QUESTION 316 A. The access point is blocking access by MAC address. Disable MAC address filtering. Answer: D NEW QUESTION 317 Download the newest PassLeader CS0-001 dumps from passleader.com now! 100% Pass Guarantee! CS0-001 PDF dumps & CS0-001 VCE dumps: https://www.passleader.com/cs0-001.html (321 Q&As) (New Questions Are 100% Available and Wrong Answers Have Been Corrected! Free VCE simulator!) P.S. New CS0-001 dumps PDF: https://drive.google.com/open?id=0B-ob6L_QjGLpaXd6TXJ4T3ItSDQ
A security operations team was alerted to abnormal DNS activity coming from a user's machine. The team performed a forensic investigation and discovered a host had been compromised. Malicious code was using DNS as a tunnel to extract data from the client machine, which had been leaked and transferred to an unsecure public Internet site. Which of the following BEST describes the attack?
B. Pharming
C. Cache poisoning
D. Data exfiltration
Which of the following is the MOST secure method to perform dynamic analysis of malware that can sense when it is in a virtual environment?
B. Place the malware in a virtual server that is running Windows and is connected to the network.
C. Place the malware on a virtual server connected to a VLAN.
D. Place the malware on a virtual server running SIFT and begin analysis.
A company has established an ongoing vulnerability management program and procured the latest technology to support it. However, the program is failing because several vulnerabilities have not been detected. Which of the following will reduce the number of false negatives?
B. Perform credentialed scans.
C. Update the security incident response plan.
D. Reconfigure scanner to brute force mechanisms.
A cyber incident response team finds a vulnerability on a company website that allowed an attacker to inject malicious code into its web application. There have been numerous unsuspecting users visiting the infected page, and the malicious code executed on the victim's browser has led to stolen cookies, hijacked sessions, malware execution, and bypassed access control. Which of the following exploits is the attacker conducting on the company's website?
B. Rootkit
C. Privilege escalation
D. Cross-site scripting
After implementing and running an automated patching tool, a security administrator ran a vulnerability scan that reported no missing patches found. Which of the following BEST describes why this tool was used?
B. To harden the servers against new attacks.
C. To provide validation that the remediation was active.
D. To generate log data for unreleased patches.
The board of directors made the decision to adopt a cloud-first strategy. The current security infrastructure was designed for on-premise implementation. A critical application that is subject to the Federal Information Security Management Act (FISMA) of 2002 compliance has been identified as a candidate for a hybrid cloud deployment model. Which of the following should be conducted FIRST?
B. Perform a risk assessment.
C. Review current security controls.
D. Review the SLA for FISMA compliance.
Joe, an analyst, has received notice that a vendor who is coming in for a presentation will require access to a server outside the network. Currently, users are only able to access remote sites through a VPN connection. Which of the following should Joe use to BEST accommodate the vendor?
B. Set up a VPN account for the vendor, allowing access to the remote site.
C. Turn off the firewall while the vendor is in the office, allowing access to the remote site.
D. Write a firewall rule to allow the vendor to have access to the remote site.
A company allows employees to work remotely. The security administration is configuring services that will allow remote help desk personnel to work secure outside the company's headquarters. Which of the following presents the BEST solution to meet this goal?
B. Open port 3389 on the firewall to the server to allow users to connect remotely.
C. Set up a jump box for all help desk personnel to remotely access system resources.
D. Use the company's existing web server for remote access and configure over port 8080.
After an internal audit, it was determined that administrative logins need to use multifactor authentication or a 15-character key with complexity enabled. Which of the following policies should be updates to reflect this change? (Choose two.)
B. Password policy
C. Data classification policy
D. Data retention policy
E. Acceptable use policy
F. Account management policy
Management wants to scan servers for vulnerabilities on a periodic basis. Management has decided that the scan frequency should be determined only by vendor patch schedules and the organization's application deployment schedule. Which of the following would force the organization to conduct an out-of- cycle vulnerability scan?
B. A vendor releases a critical patch update.
C. A critical bug fix in the organization's application.
D. False positives identified in production.
A security administrator recently deployed a virtual honeynet. The honeynet is not protected by the company's firewall, while all production networks are protected by a stateful firewall. Which of the following would BEST allow an external penetration tester to determine which one is the honeynet's network?
B. Packet analyzer
C. Fuzzer
D. TCP ACK scan
A security analyst is conducting a vulnerability assessment of older SCADA devices on the corporate network. Which of the following compensating controls is likely to prevent the scans from providing value?
B. Detailed and tested firewall rules that effectively prevent outside access of the SCADA devices.
C. Implementation of a VLAN that allows all devices on the network to see all SCADA devices on the network.
D. SCADA systems configured with `SCADA SUPPORT'=ENABLE.
A logistics company's vulnerability scan identifies the following vulnerabilities on Internet-facing devices in the DMZ:
- SQL injection on an infrequently used web server that provides files to vendors
- SSL/TLS not used for a website that contains promotional information
The scan also shows the following vulnerabilities on internal resources:
- Microsoft Office Remote Code Execution on test server for a human resources system
- TLS downgrade vulnerability on a server in a development network
In order of risk, which of the following should be patched FIRST?
B. SQL injection
C. SSL/TLS not used
D. TLS downgrade
A cybersecurity analyst is reviewing Apache logs on a web server and finds that some logs are missing. The analyst has identified that the systems administrator accidentally deleted some log files. Which of the following actions or rules should be implemented to prevent this incident from reoccurring?
B. Separation of duties
C. Mandatory vacation
D. Backup server
While reviewing three months of logs, a security analyst notices probes from random company laptops going to SCADA equipment at the company's manufacturing location. Some of the probes are getting responses from the equipment even though firewall rules are in place, which should block this type of unauthorized activity. Which of the following should the analyst recommend to keep this activity from originating from company laptops?
B. Require connections to the SCADA network to go through a forwarding proxy.
C. Update the firewall rules to block SCADA network access from those laptop IP addresses.
D. Install security software and a host-based firewall on the SCADA equipment.
An analyst is preparing for a technical security compliance check on all Apache servers. Which of the following will be the BEST to use?
B. Nagios
C. OWASP
D. Untidy
E. Cain & Abel
A company provides wireless connectivity to the internal network from all physical locations for company-owned devices. Users were able to connect the day before, but now all users have reported that when they connect to an access point in the conference room, they cannot access company resources. Which of the following BEST describes the cause of the problem?
B. The network is not available. Escalate the issue to network support.
C. Expired DNS entries on users' devices. Request the affected users perform a DNS flush.
D. The access point is a rogue device. Follow incident response procedures.
......
Post date: 2019-02-19 06:38:20
Post date GMT: 2019-02-19 06:38:20
Post modified date: 2019-02-19 06:38:20
Post modified date GMT: 2019-02-19 06:38:20
Powered by [ Universal Post Manager ] plugin. MS Word saving format developed by gVectors Team www.gVectors.com