[Free] 2019(Oct) EnsurePass CompTIA CS0-001 Dumps with VCE and PDF 61-70

Get Full Version of the Exam
http://www.EnsurePass.com/CS0-001.html

Question No.61

A cybersecurity analyst is retained by a firm for an open investigation. Upon arrival, the cybersecurity analyst reviews several security logs.

Given the following snippet of code:

image

Which of the following combinations BEST describes the situation and recommendations to be made for this situation?

  1. The cybersecurity analyst has discovered host 192.168.0.101 using Windows Task Scheduler at 13:30 to runnc.exe; recommend proceeding with the next step of removing the host from the network.

  2. The cybersecurity analyst has discovered host 192.168.0.101 to be running thenc.exe file at 13:30 using the auto cron job remotely, there are no recommendations since this is not a threat currently.

  3. The cybersecurity analyst has discovered host 192.168.0.101 is beaconing every day at 13:30 using thenc.exe file; recommend proceeding with the next step of removing the host from the network.

  4. The security analyst has discovered host 192.168.0.101 is a rogue device on the network, recommend proceeding with the next step of removing the host from the network.

Correct Answer: A

Question No.62

A company wants to update its acceptable use policy (AUP) to ensure it relates to the newly implemented password standard, which requires sponsored authentication of guest wireless devices. Which of the following is MOST likely to be incorporated in the AUP?

  1. Sponsored guest passwords must be at least ten characters in length and contain a symbol.

  2. The corporate network should have a wireless infrastructure that uses open authentication standards.

  3. Guests using the wireless network should provide valid identification when registering their wireless devices.

  4. The network should authenticate all guest users using 802.1x backed by a RADIUS or LDAP server.

Correct Answer: C

Question No.63

An ATM in a building lobby has been compromised. A security technician has been advised that the ATM must be forensically analyzed by multiple technicians. Which of the following items in a forensic tool kit would likely be used FIRST? (Select TWO).

  1. Drive adapters

  2. Chain of custody form

  3. Write blockers

  4. Crime tape

  5. Hashing utilities

  6. Drive imager

Correct Answer: BC

Question No.64

An incident response report indicates a virus was introduced through a remote host that was connected to corporate resources. A cybersecurity analyst has been asked for a recommendation to solve this issue. Which of the following should be applied?

  1. MAC

  2. TAP

  3. NAC

  4. ACL

Correct Answer: C

Question No.65

Due to new regulations, a company has decided to institute an organizational vulnerability management program and assign the function to the security team. Which of the following frameworks would BEST support the program? (Select two.)

  1. COBIT

  2. NIST

  3. ISO 27000 series

  4. ITIL

  5. OWASP

Correct Answer: BD

Question No.66

Considering confidentiality and integrity, which of the following make servers more secure than desktops? (Select THREE).

  1. VLANs

  2. OS

  3. Trained operators

  4. Physical access restriction

  5. Processing power

  6. Hard drive capacity

Correct Answer: BCD

Question No.67

Review the following results:

image

Which of the following has occurred?

  1. This is normal network traffic.

  2. 123.120.110.212 is infected with a Trojan.

  3. 172.29.0.109 is infected with a worm.

  4. 172.29.0.109 is infected with a Trojan.

Correct Answer: A

Question No.68

When reviewing network traffic, a security analyst detects suspicious activity:

image

Based on the log above, which of the following vulnerability attacks is occurring?

  1. ShellShock

  2. DROWN

  3. Zeus

  4. Heartbleed

  5. POODLE

Correct Answer: E

Question No.69

Which of the following best practices is used to identify areas in the network that may be vulnerable to penetration testing from known external sources?

  1. Blue team training exercises

  2. Technical control reviews

  3. White team training exercises

  4. Operational control reviews

Correct Answer: A

Question No.70

An organization wants to harden its web servers. As part of this goal, leadership has directed that vulnerability scans be performed, and the security team should remediate the servers according to industry best practices. The team has already chosen a vulnerability scanner and performed the necessary scans, and now the team needs to prioritize the fixes. Which of the following would help to prioritize the vulnerabilities for remediation in accordance with industry best practices?

  1. CVSS

  2. SLA

  3. ITIL

  4. OpenVAS

  5. Qualys

Correct Answer: A

Get Full Version of the Exam
CS0-001 Dumps
CS0-001 VCE and PDF

Tagged , , , , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *