Free CS0-002 Exam Braindumps

- (Exam Topic 2)
Which of the following should a database administrator implement to BEST protect data from an untrusted server administrator?

1. A. Data encryption
2. B. Data deidentification
3. C. Data masking
4. D. Data minimization

Correct Answer: A

- (Exam Topic 1)
A security analyst needs to reduce the overall attack surface.
Which of the following infrastructure changes should the analyst recommend?

1. A. Implement a honeypot.
2. B. Air gap sensitive systems.
3. C. Increase the network segmentation.
4. D. Implement a cloud-based architecture.

Correct Answer: B
Reference: https://www.securitymagazine.com/articles/89283-ways-to-reduce-your-attack-surface

- (Exam Topic 2)
A user reports a malware alert to the help desk A technician verifies the alert, determines the workstation is classified as a low-severity device, and uses network controls to block access The technician then assigns the ticket to a security analyst who will complete the eradication and recovery processes. Which of the following should the security analyst do NEXT?

1. A. Document the procedures and walk through the incident training guide.
2. B. Sanitize the workstation and verify countermeasures are restored
3. C. Reverse engineer the malware to determine its purpose and risk to the organization.
4. D. Isolate the workstation and issue a new computer to the user.

Correct Answer: B

- (Exam Topic 2)
Clients are unable to access a company’s API to obtain pricing data. An analyst discovers sources other than clients are scraping the API for data, which is causing the servers to exceed available resources. Which of the following would be BEST to protect the availability of the APIs?

1. A. IP whitelisting
2. B. Certificate-based authentication
3. C. Virtual private network
4. D. Web application firewall

Correct Answer: A

- (Exam Topic 3)
A company stores all of its data in the cloud. All company-owned laptops are currently unmanaged, and all users have administrative rights. The security team is having difficulty identifying a way to secure the environment. Which of the following would be the BEST method to protect the company's data?

1. A. Implement UEM on an systems and deploy security software.
2. B. Implement DLP on all workstations and block company data from being sent outside the company
3. C. Implement a CASB and prevent certain types of data from being downloaded to a workstation
4. D. Implement centralized monitoring and logging for an company systems.

Correct Answer: C
Cloud Access Security Broker (CASB): An enterprise management software designed to mediate access to cloud services by users across all types of devices