Practice Exams:

Free CS0-002 Exam Braindumps

Pass your CompTIA Cybersecurity Analyst (CySA+) Certification Exam exam with these free Questions and Answers

Page 6 of 75
PDF with 372 Questions
QUESTION 21

- (Exam Topic 2)
A security analyst has discovered malware is spreading across multiple critical systems and is originating from a single workstations, which belongs to a member of the cyber-infrastructure team who has legitimate administrator credentials. An analysis of the traffic indicates the workstation swept the networking looking for vulnerable hosts to infect. Which of the following would have worked BEST to prevent the spread of this infection?

  1. A. Vulnerability scans of the network and proper patching.
  2. B. A properly configured and updated EDR solution.
  3. C. A honeypot used to catalog the anomalous behavior and update the IPS.
  4. D. Logical network segmentation and the use of jump boxes

Correct Answer: D

QUESTION 22

- (Exam Topic 2)
Which of the following data security controls would work BEST to prevent real Pll from being used in an organization's test cloud environment?

  1. A. Digital rights management
  2. B. Encryption
  3. C. Access control
  4. D. Data loss prevention
  5. E. Data masking

Correct Answer: E
Data masking is a way to create a fake, but a realistic version of your organizational data. The goal is to protect sensitive data, while providing a functional alternative when real data is not needed—for example, in user training, sales demos, or software testing.

QUESTION 23

- (Exam Topic 3)
After a remote command execution incident occurred on a web server, a security analyst found the following piece of code in an XML file:
CS0-002 dumps exhibit
Which of the following it the BEST solution to mitigate this type of attack?

  1. A. Implement a better level of user input filters and content sanitization.
  2. B. Property configure XML handlers so they do not process sent parameters coming from user inputs.
  3. C. Use parameterized Queries to avoid user inputs horn being processed by the server.
  4. D. Escape user inputs using character encoding conjoined with whitelisting

Correct Answer: B

QUESTION 24

- (Exam Topic 1)
The inability to do remote updates of certificates, keys, software, and firmware is a security issue commonly associated with:

  1. A. web servers on private networks
  2. B. HVAC control systems
  3. C. smartphones
  4. D. firewalls and UTM devices

Correct Answer: B

QUESTION 25

- (Exam Topic 3)
To validate local system-hardening requirements, which of the following types of vulnerability scans would work BEST to verify the scanned device meets security policies?

  1. A. SCAP
  2. B. SAST
  3. C. DAST
  4. D. DACS

Correct Answer: A

Page 6 of 75
PDF with 372 Questions

Post your Comments and Discuss CompTIA CS0-002 exam with other Community members: