시험덤프
매달, 우리는 1000명 이상의 사람들이 시험 준비를 잘하고 시험을 잘 통과할 수 있도록 도와줍니다.
  / CS0-002 덤프  / CS0-002 문제 연습

CompTIA CS0-002 시험

CompTIA Cybersecurity Analyst (CySA+) Certification Exam 온라인 연습

최종 업데이트 시간: 2024년11월08일

당신은 온라인 연습 문제를 통해 CompTIA CS0-002 시험지식에 대해 자신이 어떻게 알고 있는지 파악한 후 시험 참가 신청 여부를 결정할 수 있다.

시험을 100% 합격하고 시험 준비 시간을 35% 절약하기를 바라며 CS0-002 덤프 (최신 실제 시험 문제)를 사용 선택하여 현재 최신 118개의 시험 문제와 답을 포함하십시오.

 / 7

Question No : 1


A security analyst is investigating a malware infection that occurred on a Windows system. The system was not connected to a network and had no wireless capability Company policy prohibits using portable media or mobile storage. The security analyst is trying to determine which user caused the malware to get onto the system.
Which of the following registry keys would MOST likely have this information?

정답:

Question No : 2


A security analyst recently discovered two unauthorized hosts on the campus's wireless network segment from a man-m-the-middle attack. The security analyst also verified that privileges were not escalated, and the two devices did not gain access to other network devices.
Which of the following would BEST mitigate and improve the security posture of the wireless network for this type of attack?

정답:

Question No : 3


A security analyst was alerted to a tile integrity monitoring event based on a change to the vhost-paymonts .conf file.
The output of the diff command against the known-good backup reads as follows



Which of the following MOST likely occurred?

정답:

Question No : 4


An employee in the billing department accidentally sent a spreadsheet containing payment card data to a recipient outside the organization. The employee intended to send the spreadsheet to an internal staff member with a similar name and was unaware of the mistake until the recipient replied to the message In addition to retraining the employee, which of the following would prevent this from happening in the future?

정답:

Question No : 5


HOTSPOT
Welcome to the Enterprise Help Desk System. Please work the ticket escalated to you in the desk ticket queue.

INSTRUCTIONS
Click on me ticket to see the ticket details Additional content is available on tabs within the ticket
First, select the appropriate issue from the drop-down menu. Then, select the MOST likely root cause from second drop-down menu
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button






정답:

Question No : 6


A company just chose a global software company based in Europe to implement a new supply chain management solution.
Which of the following would be the MAIN concern of the company?

정답:

Question No : 7


Which of the following is the use of tools to simulate the ability for an attacker to gain access to a specified network?

정답:

Question No : 8


A security team is implementing a new vulnerability management program in an environment that has a historically poor security posture. The team is aware of issues patch management in the environment and expects a large number of findings.
Which of the following would be the MOST efficient way to increase the security posture of the organization in the shortest amount of time?

정답:

Question No : 9


A web developer wants to create a new web part within the company website that aggregates sales from individual team sites. A cybersecurity analyst wants to ensure security measurements are implemented during this process.
Which of the following remediation actions should the analyst take to implement a vulnerability management process?

정답:

Question No : 10


Joe, a penetration tester, used a professional directory to identify a network administrator and ID administrator for a client’s company. Joe then emailed the network administrator, identifying himself as the ID administrator, and asked for a current password as part of a security exercise.
Which of the following techniques were used in this scenario?

정답:

Question No : 11


Risk management wants IT to implement a solution that will permit an analyst to intercept, execute, and analyze potentially malicious files that are downloaded from the Internet.
Which of the following would BEST provide this solution?

정답:

Question No : 12


A human resources employee sends out a mass email to all employees that contains their personnel records. A security analyst is called in to address the concern of the human resources director on how to prevent this from happening in the future.
Which of the following would be the BEST solution to recommend to the director?

정답:

Question No : 13


Ransomware is identified on a company's network that affects both Windows and MAC hosts. The command and control channel for encryption for this variant uses TCP ports from 11000 to 65000. The channel goes to good1. Iholdbadkeys.com, which resolves to IP address 72.172.16.2.
Which of the following is the MOST effective way to prevent any newly infected systems from actually encrypting the data on connected network drives while causing the least disruption to normal Internet traffic?

정답:

Question No : 14


A system administrator is doing network reconnaissance of a company’s external network to determine the vulnerability of various services that are running.
Sending some sample traffic to the external host, the administrator obtains the following packet capture:



Based on the output, which of the following services should be further tested for vulnerabilities?

정답:

Question No : 15


An analyst identifies multiple instances of node-to-node communication between several endpoints within the 10.200.2.0/24 network and a user machine at the IP address 10.200.2.5. This user machine at the IP address 10.200.2.5 is also identified as initiating outbound communication during atypical business hours with several IP addresses that have recently appeared on threat feeds.
Which of the following can be inferred from this activity?
A. 10.200.2.0/24 is infected with ransomware.
B. 10.200.2.0/24 is not routable address space.
C. 10.200.2.5 is a rogue endpoint.
D. 10.200.2.5 is exfiltrating datA.

정답: D

 / 7