If you have lost your hope to pass CS0-001 exam then don’t be disappointed and stand up again and download CS0-001 dumps. Before downloading this original PDF stuff you can check our demo questions and answers from Realexamcollection.You can easily evaluate the usefulness of actual stuff with this free demo version.CompTIA Cybersecurity Analyst is not a difficult attempt if you get are well directed by the supervisors and get help from CS0-001 exam dumps.This stuff can be accessed with cheap price and you can download it for permanent use.Once you download the dumps material you will be able to access it instantly from anywhere.CS0-001 questions and answers is a well-patterned orientation of exam related information.At the last part of your preparatory process you will get access to Online Practice Test that will impart a sense of final exam.Be determined now and go for your exam with CS0-001 dumps.https://www.realexamcollection.com/comptia/cs0-001-dumps.html
Category
Education
2020 Download Updated CompTIA CS0-001 Dumps
CompTIA
Exam CS0-001
CompTIA Cybersecurity Analyst (CySA+) Exam
Version: Demo
[ Total Questions: 10 ]
https://www.realexamcollection.com/comptia/cs0-001-dumps.html
Question No : 1
A project lead is reviewing the statement of work for an upcoming project that is focused on
identifying potential weaknesses in the organization’s internal and external network
infrastructure. As part of the project, a team of external contractors will attempt to employ
various attacks against the organization. The statement of work specifically addresses the
utilization of an automated tool to probe network resources in an attempt to develop logical
diagrams indication weaknesses in the infrastructure.
The scope of activity as described in the statement of work is an example of:
A. session hijacking
B. vulnerability scanning
C. social engineering
D. penetration testing
E. friendly DoS
Answer: D
Question No : 2
A web application has a newly discovered vulnerability in the authentication method used
to validate known company users. The user ID of Admin with a password of “password”
grants elevated access to the application over the Internet. Which of the following is the
BEST method to discover the vulnerability before a production deployment?
A. Manual peer review
B. User acceptance testing
C. Input validation
D. Stress test the application
Answer: C
Question No : 3
A recent audit has uncovered several coding errors and a lack of input validation being
used on a public portal. Due to the nature of the portal and the severity of the errors, the
portal is unable to be patched. Which of the following tools could be used to reduce the risk
2
of being compromised?
A. Web application firewall
B. Network firewall
C. Web proxy
D. Intrusion prevention system
Answer: B
Question No : 4
A company has been a victim of multiple volumetric DoS attacks. Packet analysis of the
offending traffic shows the following:
Which of the following mitigation techniques is MOST effective against the above attack?
A. The company should contact the upstream ISP and ask that RFC1918 traffic be
dropped.
B. The company should implement a network-based sinkhole to drop all traffic coming from
192.168.1.1 at their gateway router.
C. The company should implement the following ACL at their gateway firewall:DENY IP
HOST 192.168.1.1 170.43.30.0/24.
D. The company should enable the DoS resource starvation protection feature of the
gateway NIPS.
Answer: A
Question No : 5
A security analyst has been asked to remediate a server vulnerability. Once the analyst has
located a patch for the vulnerability, which of the following should happen NEXT?
A. Start the change control process.
3
B. Rescan to ensure the vulnerability still exists.
C. Implement continuous monitoring.
D. Begin the incident response process.
Answer: A
Question No : 6
Which of the following policies BEST explains the purpose of a data ownership policy?
A. The policy should describe the roles and responsibilities between users and managers,
and the management of specific data types.
B. The policy should establish the protocol for retaining information types based on
regulatory or business needs.
C. The policy should document practices that users must adhere to in order to access data
on the corporate network or Internet.
D. The policy should outline the organization’s administration of accounts for authorized
users to access the appropriate data.
Answer: D
Question No : 7
An alert has been distributed throughout the information security community regarding a
critical Apache vulnerability. Which of the following courses of action would ONLY identify
the known vulnerability?
A. Perform an unauthenticated vulnerability scan on all servers in the environment.
B. Perform a scan for the specific vulnerability on all web servers.
C. Perform a web vulnerability scan on all servers in the environment.
D. Perform an authenticated scan on all web servers in the environment.
Answer: B
Question No : 8
4
A security analyst is attempting to configure a vulnerability scan for a new segment on the
network. Given the requirement to prevent credentials from traversing the network while
still conducting a credentialed scan, which of the following is the BEST choice?
A. Install agents on the endpoints to perform the scan
B. Provide each endpoint with vulnerability scanner credentials
C. Encrypt all of the traffic between the scanner and the endpoint
D. Deploy scanners with administrator privileges on each endpoint
Answer: A
Question No : 9 CORRECT TEXT
The developers recently deployed new code to three web servers. A daily automated
external device scan report shows server vulnerabilities that are failing items according to
PCI DSS. If the vulnerability is not valid, the analyst must take the proper steps to get the
scan clean. If the vulnerability is valid, the analyst must remediate the finding. After
reviewing the given information, select the STEP 2 tab in order to complete the simulation
by selecting the correct “Validation Result” AND “Remediation Action” for each server listed
using the drop down options.
Instructions:
If at any time you would like to bring back the initial state of the simulation, please select
the Reset button. When you have completed the simulation, please select the Done button
to submit. Once the simulation is submitted, please select the Next button to continue.
5
6
7
8
Answer: see solution below
WEB_SERVER01: VALID – IMPLEMENT SSL/TLS
WEB_SERVER02: VALID – SET SECURE ATTRIBUTE WHEN COOKIE SHOULD SENT
VIA HTTPS ONLY
WEB_SERVER03: VALID – IMPLEMENT CA SIGNED CERTIFICATE
Question No : 10
The help desk informed a security analyst of a trend that is beginning to develop regarding
a suspicious email that has been reported by multiple users. The analyst has determined
the email includes an attachment named invoice.zip that contains the following files:
Locky.js
xerty.ini
xerty.lib
Further analysis indicates that when the .zip file is opened, it is installing a new version of
ransomware on the devices. Which of the following should be done FIRST to prevent data
on the company NAS from being encrypted by infected devices?
A. Disable access to the company VPN.
9
B. Email employees instructing them not to open the invoice attachment.
C. Set permissions on file shares to read-only.
D. Add the URL included in the .js file to the company’s web proxy filter.
Answer: B
https://www.realexamcollection.com/comptia/cs0-001-dumps.html
10
Comments