CS0-001 Free Practice Test

- (Exam Topic 1)
After analyzing and correlating activity from multiple sensors, the security analyst has determined a group from a high-risk country is responsible for a sophisticated breach of the company network and continuous administration of targeted attacks for the past three months. Until now, the attacks went unnoticed. This is an example of:

1. A. privilege escalation.
2. B. advanced persistent threat.
3. C. malicious insider threat.
4. D. spear phishing.

Correct Answer: B

- (Exam Topic 3)
A company decides to move three of its business applications to different outsourced cloud providers. After moving the applications, the users report the applications time out too quickly and too much time is spent logging back into the different web-based applications throughout the day. Which of the following should a security architect recommend to improve the end-user experience without lowering the security posture?

1. A. Configure directory services with a federation provider to manage accounts.
2. B. Create a group policy to extend the default system lockout period.
3. C. Configure a web browser to cache the user credentials.
4. D. Configure user accounts for self-service account management.

Correct Answer: B

- (Exam Topic 3)
A security analyst’s company uses RADIUS to support a remote sales staff of more than 700 people. The Chief Information Security Officer (CISO) asked to have IPSec using ESP and 3DES enabled to ensure the confidentiality of the communication as per RFC 3162. After the implementation was complete, many sales users reported latency issues and other performance issues when attempting to connect remotely. Which of the following is occurring?

1. A. The device running RADIUS lacks sufficient RAM and processing power to handle ESP implementation.
2. B. RFC 3162 is known to cause significant performance problems.
3. C. The IPSec implementation has significantly increased the amount of bandwidth needed.
4. D. The implementation should have used AES instead of 3DES.

Correct Answer: A

- (Exam Topic 3)
On winch of the following organizational resources is the lack of an enabled password or PIN a common vulnerability?

1. A. VDI systems
2. B. Mobile devices
3. C. Enterprise server OSs
4. D. VPNs
5. E. VoIP phones

Correct Answer: B

- (Exam Topic 2)
Which of the following is vulnerability when using Windows as a host OS lot virtual machines?

1. A. Windows requires frequent patching.
2. B. Windows virtualized environments are typically unstable.
3. C. Windows requires hundreds of open firewall ports lo operate.
4. D. Windows is vulnerable to the "ping of death"

Correct Answer: D