CS0-002 Free Practice Test

- (Exam Topic 3)
A security analyst is scanning the network to determine if a critical security patch was applied to all systems in an enterprise. The Organization has a very low tolerance for risk when it comes to resource availability. Which of the following is the BEST approach for configuring and scheduling the scan?

1. A. Make sure the scan is credentialed, covers at hosts in the patch management system, and is scheduled during business hours so it can be terminated if it affects business operations.
2. B. Make sure the scan is uncredentialed, covers at hosts in the patch management system, and Is scheduled during of business hours so it has the least impact on operations.
3. C. Make sure the scan is credentialed, has the latest software and signature versions, covers all external hosts in the patch management system and is scheduled during off-business hours so it has the least impact on operations.
4. D. Make sure the scan is credentialed, uses a ironed plug-in set, scans all host IP addresses in the enterprise, and is scheduled during off-business hours so it has the least impact on operations.

Correct Answer: D

- (Exam Topic 2)
An analyst must review a new cloud-based SIEM solution. Which of the following should the analyst do FIRST prior to discussing the company's needs?

1. A. Perform a vulnerability scan against a test instance.
2. B. Download the product security white paper.
3. C. Check industry news feeds for product reviews.
4. D. Ensure a current non-disclosure agreement is on file

Correct Answer: D

- (Exam Topic 3)
A security officer needs to find the most cost-effective solution to the current data privacy and protection gap found in the last security assessment. Which of the following is the BEST recommendation?

1. A. Require users to sign NDAs
2. B. Create a data minimization plan.
3. C. Add access control requirements.
4. D. Implement a data loss prevention solution.

Correct Answer: B

- (Exam Topic 3)
The developers recently deployed new code to three web servers. A daffy automated external device scan report shows server vulnerabilities that are failure items according to PCI DSS.
If the venerability is not valid, the analyst must take the proper steps to get the scan clean. If the venerability is valid, the analyst must remediate the finding.
After reviewing the information provided in the network diagram, select the STEP 2 tab to complete the simulation by selecting the correct Validation Result and Remediation Action for each server listed using the drop-down options.
INTRUCTIONS:
The simulation includes 2 steps.
Step1:Review the information provided in the network diagram and then move to the STEP 2 tab.


STEP 2: Given the Scenario, determine which remediation action is required to address the vulnerability.

Solution:


Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

- (Exam Topic 3)
A company's domain has been spooled in numerous phishing campaigns. An analyst needs to determine the company is a victim of domain spoofing, despite having a DMARC record that should tell mailbox providers to ignore any email that fails DMARC upon review of the record, the analyst finds the following:

Which of the following BEST explains the reason why the company's requirements are not being processed correctly by mailbox providers?

1. A. The DMARC record's DKIM alignment tag Is incorrectly configured.
2. B. The DMARC record's policy tag is incorrectly configured.
3. C. The DMARC record does not have an SPF alignment tag.
4. D. The DMARC record's version tag is set to DMARC1 instead of the current version, which is DMARC3.

Correct Answer: C