CS0-002 Free Practice Test

A security analyst is reviewing a web application. If an unauthenticated user tries to access a page in the application, the user is redirected to the login page. After successful authentication, the user is then redirected back to the original page. Some users have reported receiving phishing emails with a link that takes them to the application login page but then redirects to a fake login page after successful authentication.
Which of the following will remediate this software vulnerability?

1. A. Enforce unique session IDs for the application.
2. B. Deploy a WAF in front of the web application.
3. C. Check for and enforce the proper domain for the redirect.
4. D. Use a parameterized query to check the credentials.
5. E. Implement email filtering with anti-phishing protection.

Correct Answer: D

A security administrator needs to create an IDS rule to alert on FTP login attempts by root. Which of the following rules is the BEST solution?

1. A. Option A
2. B. Option B
3. C. Option C
4. D. Option D

Correct Answer: B

A system’s authority to operate (ATO) is set to expire in four days. Because of other activities and limited staffing, the organization has neglected to start reauthentication activities until now. The cybersecurity group just performed a vulnerability scan with the partial set of results shown below:

Based on the scenario and the output from the vulnerability scan, which of the following should the security team do with this finding?

1. A. Remediate by going to the web config file, searching for the enforce HTTP validation setting, and manually updating to the correct setting.
2. B. Accept this risk for now because this is a “high” severity, but testing will require more than the four days available, and the system ATO needs to be competed.
3. C. Ignore i
4. D. This is false positive, and the organization needs to focus its efforts on other findings.
5. E. Ensure HTTP validation is enabled by rebooting the server.

Correct Answer: A

A cybersecurity analyst is supporting an incident response effort via threat intelligence. Which of the following is the analyst MOST likely executing?

1. A. Requirements analysis and collection planning
2. B. Containment and eradication
3. C. Recovery and post-incident review
4. D. Indicator enrichment and research pivoting

Correct Answer: A

A large software company wants to move «s source control and deployment pipelines into a cloud-computing environment. Due to the nature of the business management determines the recovery time objective needs to be within one hour. Which of the following strategies would put the company in the BEST position to achieve the desired recovery time?

1. A. Establish an alternate site with active replication to other regions
2. B. Configure a duplicate environment in the same region and load balance between both instances
3. C. Set up every cloud component with duplicated copies and auto scaling turned on
4. D. Create a duplicate copy on premises that can be used for failover in a disaster situation

Correct Answer: A