CompTIA CompTIA Certifications CS0-002 Questions & Answers

• Question 631:

  Which of the following are considered PH by themselves? (Select TWO).

  A. Government ID

  B. Job title

  C. Employment start date

  D. Birth certificate

  E. Employer address

  F. Mother's maiden name

  Correct Answer: AD

• Question 632:

  After detecting possible malicious external scanning, an internal vulnerability scan was performed, and a critical server was found with an outdated version of JBoss. A legacy application that is running depends on that version of JBoss. Which of the following actions should be taken FIRST to prevent server compromise and business disruption at the same time?

  A. Make a backup of the server and update the JBoss server that is running on it.

  B. Contact the vendor for the legacy application and request an updated version.

  C. Create a proper DMZ for outdated components and segregate the JBoss server.

  D. Apply visualization over the server, using the new platform to provide the JBoss service for the legacy application as an external service.

  Correct Answer: C

  What is that application for? "The DMZ is a special network zone designed to house systems that receive connections from the outside world, such as web and email servers. Sound firewall designs place these systems on an isolated network where, if they become compromised, they pose little threat to the internal network because connections between the DMZ and the internal network must still pass through the firewall and are subject to its security policy"

• Question 633:

  A security analyst is deploying a new application in the environment. The application needs to be integrated with several existing applications that contain SPI Pnor to the deployment, the analyst should conduct:

  A. a tabletop exercise

  B. a business impact analysis

  C. a PCI assessment

  D. an application stress test.

  Correct Answer: B

• Question 634:

  An organization's internal department frequently uses a cloud provider to store large amounts of sensitive data. A threat actor has deployed a virtual machine to at the use of the cloud hosted hypervisor, the threat actor has escalated the access rights. Which of the following actions would be BEST to remediate the vulnerability?

  A. Sandbox the virtual machine.

  B. Implement an MFA solution.

  C. Update lo the secure hypervisor version.

  D. Implement dedicated hardware for each customer.

  Correct Answer: C

• Question 635:

  A developer is working on a program to convert user-generated input in a web form before it is displayed by the browser. This technique is referred to as:

  A. output encoding.

  B. data protection.

  C. query parameterization.

  D. input validation.

  Correct Answer: A

• Question 636:

  A security analyst needs to provide the development learn with secure connectivity from the corporate network to a three-tier cloud environment. The developers require access to servers in all three tiers in order to perform various configuration tasks. Which of the following technologies should the analyst implement to provide secure transport?

  A. CASB

  B. VPC

  C. Federation

  D. VPN

  Correct Answer: D

  What is the difference between VPN and VPC? Just as a virtual private network (VPN) provides secure data transfer over the public Internet, a VPC provides secure data transfer between a private enterprise and a public cloud provider.

• Question 637:

  A computer hardware manufacturer developing a new SoC that will be used by mobile devices. The SoC should not allow users or the process to downgrade from a newer firmware to an older one. Which of the following can the hardware manufacturer implement to prevent firmware downgrades?

  A. Encryption

  B. eFuse

  C. Secure Enclave

  D. Trusted execution

  Correct Answer: C

• Question 638:

  Which of the following is an advantage of SOAR over SIEM?

  A. SOAR is much less expensive.

  B. SOAR reduces the amount of human intervention required.

  C. SOAR can aggregate data from many sources.

  D. SOAR uses more robust encryption protocols.

  Correct Answer: B

• Question 639:

  A Chief Executive Officer (CEO) is concerned the company will be exposed lo data sovereignty issues as a result of some new privacy regulations to help mitigate this risk. The Chief Information Security Officer (CISO) wants to implement an appropriate technical control. Which of the following would meet the requirement?

  A. Data masking procedures

  B. Enhanced encryption functions

  C. Regular business impact analysis functions

  D. Geographic access requirements

  Correct Answer: D

  Data Sovereignty means that data is subject to the laws and regulations of the geographic location where that data is collected and processed. Data sovereignty is a country-specific requirement that data must remain within the borders of the jurisdiction where it originated. At its core, data sovereignty is about protecting sensitive, private data and ensuring it remains under the control of its owner. You're only worried about that if you're in multiple locations. . https://www.virtru.com/ blog/gdpr-data-sovereignty-matters- globally

• Question 640:

  A vulnerability assessment solution is hosted in the cloud. This solution will be used as an accurate inventory data source for both the configuration management database and the governance risk and compliance tool. An analyst has been asked to automate the data acquisition. Which of the following would be the BEST way to acquire the data?

  A. CSV export

  B. SOAR

  C. API

  D. Machine learning

  Correct Answer: C

  An example of API is google weather app, using the weather channel's API to collect accurate weather data and broadcast it on goggle weather app, so google doesn't have to do it their selves