CompTIA CompTIA Certifications CS0-002 Questions & Answers

• Question 731:

  Which of the following policies would state an employee should not disable security safeguards, such as host firewalls and antivirus on company systems?

  A. Code of conduct policy

  B. Account management policy

  C. Password policy

  D. Acceptable use policy

  Correct Answer: D

• Question 732:

  After a remote command execution incident occurred on a web server, a security analyst found the following piece of code in an XML file:

  

  Which of the following it the BEST solution to mitigate this type of attack?

  A. Implement a better level of user input filters and content sanitization.

  B. Property configure XML handlers so they do not process sent parameters coming from user inputs.

  C. Use parameterized Queries to avoid user inputs horn being processed by the server.

  D. Escape user inputs using character encoding conjoined with whitelisting

  Correct Answer: B

• Question 733:

  A security analyst is running a tool against an executable of an unknown source. The Input supplied by the tool to the executable program and the output from the executable are shown below:

  

  Which of the following should the analyst report after viewing this Information?

  A. A dynamic library that is needed by the executable a missing

  B. Input can be crafted to trigger an Infection attack in the executable

  C. The toot caused a buffer overflow in the executable's memory

  D. The executable attempted to execute a malicious command

  Correct Answer: B

• Question 734:

  A security analyst is researching ways to improve the security of a company's email system to mitigate emails that are impersonating company executives. Which of the following would be BEST for the analyst to configure to achieve this objective?

  A. A TXT record on the name server for SPF

  B. DNSSEC keys to secure replication

  C. Domain Keys identified Man

  D. A sandbox to check incoming mad

  Correct Answer: C

• Question 735:

  The IT department is concerned about the possibility of a guest device infecting machines on the corporate network or taking down the company's singe internet connection. Which of the following should a security analyst recommend to BEST meet the requirements outlined by the IT Department?

  A. Require the guest machines to install the corporate-owned EDR solution.

  B. Configure NAC to only alow machines on the network that are patched and have active antivirus.

  C. Place a firewall In between the corporate network and the guest network

  D. Configure the IPS with rules that will detect common malware signatures traveling from the guest network.

  Correct Answer: B

• Question 736:

  A company stores all of its data in the cloud. All company-owned laptops are currently unmanaged, and all users have administrative rights. The security team is having difficulty identifying a way to secure the environment. Which of the following would be the BEST method to protect the company's data?

  A. Implement UEM on an systems and deploy security software.

  B. Implement DLP on all workstations and block company data from being sent outside the company

  C. Implement a CASB and prevent certain types of data from being downloaded to a workstation

  D. Implement centralized monitoring and logging for an company systems.

  Correct Answer: C

• Question 737:

  A business recently acquired a software company. The software company's security posture is unknown. However, based on an assessment, there are limited security controls. No significant security monitoring exists. Which of the following is the NEXT step that should be completed to obtain information about the software company's security posture?

  A. Develop an asset inventory to determine the systems within the software company

  B. Review relevant network drawings, diagrams and documentation

  C. Perform penetration tests against the software company's Internal and external networks

  D. Baseline the software company's network to determine the ports and protocols in use.

  Correct Answer: A

• Question 738:

  After a series of Group Policy Object updates, multiple services stopped functioning. The systems administrator believes the issue resulted from a Group Policy Object update but cannot validate which update caused the Issue. Which of the following security solutions would resolve this issue?

  A. Privilege management

  B. Group Policy Object management

  C. Change management

  D. Asset management

  Correct Answer: C

• Question 739:

  A financial organization has offices located globally. Per the organization's policies and procedures, all executives who conduct Business overseas must have their mobile devices checked for malicious software or evidence of tempering upon their return. The information security department oversees the process, and no executive has had a device compromised. The Chief information Security Officer wants to Implement an additional safeguard to protect the organization's data. Which of the following controls would work BEST to protect the privacy of the data if a device is stolen?

  A. Implement a mobile device wiping solution for use if a device is lost or stolen.

  B. Install a DLP solution to track data now

  C. Install an encryption solution on all mobile devices.

  D. Train employees to report a lost or stolen laptop to the security department immediately

  Correct Answer: C

• Question 740:

  Which of the following organizational initiatives would be MOST impacted by data severighty issues?

  A. Moving to a cloud-based environment

  B. Migrating to locally hosted virtual servers

  C. Implementing non-repudiation controls

  D. Encrypting local database queries

  Correct Answer: A