CS0-002 Practice Online

Question 1

A security analyst is reviewing the network security monitoring logs listed below:

Which of the following is the analyst MOST likely observing? (Select TWO).

A : 10.1.1.128 sent malicious requests, and the alert is a false positive.

B : 10.1.1.129 sent potential malicious requests to the web server.

C : 10.1.1.129 sent non-malicious requests, and the alert is a false positive.

D : 10.1.1.128 sent potential malicious traffic to the web server.

E : 10.1.1 .129 successfully exploited a vulnerability on the web server.

Answer: A,D

Question 2

A security analyst receives an alert from the SIEM about a possible attack happening on the network The analyst opens the alert and sees the IP address of the suspected server as 192.168.54.66. which is part of the network 192 168 54 0/24. The analyst then pulls all the command history logs from that server and sees the following

Which of the following activities is MOST likely happening on the server?

A : A MITM attack

B : Enumeration

C : Fuzzing

D : A vulnerability scan

Answer: A

Question 3

A security analyst is performing a Diamond Model analysis of an incident the company had last quarter. A potential benefit of this activity is that it can identify:

A : detection and prevention capabilities to improve.

B : which systems were exploited more frequently.

C : possible evidence that is missing during forensic analysis.

D : which analysts require more training.

E : the time spent by analysts on each of the incidents.

Answer: A

Question 4

A company's data is still being exfiltered to business competitors after the implementation of a DLP solution. Which of the following is the most likely reason why the data is still being compromised?

A : Printed reports from the database contain sensitive information

B : DRM must be implemented with the DLP solution

C : Users are not labeling the appropriate data sets

D : DLP solutions are only effective when they are implemented with disk encryption

Answer: B

Question 5

Which of the following types of policies is used to regulate data storage on the network?

A : Password

B : Acceptable use

C : Account management

D : Retention

Answer: D

Name:	CompTIA Cybersecurity Analyst (CySA+)
Exam Code:	CS0-002
Certification:	CompTIA Cybersecurity Analyst
Vendor:	CompTIA
Total Questions:	578
Last Updated:	Apr 24, 2024

Download Demo CS0-002 Dumps

Create Account

Password Recovery

CS0-002 Practice Online

Download Demo CS0-002 Dumps

Member Login

Create Account

Password Recovery

CS0-002 Practice Online