CS0-001 Free Practice Test

- (Exam Topic 2)
Which of the following are essential components within the rules of engagement for a penetration test? (Select TWO).

1. A. Schedule
2. B. Authorization
3. C. List of system administrators
4. D. Payment terms
5. E. Business justification

Correct Answer: AB

- (Exam Topic 2)
An ATM in a building lobby has been compromised. A security technician has been advised that the ATM must be forensically analyzed by multiple technicians. Which of the following items in a forensic tool kit would likely be used FIRST? (Select TWO).

1. A. Drive adapters
2. B. Chain of custody form
3. C. Write blockers
4. D. Crime tape
5. E. Hashing utilities
6. F. Drive imager

Correct Answer: BC

- (Exam Topic 2)
A security analyst at a small regional bank has received an alert that nation states are attempting to infiltrate financial institutions via phishing campaigns. Which of the following techniques should the analyst recommend as a proactive measure to defend against this type of threat?

1. A. Honeypot
2. B. Location-based NAC
3. C. System isolation
4. D. Mandatory access control
5. E. Bastion host

Correct Answer: B

- (Exam Topic 2)
AChief Information Security Officer (CISO) wants to standardize the company’s security program so it can be objectively assessed as part of an upcoming audit requested by management.
Which of the following would holistically assist in this effort?

1. A. ITIL
2. B. NIST
3. C. Scrum
4. D. AUP
5. E. Nessus

Correct Answer: B

- (Exam Topic 3)
A security analyst is creating ACLs on a perimeter firewall that will deny inbound packets that are from internal addresses, reserved external addresses, and multicast addresses. Which of the following is the analyst attempting to prevent/

1. A. Broadcast storms
2. B. Spoofing attacks
3. C. UDoS attacks
4. D. Man in-the-middle attacks

Correct Answer: B