CS0-002 Free Practice Test

- (Exam Topic 1)
During an investigation, a security analyst determines suspicious activity occurred during the night shift over the weekend. Further investigation reveals the activity was initiated from an internal IP going to an external website.
Which of the following would be the MOST appropriate recommendation to prevent the activity from happening in the future?

1. A. An IPS signature modification for the specific IP addresses
2. B. An IDS signature modification for the specific IP addresses
3. C. A firewall rule that will block port 80 traffic
4. D. A firewall rule that will block traffic from the specific IP addresses

Correct Answer: A

- (Exam Topic 2)
Portions of a legacy application are being refactored to discontinue the use of dynamic SQL Which of the following would be BEST to implement in the legacy application?

1. A. Multifactor authentication
2. B. Web-application firewall
3. C. SQL injection
4. D. Parameterized queries
5. E. Input validation

Correct Answer: A

- (Exam Topic 3)
The Chief information Officer of a large cloud software vendor reports that many employees are falling victim to phishing emails because they appear to come from other employees. Which of the following would BEST prevent this issue

1. A. Induce digital signatures on messages originating within the company.
2. B. Require users authenticate to the SMTP server
3. C. Implement DKIM to perform authentication that will prevent this Issue.
4. D. Set up an email analysis solution that looks for known malicious Iinks within the email.

Correct Answer: C

- (Exam Topic 2)
An analyst is reviewing the following code output of a vulnerability scan:

Which of the following types of vulnerabilities does this MOST likely represent?

1. A. A insecure direct object reference vulnerability
2. B. An HTTP response split vulnerability
3. C. A credential bypass vulnerability
4. D. A XSS vulnerability

Correct Answer: C

- (Exam Topic 3)
The help desk is having difficulty keeping up with all onboarding and offboarding requests. Managers often submit, requests for new users at the last minute. causing the help desk to scramble to create accounts across many different Interconnected systems. Which of the following solutions would work BEST to assist the help desk with the onboarding and offboarding process while protecting the company's assets?

1. A. MFA
2. B. CASB
3. C. SSO
4. D. RBAC

Correct Answer: C