CS0-002 Free Practice Test

- (Exam Topic 3)
An organization has a policy that requires servers to be dedicated to one function and unneeded services to be disabled. Given the following output from an Nmap scan of a web server:

Which of the following ports should be closed?

1. A. 22
2. B. 80
3. C. 443
4. D. 1433

Correct Answer: D
"servers to be dedicated to one function..." http/s and SQL are two functions. I will select D, but agree with folks that the question is horribly written, and the person who wrote it was most likely drunk.

- (Exam Topic 2)
Which of the following is a best practice when sending a file/data to another individual in an organization?

1. A. Encrypt the file but do not compress it.
2. B. When encrypting, split the file: and then compress each file.
3. C. Compress and then encrypt the file.
4. D. Encrypt and then compress the file.

Correct Answer: C

- (Exam Topic 3)
An organization recently discovered that spreadsheet files containing sensitive financial data were improperly stored on a web server. The management team wants to find out if any of these files were downloaded by pubic users accessing the server. The results should be written to a text file and should induce the date. time, and IP address associated with any spreadsheet downloads. The web server's log file Is named webserver log, and the report We name should be accessreport.txt. Following is a sample of the web servefs.log file:
2017-0-12 21:01:12 GET /index.htlm - @4..102.33.7 - return=200 1622
Which of the following commands should be run if an analyst only wants to include entries in which spreadsheet was successfully downloaded?

1. A. more webserver.log | grep * xIs > accessreport.txt
2. B. more webserver.log > grep ''xIs > egrep -E 'success' > accessreport.txt
3. C. more webserver.log | grep ' -E ''return=200 | accessreport.txt
4. D. more webserver.log | grep -A *.xIs < accessreport.txt

Correct Answer: C

- (Exam Topic 2)
The Chief Information Officer (CIO) for a large manufacturing organization has noticed a significant number of unknown devices with possible malware infections are on the organization's corporate network.
Which of the following would work BEST to prevent the issue?

1. A. Reconfigure the NAC solution to prevent access based on a full device profile and ensure antivirus is installed.
2. B. Segment the network to isolate all systems that contain highly sensitive information, such as intellectual property.
3. C. Implement certificate validation on the VPN to ensure only employees with the certificate can access the company network.
4. D. Update the antivirus configuration to enable behavioral and real-time analysis on all systems within the network.

Correct Answer: A

- (Exam Topic 1)
A SIEM solution alerts a security analyst of a high number of login attempts against the company's webmail portal. The analyst determines the login attempts used credentials from a past data breach.
Which of the following is the BEST mitigation to prevent unauthorized access?

1. A. Single sign-on
2. B. Mandatory access control
3. C. Multifactor authentication
4. D. Federation
5. E. Privileged access management

Correct Answer: C