CS0-002 Free Practice Test

- (Exam Topic 2)
A security analyst is reviewing the following DNS logs as part of security-monitoring activities:

Which of the following MOST likely occurred?

1. A. The attack used an algorithm to generate command and control information dynamically.
2. B. The attack used encryption to obfuscate the payload and bypass detection by an IDS.
3. C. The attack caused an internal host to connect to a command and control server.
4. D. The attack attempted to contact www.gooqle com to verify Internet connectivity.

Correct Answer: C

- (Exam Topic 1)
A security analyst received an email with the following key: Xj3XJ3LLc
A second security analyst received an email with following key: 3XJ3xjcLLC
The security manager has informed the two analysts that the email they received is a key that allows access to the company’s financial segment for maintenance. This is an example of:

1. A. dual control
2. B. private key encryption
3. C. separation of duties
4. D. public key encryption
5. E. two-factor authentication

Correct Answer: A

- (Exam Topic 1)
Which of the following technologies can be used to store digital certificates and is typically used in high-security implementations where integrity is paramount?

1. A. HSM
2. B. eFuse
3. C. UEFI
4. D. Self-encrypting drive

Correct Answer: A

- (Exam Topic 1)
Which of the following policies would state an employee should not disable security safeguards, such as host firewalls and antivirus on company systems?

1. A. Code of conduct policy
2. B. Account management policy
3. C. Password policy
4. D. Acceptable use policy

Correct Answer: D

- (Exam Topic 3)
An internally developed file-monitoring system identified the following except as causing a program to crash often:

Which of the following should a security analyst recommend to fix the issue?

1. A. Open the access.log file ri read/write mode.
2. B. Replace the strcpv function.
3. C. Perform input samtizaton
4. D. Increase the size of the file data buffer

Correct Answer: A