CS0-002 Free Practice Test

- (Exam Topic 3)
Which of the following attack techniques has the GREATEST likelihood of quick success against Modbus assets?

1. A. Remote code execution
2. B. Buffer overflow
3. C. Unauthenticated commands
4. D. Certificate spoofing

Correct Answer: C

- (Exam Topic 3)
Which of the following are considered PII by themselves? (Select TWO).

1. A. Government ID
2. B. Job title
3. C. Employment start date
4. D. Birth certificate
5. E. Employer address
6. F. Mother's maiden name

Correct Answer: AD

- (Exam Topic 3)
Which of the following BEST explains the function of trusted firmware updates as they relate to hardware assurance?

1. A. Trusted firmware updates provide organizations with development, compilation, remote access, and customization for embedded devices.
2. B. Trusted firmware updates provide organizations with security specifications, open-source libraries, and custom toots for embedded devices.
3. C. Trusted firmware updates provide organizations with remote code execution, distribution, maintenance,and extended warranties for embedded devices
4. D. Trusted firmware updates provide organizations with secure code signing, distribution, installatio
5. E. and attestation for embedded devices.

Correct Answer: D
The CySA+ exam outline calls out “trusted firmware updates,” but trusted firmware itself is more commonly described as part of trusted execution environments (TEEs). Trusted firmware is signed by a chip vendor or other trusted party, and then used to access keys to help control access to hardware. TEEs like those used by ARM processors leverage these technologies to protect the hardware by preventing unsigned code from using privileged features."

- (Exam Topic 3)
A developer downloaded and attempted to install a file transfer application in which the installation package is bundled with acKvare. The next-generation antivirus software prevented the file from executing, but it did not remove the file from the device. Over the next few days, more developers tried to download and execute the offending file. Which of the following changes should be made to the security tools to BEST remedy the issue?

1. A. Blacklist the hash in the next-generation antivirus system.
2. B. Manually delete the file from each of the workstations.
3. C. Remove administrative rights from all developer workstations.
4. D. Block the download of the fie via the web proxy

Correct Answer: A

- (Exam Topic 3)
The IT department is concerned about the possibility of a guest device infecting machines on the corporate network or taking down the company's singe internet connection. Which of the following should a security analyst recommend to BEST meet the requirements outlined by the IT Department?

1. A. Require the guest machines to install the corporate-owned EDR solution.
2. B. Configure NAC to only allow machines on the network that are patched and have active antivirus.
3. C. Place a firewall In between the corporate network and the guest network
4. D. Configure the IPS with rules that will detect common malware signatures traveling from the guest network.

Correct Answer: B