CS0-002 Free Practice Test

- (Exam Topic 1)
Which of the following software assessment methods would be BEST for gathering data related to an application’s availability during peak times?

1. A. Security regression testing
2. B. Stress testing
3. C. Static analysis testing
4. D. Dynamic analysis testing
5. E. User acceptance testing

Correct Answer: B

- (Exam Topic 2)
A security analyst is required to stay current with the most recent threat data and intelligence reports. When gathering data, it is MOST important for the data to be:

1. A. proprietary and timely
2. B. proprietary and accurate
3. C. relevant and deep
4. D. relevant and accurate

Correct Answer: D

- (Exam Topic 3)
During an Incident, it Is determined that a customer database containing email addresses, first names, and last names was exfiltrated. Which ot the following should the security analyst do NEXT?

1. A. Consult with the legal department for regulatory impact.
2. B. Encrypt the database with available tools.
3. C. Email the customers to inform them of the breach.
4. D. Follow the incident communications process.

Correct Answer: D

- (Exam Topic 3)
When investigating a compromised system, a security analyst finds the following script in the /tmp directory:

Which of the following attacks is this script attempting, and how can it be mitigated?

1. A. This is a password-hijacking attack, and it can be mitigated by using strong encryption protocols.
2. B. This is a password-spraying attack, and it can be mitigated by using multifactor authentication.
3. C. This is a password-dictionary attack, and it can be mitigated by forcing password changes every 30 days.
4. D. This is a credential-stuffing attack, and it can be mitigated by using multistep authentication.

Correct Answer: B
https://owasp.org/www-community/attacks/Password_Spraying_Attack
A credential stuffing attack would be using the full credentials and most likely being used across many common platforms. A credential stuffing attack depends on the reuse of passwords. With so many people reusing their passwords for multiple accounts, just one set of credentials is enough to expose most or all of their accounts.

- (Exam Topic 1)
A Chief Information Security Officer (CISO) wants to upgrade an organization's security posture by improving proactive activities associated with attacks from internal and external threats.
Which of the following is the MOST proactive tool or technique that feeds incident response capabilities?

1. A. Development of a hypothesis as part of threat hunting
2. B. Log correlation, monitoring, and automated reporting through a SIEM platform
3. C. Continuous compliance monitoring using SCAP dashboards
4. D. Quarterly vulnerability scanning using credentialed scans

Correct Answer: A