CS0-002 Free Practice Test

- (Exam Topic 2)
A security analyst is generating a list of recommendations for the company's insecure API. Which of the following is the BEST parameter mitigation rec

1. A. Implement parameterized queries.
2. B. Use effective authentication and authorization methods.
3. C. Validate all incoming data.
4. D. Use TLs for all data exchanges.

Correct Answer: D

- (Exam Topic 3)
An incident response team detected malicious software that could have gained access to credit card data. The incident response team was able to mitigate significant damage and implement corrective actions. By having incident response mechanisms in place. Which of the following should be notified for lessons learned?

1. A. The human resources department
2. B. Customers
3. C. Company leadership
4. D. The legal team

Correct Answer: D

A security analyst, who is working for a company that utilizes Linux servers, receives the following results from a vulnerability scan:

Which of the following is MOST likely a false positive?

1. A. ICMP timestamp request remote date disclosure
2. B. Windows SMB service enumeration via \srvsvc
3. C. Anonymous FTP enabled
4. D. Unsupported web server detection

Correct Answer: B

After receiving reports latency, a security analyst performs an Nmap scan and observes the following output:

Which of the following suggests the system that produced output was compromised?

1. A. Secure shell is operating of compromise on this system.
2. B. There are no indicators of compromise on this system.
3. C. MySQL services is identified on a standard PostgreSQL port.
4. D. Standard HTP is open on the system and should be closed.

Correct Answer: B

A security analyst is reviewing the following log entries to identify anomalous activity:

Which of the following attack types is occurring?

1. A. Directory traversal
2. B. SQL injection
3. C. Buffer overflow
4. D. Cross-site scripting

Correct Answer: A