CS0-002 Dumps

CS0-002 Free Practice Test

CompTIA CS0-002: CompTIA Cybersecurity Analyst (CySA+) Certification Exam

QUESTION 176

The security team at a large corporation is helping the payment-processing team to prepare for a regulatory compliance audit and meet the following objectives:
CS0-002 dumps exhibit Reduce the number of potential findings by the auditors.
CS0-002 dumps exhibit Limit the scope of the audit to only devices used by the payment-processing team for activities directly impacted by the regulations.
CS0-002 dumps exhibit Prevent the external-facing web infrastructure used by other teams from coming into scope.
CS0-002 dumps exhibit Limit the amount of exposure the company will face if the systems used by the payment-processing
team are compromised.
Which of the following would be the MOST effective way for the security team to meet these objectives?

Correct Answer: B

QUESTION 177

You are a cybersecurity analyst tasked with interpreting scan data from Company A's servers. You must verify the requirements are being met for all of the servers and recommend changes if you find they are not.
The company's hardening guidelines indicate the following:
• TLS 1.2 is the only version of TLS running.
• Apache 2.4.18 or greater should be used.
• Only default ports should be used. INSTRUCTIONS
Using the supplied data, record the status of compliance with the company's guidelines for each server.
The question contains two parts: make sure you complete Part 1 and Part 2. Make recommendations for issues based ONLY on the hardening guidelines provided.
CS0-002 dumps exhibit
CS0-002 dumps exhibit
CS0-002 dumps exhibit
CS0-002 dumps exhibit
CS0-002 dumps exhibit
Solution:
Part 1 Answer
Check on the following:
AppServ1 is only using TLS.1.2
AppServ4 is only using TLS.1.2
AppServ1 is using Apache 2.4.18 or greater
AppServ3 is using Apache 2.4.18 or greater
AppServ4 is using Apache 2.4.18 or greater
Part 2 Answer
Recommendation:
Recommendation is to disable TLS v1.1 on AppServ2 and AppServ3. Also upgrade AppServ2 Apache to version 2.4.48 from its current version of 2.3.48
CS0-002 dumps exhibit

Does this meet the goal?

Correct Answer: A

QUESTION 178

An organization needs to limit its exposure to accidental disclosure when employees send emails that contain personal information to recipients outside the company Which of the following technical controls would BEST accomplish this goal?

Correct Answer: A

QUESTION 179

An analyst is working with a network engineer to resolve a vulnerability that was found in a piece of legacy hardware, which is critical to the operation of the organization's production line. The legacy hardware does not have third-party support, and the OEM manufacturer of the controller is no longer in operation. The analyst documents the activities and verifies these actions prevent remote exploitation of the vulnerability.
Which of the following would be the MOST appropriate to remediate the controller?

Correct Answer: A

QUESTION 180

An analyst identifies multiple instances of node-to-node communication between several endpoints within the 10.200.2.0/24 network and a user machine at the IP address 10.200.2.5. This user machine at the IP address 10.200.2.5 is also identified as initiating outbound communication during atypical business hours with several IP addresses that have recently appeared on threat feeds.
Which of the following can be inferred from this activity?

Correct Answer: D