CS0-002 Free Practice Test

A Chief Information Security Officer (CISO) is concerned the development team, which consists of contractors, has too much access to customer data. Developers use personal workstations, giving the company little to no visibility into the development activities.
Which of the following would be BEST to implement to alleviate the CISO's concern?

1. A. DLP
2. B. Encryption
3. C. Test data
4. D. NDA

Correct Answer: D

Risk management wants IT to implement a solution that will permit an analyst to intercept, execute, and analyze potentially malicious files that are downloaded from the Internet.
Which of the following would BEST provide this solution?

1. A. File fingerprinting
2. B. Decomposition of malware
3. C. Risk evaluation
4. D. Sandboxing

Correct Answer: D

Which of the following should be found within an organization's acceptable use policy?

1. A. Passwords must be eight characters in length and contain at least one special character.
2. B. Customer data must be handled properly, stored on company servers, and encrypted when possible
3. C. Administrator accounts must be audited monthly, and inactive accounts should be removed.
4. D. Consequences of violating the policy could include discipline up to and including termination.

Correct Answer: D

A user receives a potentially malicious email that contains spelling errors and a PDF document. A security analyst reviews the email and decides to download the attachment to a Linux sandbox for review.
Which of the following commands would MOST likely indicate if the email is malicious?

1. A. sha256sum ~/Desktop/file.pdf
2. B. file ~/Desktop/file.pdf
3. C. strings ~/Desktop/file.pdf | grep "[removed]cat < ~/Desktop/file.pdf | grep -i .exe

Correct Answer: A

An analyst is participating in the solution analysis process for a cloud-hosted SIEM platform to centralize log monitoring and alerting capabilities in the SOC.
Which of the following is the BEST approach for supply chain assessment when selecting a vendor?

1. A. Gather information from providers, including datacenter specifications and copies of audit reports.
2. B. Identify SLA requirements for monitoring and logging.
3. C. Consult with senior management for recommendations.
4. D. Perform a proof of concept to identify possible solutions.

Correct Answer: B