CS0-002 Free Practice Test

A security analyst is investigating a system compromise. The analyst verities the system was up to date on OS patches at the time of the compromise. Which of the following describes the type of vulnerability that was MOST likely expiated?

1. A. Insider threat
2. B. Buffer overflow
3. C. Advanced persistent threat
4. D. Zero day

Correct Answer: D

A security team is implementing a new vulnerability management program in an environment that has a historically poor security posture. The team is aware of issues patch management in the environment and expects a large number of findings. Which of the following would be the MOST efficient way to increase the security posture of the organization in the shortest amount of time?

1. A. Create an SLA stating that remediation actions must occur within 30 days of discovery for all levels of vulnerabilities.
2. B. Incorporate prioritization levels into the remediation process and address critical findings first.
3. C. Create classification criteria for data residing on different servers and provide remediation only for servers housing sensitive data.
4. D. Implement a change control policy that allows the security team to quickly deploy patches in the production environment to reduce the risk of any vulnerabilities found.

Correct Answer: B

An information security analyst is reviewing backup data sets as part of a project focused on eliminating archival data sets.
Which of the following should be considered FIRST prior to disposing of the electronic data?

1. A. Sanitization policy
2. B. Data sovereignty
3. C. Encryption policy
4. D. Retention standards

Correct Answer: D

During an incident, a cybersecurity analyst found several entries in the web server logs that are related to an IP with a bad reputation . Which of the following would cause the analyst to further review the incident?
A)

B)

C)

D)

E)

1. A. Option A
2. B. Option B
3. C. Option C
4. D. Option D
5. E. Option E

Correct Answer: D

A security analyst has observed several incidents within an organization that are affecting one specific piece of hardware on the network. Further investigation reveals the equipment vendor previously released a patch.
Which of the following is the MOST appropriate threat classification for these incidents?

1. A. Known threat
2. B. Zero day
3. C. Unknown threat
4. D. Advanced persistent threat

Correct Answer: B