[Free] 2018(June) Ensurepass CompTIA CS0-001 Dumps with VCE and PDF 11-20

Ensurepass.com : Ensure you pass the IT Exams
2018 May CompTIA Official New Released CS0-001
100% Free Download! 100% Pass Guaranteed!

CompTIA CSA Certification Exam

Question No: 11

A security analyst is performing a forensic analysis on a machine that was the subject of some historic SIEM alerts. The analyst noticed some network connections utilizing SSL on non-common ports, copies of svchost.exe and cmd.exe in %TEMP% folder, and RDP files that had connected to external IPs. Which of the following threats has the security analyst uncovered?

  1. DDoS

  2. APT

  3. Ransomware

  4. Software vulnerability

Answer: D

Question No: 12

A cybersecurity analyst is reviewing the current BYOD security posture. The users must be able to synchronize their calendars, email, and contacts to a smartphone or other personal device. The recommendation must provide the most flexibility to users. Which of the following recommendations would meet both the mobile data protection efforts and the business requirements described in this scenario?

  1. Develop a minimum security baseline while restricting the type of data that can be accessed.

  2. Implement a single computer configured with USB access and monitored by sensors.

  3. Deploy a kiosk for synchronizing while using an access list of approved users.

  4. Implement a wireless network configured for mobile device access and monitored by sensors.

Answer: D

Question No: 13

A security analyst has created an image of a drive from an incident. Which of the following describes what the analyst should do NEXT?

  1. The analyst should create a backup of the drive and then hash the drive.

  2. The analyst should begin analyzing the image and begin to report findings.

  3. The analyst should create a hash of the image and compare it to the original drive’s hash.

  4. The analyst should create a chain of custody document and notify stakeholders.

Answer: C

Question No: 14

An analyst was tasked with providing recommendations of technologies that are PKI X.509 compliant for a variety of secure functions. Which of the following technologies meet the compatibility requirement? (Select three.)

  1. 3DES

  2. AES

  3. IDEA

  4. PKCS

  5. PGP

  6. SSL/TLS


Answer: B,D,F

Question No: 15

Which of the following best practices is used to identify areas in the network that may be vulnerable to penetration testing from known external sources?

  1. Blue team training exercises

  2. Technical control reviews

  3. White team training exercises

  4. Operational control reviews

Answer: A

Question No: 16

An incident response report indicates a virus was introduced through a remote host that was connected to corporate resources. A cybersecurity analyst has been asked for a recommendation to solve this issue. Which of the following should be applied?

  1. MAC

  2. TAP

  3. NAC

  4. ACL

Answer: C

Question No: 17

A reverse engineer was analyzing malware found on a retailer’s network and found code extracting track data in memory. Which of the following threats did the engineer MOST likely uncover?

  1. POS malware

  2. Rootkit

  3. Key logger

  4. Ransomware

Answer: A

Question No: 18

A security analyst is adding input to the incident response communication plan. A company officer has suggested that if a data breach occurs, only affected parties should be notified to keep an incident from becoming a media headline. Which of the following should the analyst recommend to the company officer?

  1. The first responder should contact law enforcement upon confirmation of a security incident in order for a forensics team to preserve chain of custody.

  2. Guidance from laws and regulations should be considered when deciding who must be notified in order to avoid fines and judgements from non-compliance.

  3. An externally hosted website should be prepared in advance to ensure that when an incident occurs victims have timely access to notifications from a non-compromised recourse.

  4. The HR department should have information security personnel who are involved in the investigation of the incident sign non-disclosure agreements so the company cannot be held liable for customer data that might be viewed during an investigation.

Answer: A

Question No: 19

An analyst finds that unpatched servers have undetected vulnerabilities because the vulnerability scanner does not have the latest set of signatures. Management directed the security team to have personnel update the scanners with the latest signatures at least 24 hours before conducting any scans, but the outcome is unchanged. Which of the following is the BEST logical control to address the failure?

  1. Configure a script to automatically update the scanning tool.

  2. Manually validate that the existing update is being performed.

  3. Test vulnerability remediation in a sandbox before deploying.

  4. Configure vulnerability scans to run in credentialed mode.

Answer: A

Question No: 20

An alert has been distributed throughout the information security community regarding a critical Apache vulnerability. Which of the following courses of action would ONLY identify the known vulnerability?

  1. Perform an unauthenticated vulnerability scan on all servers in the environment.

  2. Perform a scan for the specific vulnerability on all web servers.

  3. Perform a web vulnerability scan on all servers in the environment.

  4. Perform an authenticated scan on all web servers in the environment.

Answer: B

100% Ensurepass Free Download!
Download Free Demo:CS0-001 Demo PDF
100% Ensurepass Free Guaranteed!
CS0-001 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No