New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

CompTIA CS0-002 Actual Questions

Page: 26 / 27
Question 104

Which of the following is the BEST way to gather patch information on a specific server?

Options:

A.

Event Viewer

B.

Custom script

C.

SCAP software

D.

CI/CD

Question 105

A security analyst is reviewing the following Internet usage trend report:

Which of the following usernames should the security analyst investigate further?

Options:

A.

User1

B.

User 2

C.

User 3

D.

User 4

Question 106

During a review of SIEM alerts, a securrty analyst discovers the SIEM is receiving many alerts per day from the file-integrity monitoring toot about files from a newly deployed application that should not change. Which of the following steps should the analyst complete FIRST to respond to the issue7

Options:

A.

Warn the incident response team that the server can be compromised

B.

Open a ticket informing the development team about the alerts

C.

Check if temporary files are being monitored

D.

Dismiss the alert, as the new application is still being adapted to the environment

Question 107

A security engineer is reviewing security products that identify malicious actions by users as part of a company's insider threat program. Which of the following is the most appropriate product category for this purpose?

Options:

A.

SCAP

B.

SOAR

C.

UEBA

D.

WAF

Page: 26 / 27
Exam Code: CS0-002
Exam Name: CompTIA CySA+ Certification Exam (CS0-002)
Last Update: Dec 22, 2024
Questions: 372
CS0-002 pdf

CS0-002 PDF

$25.5  $84.99
CS0-002 Engine

CS0-002 Testing Engine

$28.5  $94.99
CS0-002 PDF + Engine

CS0-002 PDF + Testing Engine

$40.5  $134.99