New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

CS0-002 Questions Bank

Page: 17 / 27
Question 68

A company uses an FTP server to support its critical business functions The FTP server is configured as follows:

• The FTP service is running with (he data duectory configured in /opt/ftp/data.

• The FTP server hosts employees' home aVectories in /home

• Employees may store sensitive information in their home directories

An loC revealed that an FTP director/ traversal attack resulted in sensitive data loss Which of the following should a server administrator implement to reduce the risk of current and future directory traversal attacks targeted at the FTP server?

Options:

A.

Implement file-level encryption of sensitive files

B.

Reconfigure the FTP server to support FTPS

C.

Run the FTP server n a chroot environment

D.

Upgrade the FTP server to the latest version

Question 69

While reviewing a vulnerability assessment, an analyst notices the following issue is identified in the report:

this finding, which of the following would be most appropriate for the analyst to recommend to the network engineer?

Options:

A.

Reconfigure the device to support only connections leveraging TLSv1.2.

B.

Obtain a new self-signed certificate and select AES as the hashing algorithm.

C.

Replace the existing certificate with a certificate that uses only MD5 for signing.

D.

Use only signed certificates with cryptographically secure certificate sources.

Question 70

Which of the following can detect vulnerable third-parly libraries before code deployment?

Options:

A.

Impact analysis

B.

Dynamic analysis

C.

Static analysis

D.

Protocol analysis

Question 71

A security analyst who works in the SOC receives a new requirement to monitor for indicators of compromise. Which of the following is the first action the analyst should take in this situation?

Options:

A.

Develop a dashboard to track the indicators of compromise.

B.

Develop a query to search for the indicators of compromise.

C.

Develop a new signature to alert on the indicators of compromise.

D.

Develop a new signature to block the indicators of compromise.

Page: 17 / 27
Exam Code: CS0-002
Exam Name: CompTIA CySA+ Certification Exam (CS0-002)
Last Update: Dec 22, 2024
Questions: 372
CS0-002 pdf

CS0-002 PDF

$25.5  $84.99
CS0-002 Engine

CS0-002 Testing Engine

$28.5  $94.99
CS0-002 PDF + Engine

CS0-002 PDF + Testing Engine

$40.5  $134.99