New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

CS0-002 VCE Exam Download

Page: 25 / 27
Question 100

A security analyst discovers suspicious host activity while performing monitoring activities. The analyst pulls a packet capture for the activity and sees the following:

Which of the following describes what has occurred?

Options:

A.

The host attempted to download an application from utoftor.com.

B.

The host downloaded an application from utoftor.com.

C.

The host attempted to make a secure connection to utoftor.com.

D.

The host rejected the connection from utoftor.com.

Question 101

Which of the following, BEST explains the function of TPM?

Options:

A.

To provide hardware-based security features using unique keys

B.

To ensure platform confidentiality by storing security measurements

C.

To improve management of the OS installation.

D.

To implement encryption algorithms for hard drives

Question 102

During an incident investigation, a security analyst discovers the web server is generating an unusually high volume of logs The analyst observes the following response codes:

• 20% of the logs are 403

• 20% of the logs are 404

• 50% of the logs are 200

• 10% of the logs are other codes

The server generates 2MB of logs on a daily basis, and the current day log is over 200MB. Which of the following commands should the analyst use to identify the source of the activity?

Options:

A.

cat access_log Igrep " 403 "

B.

cat access_log Igrep " 200 "

C.

cat access_log Igrep " 100 "

D.

cat access_log Igrep " 4 04 "

E.

cat access_log Igrep " 204 "

Question 103

A Chief Information Officer wants to implement a BYOD strategy for all company laptops and mobile phones. The Chief Information Security Officer is concerned with ensuring all devices are patched and running some sort of protection against malicious software. Which of the following existing technical controls should a security analyst recommend to best meet all the requirements?

Options:

A.

EDR

B.

Port security

C.

NAC

D.

Segmentation

Page: 25 / 27
Exam Code: CS0-002
Exam Name: CompTIA CySA+ Certification Exam (CS0-002)
Last Update: Dec 22, 2024
Questions: 372
CS0-002 pdf

CS0-002 PDF

$25.5  $84.99
CS0-002 Engine

CS0-002 Testing Engine

$28.5  $94.99
CS0-002 PDF + Engine

CS0-002 PDF + Testing Engine

$40.5  $134.99