New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Download Full Version CS0-002 CompTIA Exam

Page: 9 / 27
Question 36

A security analyst is reviewing WAF logs and notes requests against the corporate website are increasing and starting to impact the performance of the web server. The security analyst queries the logs for requests that triggered an alert on the WAF but were not blocked. Which of the following possible TTP combinations might warrant further investigation? (Select TWO).

Options:

A.

Requests identified by a threat intelligence service with a bad reputation

B.

Requests sent from the same IP address using different user agents

C.

Requests blocked by the web server per the input sanitization

D.

Failed log-in attempts against the web application

E.

Requests sent by NICs with outdated firmware

F.

Existence of HTTP/501 status codes generated to the same IP address

Question 37

A security analyst is researching ways to improve the security of a company's email system to mitigate emails that are impersonating company executives. Which of the following would be BEST for the analyst to configure to achieve this objective?

Options:

A.

A TXT record on the name server for SPF

B.

DNSSEC keys to secure replication

C.

Domain Keys identified Man

D.

A sandbox to check incoming mad

Question 38

Which of the following is the most important reason to involve the human resources department in incident response?

Options:

A.

To better Inform recruiters during hiring so they can include incident response Interview questions

B.

To ensure the incident response process captures evidence needed in case of disciplinary actions

C.

To validate that the incident response process meets the organization's best practices

D.

To prevent Incident responders from Interacting directly with any users

Question 39

An organization is performing a risk assessment to prioritize resources for mitigation and remediation based on impact. Which of the following metrics, in addition to the CVSS for each CVE, would best enable the organization to prioritize its efforts?

Options:

A.

OS type

B.

OS or application versions

C.

Patch availability

D.

System architecture

E.

Mission criticality

Page: 9 / 27
Exam Code: CS0-002
Exam Name: CompTIA CySA+ Certification Exam (CS0-002)
Last Update: Dec 22, 2024
Questions: 372
CS0-002 pdf

CS0-002 PDF

$25.5  $84.99
CS0-002 Engine

CS0-002 Testing Engine

$28.5  $94.99
CS0-002 PDF + Engine

CS0-002 PDF + Testing Engine

$40.5  $134.99