Free CS0-002 Questions Attempt

The tcpdump command is a network packet analyzer tool that can capture and display network traffic. The -w option specifies a file name to write the captured packets to, in a binary format that can be read by tcpdump or other tools later. This option is useful for capturing large amounts of network data that will be analyzed at a later time, as the question requires. The packet capture does not need to be in a format that is readable by humans, since it will be put into a binary file called “packetCapture”. The capture must be as efficient as possible, and the -w option minimizes the processing and output overhead of tcpdump, reducing the likelihood that packets will be missed.

PII (Personally Identifiable Information) is any information that can be used to identify, contact, or locate a specific individual, either by itself or when combined with other information1. PII by itself is information that can uniquely identify an individual without any additional information. Examples of PII by itself are:

• Government ID. A government ID is a number or code that is issued by a government authority to an individual for identification purposes. Examples of government IDs are social security numbers, passport numbers, driver’s license numbers, etc. A government ID can uniquely identify an individual without any additional information.
• Birth certificate. A birth certificate is a document that records the birth of an individual and contains information such as name, date of birth, place of birth, parents’ names, etc. A birth certificate can uniquely identify an individual without any additional information.

Other examples of PII by itself are biometric data, DNA profile, fingerprints, etc. Examples of information that are not PII by themselves are:

• Job title. A job title is a name or description of a position or role in an organization. A job title does not uniquely identify an individual without any additional information, as many individuals can have the same job title.
• Employment start date. An employment start date is the date when an individual began working for an organization. An employment start date does not uniquely identify an individual without any additional information, as many individuals can have the same employment start date.
• Employer address. An employer address is the location of an organization where an individual works. An employer address does not uniquely identify an individual without any additional information, as many individuals can work at the same employer address.
• Mother’s maiden name. A mother’s maiden name is the surname that a woman had before she married. A mother’s maiden name does not uniquely identify an individual without any additional information, as many individuals can have the same mother’s maiden name.

Other examples of information that are not PII by themselves are gender, race, ethnicity, age, etc.

SCAP is a protocol designed to assess the security compliance of computers and other devices. It works by scanning systems against security policies, and can help verify that the scanned device meets security requirements. Here is a link to the CompTIA CySA+ Guide's Chapter 5 - Access Controls for more information: https://certification.comptia.org/docs/default-source/exam-objectives/cs0-002.pdf

A supply chain assessment is a process that evaluates the security and integrity of the suppliers and vendors that provide hardware or software to an organization. It can help identify and mitigate the risk of tampered or counterfeit products that could compromise the organization’s security or performance. Coordinating a supply chain assessment to ensure hardware authenticity is the best course of action to mitigate the risk of motherboards that have been physically altered during the manufacturing process. Performing an assessment of the firmware, conducting a trade study, or working with IT to replace the devices are other possible actions, but they are not as effective or proactive as coordinating a supply chain assessment. Reference: https://www.nist.gov/system/files/documents/2017/04/28/sp800-161.pdf