Online Access Free CS0-001 Practice Test

During a quarterly review of user accounts and activity, a security analyst noticed that after a password reset the head of human resources has been logging in from multiple locations, including several overseas. Further review of the account showed access rights to a number of corporate applications, including a sensitive accounting application used for employee bonuses. Which of the following security methods could be used to mitigate this risk?

• A.Privilege escalation restrictions
• B.Context-based authentication
• C.RADIUS identity management
• D.Elimination of self-service password resets

Given the following code:

Which of the following types of attacks is occurring in the example above?

• A.MITM
• B.SQL injection
• C.Session hijacking
• D.Privilege escalation
• E.XSS

A suite of three production servers that were originally configured identically underwent the same vulnerability scans. However, recent results revealed the three servers has different critical vulnerabilities. The servers are not accessible by the Internet, and AV programs have not detected any malware. The servers' syslog files do not show any unusual traffic since they were installed and are physically isolated in an off-site datacenter. Checksum testing of random executables does not reveal tampering. Which of the following scenarios is MOST likely?

• A.Servers were made by different manufacturers
• B.Servers have received different levels of attention during previous patch management events
• C.Servers have not been scanned with the latest vulnerability signature
• D.Servers have been attacked by outsiders using zero-day vulnerabilities

A security analyst Is trying to capture network traffic In a web server that is suspected of using the DNS service for exfiltrating Information out of the network. The server usually transfers several gigabytes of data per day. and the analyst wants the size of the capture to be as reduced as possible. Which of the following commands should the analyst use to achieve such goals?

• A.tcpdump -i echo -w evidencel.pcap
• B.tcpdump udp port 53 -i eth0 -w evidencel.pcap
• C.tcpdump port 53 -i eth0 -w evidencel.pcap
• D.tcpdump tcp port 53 -i eth0 -w evidencel.pcap

Which of the following best practices is used to identify areas in the network that may be vulnerable to penetration testing from known external sources?

• A.Technical control reviews
• B.Blue team training exercises
• C.White team training exercises
• D.Operational control reviews