Free Access CompTIA.CS0-001.v2022-04-30.q237 Practice Test (Page 45)

Question 216

Which of the following policies BEST explains the purpose of a data ownership policy?

A.The policy should document practices that users must adhere to in order to access data on the corporate network or Internet.

B.The policy should describe the roles and responsibilities between users and managers, and the management of specific data types.

C.The policy should outline the organization's administration of accounts for authorized users to access the appropriate data.

D.The policy should establish the protocol for retaining information types based on regulatory or business needs.

Question 217

A recent audit has uncovered several coding errors and a lack of input validation being used on a public
portal. Due to the nature of the portal and the severity of the errors, the portal is unable to be patched.
Which of the following tools could be used to reduce the risk of being compromised?

A.Web application firewall

B.Intrusion prevention system

C.Network firewall

D.Web proxy

Question 218

A new zero day vulnerability was discovered within a basic screen capture app, which is used throughout the environment Two days after discovering the vulnerability, the manufacturer of the software has not announced a remediation or it there will be a fix for this newly discovered vulnerability. The vulnerable application is not uniquely critical, but it is used occasionally by the management and executive management teams The vulnerability allows remote code execution to gam privileged access to the system Which of the following is the BEST course of action to mitigate this threat'

A.Work with the manufacturer to determine the tone frame for the fix.

B.Remove the application and replace it with a similar non-vulnerable application.

C.Communicate with the end users that the application should not be used until the manufacturer has reserved the vulnerability.

D.Block the vulnerable application traffic at the firewall and disable the application services on each computer.

Question 219

A retail corporation with widely distributed store locations and IP space must meet PCI requirements
relating to vulnerability scanning. The organization plans to outsource this function to a third party to
reduce costs.
Which of the following should be used to communicate expectations related to the execution of scans?

A.SLA

B.Vulnerability assessment report

C.Lessons learned documentation

D.MOU

Question 220

A cybersecurity professional wants to determine if a web server is running on a remote host with the IP address 192.168.1.100. Which of the following can be used to perform this task?

A.ping -p 80 192.168.1.100

B.ps aux 192.168.1.100

C.dig www 192.168.1.100

D.nmap 192.168.1.100 -p 80 -A

E.nc 192.168.1.100 -1 80

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 223CFAInstitute.ESG-Investing.v2025-09-08.q173; 158PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 148Salesforce.Data-Architect.v2025-09-05.q216; 144Adobe.AD0-E605.v2025-09-05.q50

Question 216

Question 217

Question 218

Question 219

Question 220

Download PDF File