Free Access CompTIA.CS0-001.v2022-04-30.q237 Practice Test (Page 8)

Question 31

A cybersecurity analyst is retained by a firm for an open investigation. Upon arrival, the cybersecurity analyst reviews several security logs.
Given the following snippet of code:

Which of the following combinations BEST describes the situation and recommendations to be made for this situation?

A.The cybersecurity analyst has discovered host 192.168.0.101 is beaconing every day at 13:30 using thenc.exe file; recommend proceeding with the next step of removing the host from the network.

B.The cybersecurity analyst has discovered host 192.168.0.101 to be running thenc.exe file at 13:30 using the auto cron job remotely, there are no recommendations since this is not a threat currently.

C.The security analyst has discovered host 192.168.0.101 is a rogue device on the network, recommend proceeding with the next step of removing the host from the network.

D.The cybersecurity analyst has discovered host 192.168.0.101 using Windows Task Scheduler at 13:30 to runnc.exe; recommend proceeding with the next step of removing the host from the network.

Question 32

A company's asset management software has been discovering a weekly increase in non-standard software installed on end users' machines with duplicate license keys. The security analyst wants to know if any of this software is listening on any non-standard ports, such as 6667. Which of the following tools should the analyst recommend to block any command and control traffic?

A.IPS

B.Netstat

C.HIDS

D.NIDS

Question 33

In order to meet regulatory compliance objectives for the storage of PHI, vulnerability scans must be conducted on a continuous basis. The last completed scan of the network returned 5,682 possible vulnerabilities. The Chief Information Officer (CIO) would like to establish a remediation plan to resolve all known issues. Which of the following is the BEST way to proceed?

A.Attempt to identify all false positives and exceptions, and then resolve all remaining items.

B.Hold off on additional scanning until the current list of vulnerabilities have been resolved.

C.Place assets that handle PHI in a sandbox environment, and then resolve all vulnerabilities.

D.Reduce the scan to items identified as critical in the asset inventory, and resolve these issues first.

Question 34

After running a packet analyzer on the network, a security analyst has noticed the following output:

Which of the following is occurring?

A.A port scan

B.A ping sweep

C.A network map

D.A service discovery

Question 35

A cybersecurity analyst is conducting a security test to ensure that information regarding the web server is protected from disclosure. The cybersecurity analyst requested an HTML file from the web server, and the response came back as follows:

Which of the following actions should be taken to remediate this security issue?

A.Set "Enablelogging" to 0 in the URLScan.ini configuration file.

B.Set "Perprocesslogging" to 1 in the URLScan.ini configuration file.

C.Set "Removeserverheader" to 1 in the URLScan.ini configuration file.

D.Set "Allowlatescanning" to 1 in the URLScan.ini configuration file.

Latest Upload: 102OCEG.GRCP.v2025-09-11.q211; 102HP.HPE0-V27.v2025-09-11.q78; 117Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 222CFAInstitute.ESG-Investing.v2025-09-08.q173; 157PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 147Salesforce.Data-Architect.v2025-09-05.q216; 141Adobe.AD0-E605.v2025-09-05.q50

Question 31

Question 32

Question 33

Question 34

Question 35

Download PDF File