Free Access CompTIA.CS0-002.v2024-09-17.q264 Practice Test (Page 33)

Question 156

A development team uses open-source software and follows an Agile methodology with two-week sprints. Last month, the security team filed a bug for an insecure version of a common library.
The DevOps team updated the library on the server, and then the security team rescanned the server to verify it was no longer vulnerable. This month, the security team found the same vulnerability on the server.
Which of the following should be done to correct the cause of the vulnerability?

A.Deploy a WAF in front of the application.

B.Implement a software repository management tool.

C.Install a HIPS on the server.

D.Instruct the developers to use input validation in the code.

Question 157

A company has alerted planning the implemented a vulnerability management procedure. However, to security maturity level is low, so there are some prerequisites to complete before risk calculation and prioritization. Which of the following should be completed FIRST?

A.A business Impact analysis

B.A system assessment

C.Communication of the risk factors

D.A risk identification process

Question 158

A risk assessment concludes that the perimeter network has the highest potential for compromise by an attacker, and it is labeled as a critical risk environment. Which of the following is a valid compensating control to reduce the volume of valuable information in the perimeter network that an attacker could gain using active reconnaissance techniques?

A.A control that demonstrates that all systems authenticate using the approved authentication method

B.A control that demonstrates that access to a system is only allowed by using SSH

C.A control that demonstrates that firewall rules are peer reviewed for accuracy and approved before deployment

D.A control that demonstrates that the network security policy is reviewed and updated yearly

Question 159

A remote code execution vulnerability was discovered in the RDP. An organization currently uses RDP for remote access to a portion of its VDI environment. The analyst verified network-level authentication is enabled Which of the following is the BEST remediation for this vulnerability?

A.Verify the latest endpoint-protection signature is in place.

B.Verify the system logs do not contain indicator of compromise.

C.Verify the corresponding patch for the vulnerability is installed^

D.Verify the threat intelligence feed is updated with the latest solutions

Question 160

A company's domain has been spooled in numerous phishing campaigns. An analyst needs to determine the company is a victim of domain spoofing, despite having a DMARC record that should tell mailbox providers to ignore any email that fails DMARC upon review of the record, the analyst finds the following:

Which of the following BEST explains the reason why the company's requirements are not being processed correctly by mailbox providers?

A.The DMARC record's DKIM alignment tag Is incorrectly configured.

B.The DMARC record does not have an SPF alignment tag.

C.The DMARC record's version tag is set to DMARC1 instead of the current version, which is DMARC3.

D.The DMARC record's policy tag is incorrectly configured.

Other Version: 2915CompTIA.CS0-002.v2025-03-13.q112; 3834CompTIA.CS0-002.v2024-10-25.q354; 1685CuramSoftware.CS0-002.v2024-02-05.q218; 2848CuramSoftware.CS0-002.v2023-02-13.q163; 5031CuramSoftware.CS0-002.v2022-08-26.q256; 120Curam-Software.Prepawaytest.CS0-002.v2022-02-03.by.kelly.205q.pdf; 15395CuramSoftware.CS0-002.v2022-01-17.q285

Latest Upload: 203PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 302Nokia.4A0-113.v2026-05-01.q69; 261EC-COUNCIL.312-49v11.v2026-04-30.q214; 230Microsoft.MB-820.v2026-04-30.q101; 212Salesforce.MC-202.v2026-04-30.q57; 207BICSI.INSTC_V8.v2026-04-29.q53; 336NMLS.MLO.v2026-04-28.q82; 244NCARB.Project-Management.v2026-04-28.q27; 466EMC.D-AV-DY-23.v2026-04-27.q184; 1124ServiceNow.CSA.v2026-04-27.q483

Question 156

Question 157

Question 158

Question 159

Question 160

Download PDF File