Free Access CompTIA.CS0-002.v2024-09-17.q264 Practice Test (Page 6)

Question 21

An employee observes degraded system performance on a Windows workstation. While attempting to access documents, the employee notices the file icons appear abnormal and the file extensions have been changed. The employee instantly shuts down the machine and alerts a supervisor.
Which of the following forensic evidence will be lost as a result of these actions?

A.All user actions prior to shutting down the machine

B.All information stored in the machine's local database

C.All cached items that are queued to be written to the registry

D.Volatile artifacts in the system's memory

Question 22

A security analyst has received reports of very slow, intermittent access to a public-facing corporate server. Suspecting the system may be compromised, the analyst runs the following commands:

Based on the output from the above commands, which of the following should the analyst do NEXT to further the investigation?

A.Examine the server logs for further indicators of compromise of a web application.

B.Run kill -9 1325 to bring the load average down so the server is usable again.

C.Run crontab -r; rm -rf /tmp/.t to remove and disable the malware on the system.

D.Perform a binary analysis on the /tmp/.t/t file, as it is likely to be a rogue SSHD server.

Question 23

The IT department at a growing law firm wants to begin using a third-party vendor for vulnerability monitoring and mitigation. The executive director of the law firm wishes to outline the assumptions and expectations between the two companies. Which of the following documents might be referenced in the event of a security breach at the law firm?

A.SLA

B.MOU

C.NDA

D.SOW

Question 24

A security analyst is conducting a post-incident log analysis to determine which indicators can be used to detect further occurrences of a data exfiltration incident. The analyst determines backups were not performed during this time and reviews the following:

Which of the following should the analyst review to find out how the data was exfilltrated?

A.Tuesday's logs

B.Wednesday's logs

C.Thursday's logs

D.Monday's logs

Question 25

It is important to parameterize queries to prevent __________.

A.the execution of unauthorized actions against a database.

B.a memory overflow that executes code with elevated privileges.

C.the establishment of a web shell that would allow unauthorized access.

D.the queries from using an outdated library with security vulnerabilities.

Other Version: 2910CompTIA.CS0-002.v2025-03-13.q112; 3799CompTIA.CS0-002.v2024-10-25.q354; 1638CuramSoftware.CS0-002.v2024-02-05.q218; 2845CuramSoftware.CS0-002.v2023-02-13.q163; 5021CuramSoftware.CS0-002.v2022-08-26.q256; 120Curam-Software.Prepawaytest.CS0-002.v2022-02-03.by.kelly.205q.pdf; 15388CuramSoftware.CS0-002.v2022-01-17.q285

Latest Upload: 200PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 290Nokia.4A0-113.v2026-05-01.q69; 244EC-COUNCIL.312-49v11.v2026-04-30.q214; 226Microsoft.MB-820.v2026-04-30.q101; 204Salesforce.MC-202.v2026-04-30.q57; 203BICSI.INSTC_V8.v2026-04-29.q53; 332NMLS.MLO.v2026-04-28.q82; 241NCARB.Project-Management.v2026-04-28.q27; 453EMC.D-AV-DY-23.v2026-04-27.q184; 1107ServiceNow.CSA.v2026-04-27.q483

Question 21

Question 22

Question 23

Question 24

Question 25

Download PDF File