Free Access CompTIA.CS0-002.v2024-10-25.q354 Practice Test (Page 35)

Question 166

A company is experiencing a malware attack within its network. A security engineer notices many of the impacted assets are connecting outbound to a number of remote destinations and exfiltrating dat a. The security engineer also see that deployed, up-to-date antivirus signatures are ineffective. Which of the following is the BEST approach to prevent any impact to the company from similar attacks in the future?

A.Port security

B.Data loss prevention

C.IDS signatures

D.Sinkholing

Question 167

A team of security analysts has been alerted to potential malware activity. The initial examination indicates one of the affected workstations is beaconing on TCP port 80 to five IP addresses and attempting to spread across the network over port 445. Which of the following should be the team's NEXT step during the detection phase of this response process?

A.Identify potentially affected systems by creating a correlation search in the SIEM based on the network traffic.

B.Depending on system criticality, remove each affected device from the network by disabling wired and wireless connections.

C.Engage the engineering team to block SMB traffic internally and outbound HTTP traffic to the five IP addresses.

D.Escalate the incident to management, who will then engage the network infrastructure team to keep them informed.

Question 168

For machine learning to be applied effectively toward security analysis automation, it requires.

A.a threat feed API.

B.a multicore, multiprocessor system.

C.anomalous traffic signatures.

D.relevant training data.

Question 169

At which of the following phases of the SDLC shoukJ security FIRST be involved?

A.Design

B.Maintenance

C.Implementation

D.Analysis

E.Planning

F.Testing

Question 170

Joe, a penetration tester, used a professional directory to identify a network administrator and ID administrator for a client's company. Joe then emailed the network administrator, identifying himself as the ID administrator, and asked for a current password as part of a security exercise. Which of the following techniques were used in this scenario?

A.Enumeration and OS fingerprinting

B.Social media profiling and phishing

C.Network and host scanning

D.Email harvesting and host scanning

Other Version: 2915CompTIA.CS0-002.v2025-03-13.q112; 1419CompTIA.CS0-002.v2024-09-17.q264; 1685CuramSoftware.CS0-002.v2024-02-05.q218; 2848CuramSoftware.CS0-002.v2023-02-13.q163; 5031CuramSoftware.CS0-002.v2022-08-26.q256; 120Curam-Software.Prepawaytest.CS0-002.v2022-02-03.by.kelly.205q.pdf; 15395CuramSoftware.CS0-002.v2022-01-17.q285

Latest Upload: 203PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 302Nokia.4A0-113.v2026-05-01.q69; 263EC-COUNCIL.312-49v11.v2026-04-30.q214; 230Microsoft.MB-820.v2026-04-30.q101; 212Salesforce.MC-202.v2026-04-30.q57; 207BICSI.INSTC_V8.v2026-04-29.q53; 336NMLS.MLO.v2026-04-28.q82; 245NCARB.Project-Management.v2026-04-28.q27; 466EMC.D-AV-DY-23.v2026-04-27.q184; 1125ServiceNow.CSA.v2026-04-27.q483

Question 166

Question 167

Question 168

Question 169

Question 170

Download PDF File