Free Access CompTIA.CS0-002.v2024-10-25.q354 Practice Test (Page 59)

Question 286

Which of the following describes why it is important to include scope within the rules of engagement of a penetration test?

A.To ensure the network segment being tested has been properly secured

B.To ensure servers are not impacted and service is not degraded

C.To ensure sensitive hosts are not scanned

D.To ensure all systems being scanned are owned by the company

Question 287

An organization has a policy that requires servers to be dedicated to one function and unneeded services to be disabled. Given the following output from an Nmap scan of a web server:

Which of the following ports should be closed?

A.22

B.80

C.443

D.1433

Question 288

A development team uses open-source software and follows an Agile methodology with two-week sprints. Last month, the security team filed a bug for an insecure version of a common library. The DevOps team updated the library on the server, and then the security team rescanned the server to verify it was no longer vulnerable. This month, the security team found the same vulnerability on the server.
Which of the following should be done to correct the cause of the vulnerability?

A.Implement a software repository management tool.

B.Deploy a WAF in front of the application.

C.Instruct the developers to use input validation in the code.

D.Install a HIPS on the server.

Question 289

A manufacturing company uses a third-party service provider for Tier 1 security support. One of the requirements is that the provider must only source talent from its own country due to geopolitical and national security interests. Which of the following can the manufacturing company implement to ensure the third-party service provider meets this requirement?

A.Implement blacklisting lor IP addresses from outside the county.

B.Implement strong authentication controls for at contractors.

C.Implement a secure supply chain program with governance.

D.Implement user behavior analytics tor key staff members.

Question 290

A security analyst is reviewing the following DNS logs as part of security-monitoring activities:

Which of the following MOST likely occurred?

A.The attack attempted to contact www.gooqle com to verify Internet connectivity.

B.The attack used encryption to obfuscate the payload and bypass detection by an IDS.

C.The attack caused an internal host to connect to a command and control server.

D.The attack used an algorithm to generate command and control information dynamically.

Other Version: 2912CompTIA.CS0-002.v2025-03-13.q112; 1407CompTIA.CS0-002.v2024-09-17.q264; 1642CuramSoftware.CS0-002.v2024-02-05.q218; 2845CuramSoftware.CS0-002.v2023-02-13.q163; 5024CuramSoftware.CS0-002.v2022-08-26.q256; 120Curam-Software.Prepawaytest.CS0-002.v2022-02-03.by.kelly.205q.pdf; 15388CuramSoftware.CS0-002.v2022-01-17.q285

Latest Upload: 200PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 293Nokia.4A0-113.v2026-05-01.q69; 252EC-COUNCIL.312-49v11.v2026-04-30.q214; 227Microsoft.MB-820.v2026-04-30.q101; 207Salesforce.MC-202.v2026-04-30.q57; 204BICSI.INSTC_V8.v2026-04-29.q53; 333NMLS.MLO.v2026-04-28.q82; 241NCARB.Project-Management.v2026-04-28.q27; 457EMC.D-AV-DY-23.v2026-04-27.q184; 1110ServiceNow.CSA.v2026-04-27.q483

Question 286

Question 287

Question 288

Question 289

Question 290

Download PDF File