Free Access CompTIA.CS0-002.v2024-10-25.q354 Practice Test (Page 64)

Question 311

An HR employee began having issues with a device becoming unresponsive after attempting to open an email attachment. When informed, the security analyst became suspicious of the situation, even though there was not any unusual behavior on the IDS or any alerts from the antivirus software.
Which of the following BEST describes the type of threat in this situation?

A.Known virus

B.Packet of death

C.PII exfiltration

D.Zero-day malware

Question 312

A security analyst found an old version of OpenSSH running on a DMZ server and determined the following piece of code could have led to a command execution through an integer overflow;

Which of the following controls must be in place to prevent this vulnerability?

A.Use built-in functions from libraries to check and handle long numbers properly.

B.Sanitize user inputs, avoiding small numbers that cannot be handled in the memory.

C.Convert all integer numbers in strings to handle the memory buffer correctly.

D.Implement float numbers instead of integers to prevent integer overflows.

Question 313

In web application scanning, static analysis refers to scanning:

A.an application that is installed on a system that is assigned a static IP.

B.the compiled code of the application to detect possible issues.

C.an application that is installed and active on a system.

D.the system for vulnerabilities before installing the application.

Question 314

A cybersecurity analyst is retained by a firm for an open investigation.
Upon arrival, the cybersecurity analyst reviews several security logs.
Given the following snippet of code:

Which of the following combinations BEST describes the situation and recommendations to be made for this situation?

A.The cybersecurity analyst has discovered host 192.168.0.101 is beaconing every day at 13:30 using thenc.exe file; recommend proceeding with the next step of removing the host from the network.

B.The security analyst has discovered host 192.168.0.101 is a rogue device on the network, recommend proceeding with the next step of removing the host from the network.

C.The cybersecurity analyst has discovered host 192.168.0.101 to be running thenc.exe file at
13:30 using the auto cron job remotely, there are no recommendations since this is not a threat currently.

D.The cybersecurity analyst has discovered host 192.168.0.101 using Windows Task Scheduler at
13:30 to runnc.exe; recommend proceeding with the next step of removing the host from the network.

Question 315

A security learn implemented a SCM as part for its security-monitoring program there is a requirement to integrate a number of sources Into the SIEM to provide better context relative to the events being processed.
Which of the following BEST describes the result the security learn hopes to accomplish by adding these sources?

A.Continuous integration

B.Workflow orchestration

C.Data enrichment

D.Machine learning

Other Version: 2911CompTIA.CS0-002.v2025-03-13.q112; 1390CompTIA.CS0-002.v2024-09-17.q264; 1641CuramSoftware.CS0-002.v2024-02-05.q218; 2845CuramSoftware.CS0-002.v2023-02-13.q163; 5021CuramSoftware.CS0-002.v2022-08-26.q256; 120Curam-Software.Prepawaytest.CS0-002.v2022-02-03.by.kelly.205q.pdf; 15388CuramSoftware.CS0-002.v2022-01-17.q285

Latest Upload: 200PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 292Nokia.4A0-113.v2026-05-01.q69; 250EC-COUNCIL.312-49v11.v2026-04-30.q214; 227Microsoft.MB-820.v2026-04-30.q101; 207Salesforce.MC-202.v2026-04-30.q57; 204BICSI.INSTC_V8.v2026-04-29.q53; 332NMLS.MLO.v2026-04-28.q82; 241NCARB.Project-Management.v2026-04-28.q27; 457EMC.D-AV-DY-23.v2026-04-27.q184; 1107ServiceNow.CSA.v2026-04-27.q483

Question 311

Question 312

Question 313

Question 314

Question 315

Download PDF File