Free Access CompTIA.CS0-002.v2024-10-25.q354 Practice Test (Page 67)

Question 326

A security analyst for a large financial institution is creating a threat model for a specific threat actor that is likely targeting an organization's financial assets.
Which of the following is the BEST example of the level of sophistication this threat actor is using?

A.Custom malware attributed to the threat actor from prior attacks

B.IP addresses used by the threat actor for command and control

C.Email addresses and phone numbers tied to the threat actor

D.Network assets used in previous attacks attributed to the threat actor

E.Social media accounts attributed to the threat actor

Question 327

A security analyst has noticed an alert from the SIEM. A workstation is repeatedly trying to connect to port 445 of a file server on the production network. All of the attempts are made with invalid credentials. Which of the following describes what is occurring?

A.Malware has infected the workstation and is beaconing out to the specific IP address of the file server.

B.An attacker has gained control of the workstation and is port scanning the network.

C.An attacker has gained control of the workstation and is attempting to pivot to the file server by creating an SMB session.

D.The file server is attempting to transfer malware to the workstation via SMB.

Question 328

An analyst is working with a network engineer to resolve a vulnerability that was found in a piece of legacy hardware, which is critical to the operation of the organization's production line. The legacy hardware does not have third-party support, and the OEM manufacturer of the controller is no longer in operation. The analyst documents the activities and verifies these actions prevent remote exploitation of the vulnerability.
Which of the following would be the MOST appropriate to remediate the controller?

A.Replace the equipment that has third-party support.

B.Remove the legacy hardware from the network.

C.Install an IDS on the network between the switch and the legacy equipment.

D.Segment the network to constrain access to administrative interfaces.

Question 329

The help desk provided a security analyst with a screenshot of a user's desktop:

For which of the following is aircrack-ng being used?

A.Wireless access point discovery

B.PCAP data collection

C.Brute-force attack

D.Rainbow attack

Question 330

A security analyst is reviewing the following web server log:

Which of the following BEST describes the issue?

A.SQL injection

B.Cross-site scripting

C.Cross-site request forgery

D.Directory traversal exploit

Other Version: 2911CompTIA.CS0-002.v2025-03-13.q112; 1390CompTIA.CS0-002.v2024-09-17.q264; 1641CuramSoftware.CS0-002.v2024-02-05.q218; 2845CuramSoftware.CS0-002.v2023-02-13.q163; 5021CuramSoftware.CS0-002.v2022-08-26.q256; 120Curam-Software.Prepawaytest.CS0-002.v2022-02-03.by.kelly.205q.pdf; 15388CuramSoftware.CS0-002.v2022-01-17.q285

Latest Upload: 200PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 292Nokia.4A0-113.v2026-05-01.q69; 250EC-COUNCIL.312-49v11.v2026-04-30.q214; 227Microsoft.MB-820.v2026-04-30.q101; 207Salesforce.MC-202.v2026-04-30.q57; 204BICSI.INSTC_V8.v2026-04-29.q53; 332NMLS.MLO.v2026-04-28.q82; 241NCARB.Project-Management.v2026-04-28.q27; 457EMC.D-AV-DY-23.v2026-04-27.q184; 1107ServiceNow.CSA.v2026-04-27.q483

Question 326

Question 327

Question 328

Question 329

Question 330

Download PDF File