Free Access CompTIA.CS0-002.v2024-10-25.q354 Practice Test (Page 68)

Question 331

A help desk technician inadvertently sent the credentials of the company's CRM n clear text to an employee's personal email account. The technician then reset the employee's account using the appropriate process and the employee's corporate email, and notified the security team of the incident According to the incident response procedure, which of the following should the security team do NEXT?

A.Contact the CRM vendor.

B.Prepare an incident summary report.

C.Update the incident response plan.

D.Perform postmortem data correlation.

Question 332

An application server runs slowly and then triggers a high CPU alert. After investigating, a security analyst finds an unauthorized program is running on the server. The analyst reviews the application log below.

Which of the following conclusions is supported by the application log?

A.An attacker was attempting to perform a buffer overflow attack to execute a payload in memory.

B.An attacker was attempting to perform a DoS attack against the server.

C.An attacker was attempting to perform an XSS attack via a vulnerable third-party library.

D.An attacker was attempting to download files via a remote command execution vulnerability

Question 333

An analyst is reviewing the following output as part of an incident:

Which of the Wowing is MOST likely happening?

A.Sensitive data is being exfilltrated by host 192.168.1.10.

B.The hosts are part of a reflective denial -of -service attack.

C.Information is leaking from the memory of host 10.20 30.40

D.Host 291.168.1.10 is performing firewall port knocking.

Question 334

A company was recently awarded several large government contracts and wants to determine its current risk from one specific APT.
Which of the following threat modeling methodologies would be the MOST appropriate to use during this analysis?

A.Attack vectors

B.Adversary capability

C.Diamond Model of Intrusion Analysis

D.Kill chain

E.Total attack surface

Question 335

After receiving reports latency, a security analyst performs an Nmap scan and observes the following output:

Which of the following suggests the system that produced output was compromised?

A.MySQL services is identified on a standard PostgreSQL port.

B.There are no indicators of compromise on this system.

C.Secure shell is operating of compromise on this system.

D.Standard HTP is open on the system and should be closed.

Other Version: 2914CompTIA.CS0-002.v2025-03-13.q112; 1412CompTIA.CS0-002.v2024-09-17.q264; 1652CuramSoftware.CS0-002.v2024-02-05.q218; 2845CuramSoftware.CS0-002.v2023-02-13.q163; 5025CuramSoftware.CS0-002.v2022-08-26.q256; 120Curam-Software.Prepawaytest.CS0-002.v2022-02-03.by.kelly.205q.pdf; 15388CuramSoftware.CS0-002.v2022-01-17.q285

Latest Upload: 201PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 296Nokia.4A0-113.v2026-05-01.q69; 253EC-COUNCIL.312-49v11.v2026-04-30.q214; 228Microsoft.MB-820.v2026-04-30.q101; 209Salesforce.MC-202.v2026-04-30.q57; 205BICSI.INSTC_V8.v2026-04-29.q53; 333NMLS.MLO.v2026-04-28.q82; 242NCARB.Project-Management.v2026-04-28.q27; 459EMC.D-AV-DY-23.v2026-04-27.q184; 1113ServiceNow.CSA.v2026-04-27.q483

Question 331

Question 332

Question 333

Question 334

Question 335

Download PDF File