Free Access CompTIA.CS0-002.v2025-03-13.q112 Practice Test (Page 3)

Question 6

A team of security analysts has been alerted to potential malware activity. The initial examination indicates one of the affected workstations is beaconing on TCP port 80 to five IP addresses and attempting to spread across the network over port 445. Which of the following should be the team's NEXT step during the detection phase of this response process?

A.Depending on system criticality, remove each affected device from the network by disabling wired and wireless connections.

B.Identify potentially affected systems by creating a correlation search in the SIEM based on the network traffic.

C.Engage the engineering team to block SMB traffic internally and outbound HTTP traffic to the five IP addresses.

D.Escalate the incident to management, who will then engage the network infrastructure team to keep them informed.

Question 7

A custom script currently monitors real-time logs of a SAMIL authentication server to mitigate brute-force attacks. Which of the following is a concern when moving authentication to a cloud service?

A.Access to logs may be delayed for some time.

B.Log data may be visible to other customers.

C.Logs may contain incorrect information.

D.SAML logging is not supported for cloud-based authentication.

Question 8

A finance department employee has received a message that appears to have been sent from the Chief Financial Officer (CFO), asking the employee to perform a wire transfer. Analysis of the email shows the message came from an external source and is fraudulent. Which of the following would work BEST to improve the likelihood of employees quickly recognizing fraudulent emails?

A.Limiting email from the finance department to recipients on a pre-approved whitelist

B.Configuring email client settings to display all messages in plaintext when read

C.Implementing a sandboxing solution for viewing emails and attachments

D.Adding a banner to incoming messages that identifies the messages as external

Question 9

A company's domain has been spooled in numerous phishing campaigns. An analyst needs to determine the company is a victim of domain spoofing, despite having a DMARC record that should tell mailbox providers to ignore any email that fails DMARC upon review of the record, the analyst finds the following:

Which of the following BEST explains the reason why the company's requirements are not being processed correctly by mailbox providers?

A.The DMARC record's policy tag is incorrectly configured.

B.The DMARC record does not have an SPF alignment tag.

C.The DMARC record's DKIM alignment tag Is incorrectly configured.

D.The DMARC record's version tag is set to DMARC1 instead of the current version, which is DMARC3.

Question 10

It is important to parameterize queries to prevent:

A.the execution of unauthorized actions against a database.

B.a memory overflow that executes code with elevated privileges.

C.the establishment of a web shell that would allow unauthorized access.

D.the queries from using an outdated library with security vulnerabilities.

Other Version: 2796CompTIA.CS0-002.v2024-10-25.q354; 644CompTIA.CS0-002.v2024-09-17.q264; 884CuramSoftware.CS0-002.v2024-02-05.q218; 2352CuramSoftware.CS0-002.v2023-02-13.q163; 4396CuramSoftware.CS0-002.v2022-08-26.q256; 120Curam-Software.Prepawaytest.CS0-002.v2022-02-03.by.kelly.205q.pdf; 14456CuramSoftware.CS0-002.v2022-01-17.q285

Latest Upload: 105Salesforce.B2C-Solution-Architect.v2025-10-23.q111; 104CIPS.L6M1.v2025-10-23.q13; 105Adobe.AD0-E727.v2025-10-23.q69; 157Fortinet.NSE8_812.v2025-10-22.q86; 140HP.HPE2-B04.v2025-10-21.q38; 118Oracle.1Z0-1160-1.v2025-10-21.q18; 136GitHub.GitHub-Advanced-Security.v2025-10-21.q27; 135Oracle.1Z0-084.v2025-10-21.q31; 343CuramSoftware.CS0-003.v2025-10-18.q211; 197GAQM.Databricks-Certified-Data-Engineer-Associate.v2025-10-18.q113

Question 6

Question 7

Question 8

Question 9

Question 10

Download PDF File