Free Access CuramSoftware.CS0-002.v2022-01-17.q285 Practice Test (Page 10)

Question 41

Creating a lessons learned report following an incident will help an analyst to communicate which of the following information? (Select TWO)

A.List of IP addresses, applications, and assets

B.Outline of the detailed reverse engineering steps for management to review

C.Performance data from the impacted servers and endpoints to report to management

D.Root cause analysis of the incident and the impact it had on the organization

E.Enhancements to the policies and practices that will improve business responses

Question 42

A compliance officer of a large organization has reviewed the firm's vendor management program but has discovered there are no controls defined to evaluate third-party risk or hardware source authenticity. The compliance officer wants to gain some level of assurance on a recurring basis regarding the implementation of controls by third parties.
Which of the following would BEST satisfy the objectives defined by the compliance officer?
(Choose two.)

A.Maintaining and reviewing the organizational risk assessment on a quarterly basis

B.Executing vendor compliance assessments against the organization's security controls

C.Executing NDAs prior to sharing critical data with third parties

D.Completing a business impact assessment for all critical service providers

E.Utilizing DLP capabilities at both the endpoint and perimeter levels

F.Soliciting third-party audit reports on an annual basis

Question 43

As a proactive threat-hunting technique, hunters must develop situational cases based on likely attack scenarios derived from the available threat intelligence information. After forming the basis of the scenario, which of the following may the threat hunter construct to establish a framework for threat assessment?

A.Critical asset list

B.Attack profile

C.Threat vector

D.Hypothesis

Question 44

A security analyst reviews the following aggregated output from an Nmap scan and the border firewall ACL:

Which of the following should the analyst reconfigure to BEST reduce organizational risk while maintaining current functionality?

A.Firewall

B.PC1

C.PC2

D.Server2

E.Server1

Question 45

During a routine log review, a security analyst has found the following commands that cannot be identified from the Bash history log on the root user.

Which of the following commands should the analyst investigate FIRST?

A.Line 5

B.Line 3

C.Line 1

D.Line 6

E.Line 4

F.Line 2

Other Version: 1018CompTIA.CS0-002.v2025-03-13.q112; 2450CompTIA.CS0-002.v2024-10-25.q354; 623CompTIA.CS0-002.v2024-09-17.q264; 858CuramSoftware.CS0-002.v2024-02-05.q218; 2234CuramSoftware.CS0-002.v2023-02-13.q163; 4198CuramSoftware.CS0-002.v2022-08-26.q256; 120Curam-Software.Prepawaytest.CS0-002.v2022-02-03.by.kelly.205q.pdf

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 223CFAInstitute.ESG-Investing.v2025-09-08.q173; 158PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 148Salesforce.Data-Architect.v2025-09-05.q216; 143Adobe.AD0-E605.v2025-09-05.q50

Question 41

Question 42

Question 43

Question 44

Question 45

Download PDF File