Free Access CuramSoftware.CS0-002.v2022-08-26.q256 Practice Test (Page 28)

Question 131

An analyst needs to provide recommendations for the AUP Which of the following is the BEST recommendation to protect the company's intellectual property?

A.AII Internet access must be via a proxy server.

B.Company assets must be stored in a locked cabinet when not in use.

C.Company assets must not be utilized for personal use or gain.

D.Company assets should never leave the company's property.

Question 132

In system hardening, which of the following types of vulnerability scans would work BEST to verify the scanned device meets security policies?

A.Burp Suite

B.Unauthenticated

C.OWASP ZAP

D.SCAP

Question 133

The Cruel Executive Officer (CEO) of a large insurance company has reported phishing emails that contain malicious links are targeting the entire organza lion Which of the following actions would work BEST to prevent against this type of attack?

A.Turn on full behavioral analysis to avert an infection

B.Implement an EDR mail module that will rewrite and analyze email links.

C.Reconfigure the EDR solution to perform real-time scanning of all files

D.Ensure EDR signatures are updated every day to avert infection.

E.Modify the EDR solution to use heuristic analysis techniques for malware.

Question 134

An analyst is reviewing the following code output of a vulnerability scan:

Which of the following types of vulnerabilities does this MOST likely represent?

A.A insecure direct object reference vulnerability

B.A credential bypass vulnerability

C.A XSS vulnerability

D.An HTTP response split vulnerability

Question 135

A list of vulnerabilities has been reported in a company's most recent scan of a server. The security analyst must review the vulnerabilities and decide which ones should be remediated in the next change window and which ones can wait or may not need patching. Pending further investigation. Which of the following vulnerabilities should the analyst remediate FIRST?

A.The analyst should remediate ftp (21/tcp) first. An outdated version of FTP is running on this port.
If it is not in use, it should be disabled.

B.The analyst should remediate dns (53/tcp) first. The remote BIND 9 DNS server is susceptible to a buffer overflow, which may allow an attacker to gain a shell on this host or disable this server.

C.The analyst should remediate imaps (993/tcp) first. The SSLv2 suite offers five strong ciphers and two weak "export class" ciphers.

D.The analyst should remediate https (443/tcp) first. This web server is susceptible to banner grabbing and was fingerprinted as Apache/1.3.27-9 on Linux w/ mod_fastcgi.

Other Version: 1034CompTIA.CS0-002.v2025-03-13.q112; 2461CompTIA.CS0-002.v2024-10-25.q354; 623CompTIA.CS0-002.v2024-09-17.q264; 858CuramSoftware.CS0-002.v2024-02-05.q218; 2264CuramSoftware.CS0-002.v2023-02-13.q163; 120Curam-Software.Prepawaytest.CS0-002.v2022-02-03.by.kelly.205q.pdf; 14325CuramSoftware.CS0-002.v2022-01-17.q285

Latest Upload: 106OCEG.GRCP.v2025-09-11.q211; 106HP.HPE0-V27.v2025-09-11.q78; 122Oracle.1Z0-1057-23.v2025-09-10.q47; 157Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 136SAP.C-S4EWM-2023.v2025-09-08.q83; 172TheSecOpsGroup.CNSP.v2025-09-08.q20; 239CFAInstitute.ESG-Investing.v2025-09-08.q173; 225PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 156Salesforce.Data-Architect.v2025-09-05.q216; 152Adobe.AD0-E605.v2025-09-05.q50

Question 131

Question 132

Question 133

Question 134

Question 135

Download PDF File