Free Access CuramSoftware.CS0-002.v2023-02-13.q163 Practice Test (Page 16)

Question 71

A security analyst is reviewing the logs from an internal chat server. The chat.log file is too large to review manually, so the analyst wants to create a shorter log file that only includes lines associated with a user demonstrating anomalous activity. Below is a snippet of the log:

Which of the following commands would work BEST to achieve the desired result?

A.grep -i chatter14 chat.log

B.grep -v chatter14 chat.log

C.grep -v javashark chat.log

D.grep -i pythonfun chat.log

E.grep -i javashark chat.log

F.grep -v pythonfun chat.log

Question 72

To prioritize the morning's work, an analyst is reviewing security alerts that have not yet been investigated. Which of the following assets should be investigated FIRST?

A.The laptop of the vice president that is on the corporate LAN

B.The workstation of a developer who is installing software on a web server

C.An accounting supervisor's laptop that is connected to the VPN

D.A new test web server that is in the process of initial installation

Question 73

A security analyst discovers suspicious host activity while performing monitoring activities. The analyst pulls a packet capture for the activity and sees the following:

Which of the following describes what has occurred?

A.The host rejected the connection from utoftor.com.

B.The host attempted to download an application from utoftor.com.

C.The host downloaded an application from utoftor.com.

D.The host attempted to make a secure connection to utoftor.com.

Question 74

An organization's network administrator uncovered a rogue device on the network that is emulating the charactenstics of a switch. The device is trunking protocols and inserting tagging va
the flow of traffic at the data link layer
Which of the following BEST describes this attack?

A.VLAN hopping

B.DNS pharming

C.Spoofing

D.Injection attack

Question 75

A security analyst working in the SOC recently discovered Balances m which hosts visited a specific set of domains and IPs and became infected with malware. Which of the following is the MOST appropriate action to take in the situation?

A.Implement a change request to the firewall setting to not allow traffic to and from the IPs and domains

B.Implement an IPS signature for the malware and a change request to the firewall setting to not allow traffic to and from the IPs and domains

C.Implement an IPS signature for the malware and another signature request to Nock all the associated domains and IPs

D.implement an IPS signature for the malware and update the blacklisting for the associated domains and IPs

Other Version: 1021CompTIA.CS0-002.v2025-03-13.q112; 2453CompTIA.CS0-002.v2024-10-25.q354; 623CompTIA.CS0-002.v2024-09-17.q264; 858CuramSoftware.CS0-002.v2024-02-05.q218; 4237CuramSoftware.CS0-002.v2022-08-26.q256; 120Curam-Software.Prepawaytest.CS0-002.v2022-02-03.by.kelly.205q.pdf; 14315CuramSoftware.CS0-002.v2022-01-17.q285

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 153Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 166TheSecOpsGroup.CNSP.v2025-09-08.q20; 226CFAInstitute.ESG-Investing.v2025-09-08.q173; 176PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 152Salesforce.Data-Architect.v2025-09-05.q216; 148Adobe.AD0-E605.v2025-09-05.q50

Question 71

Question 72

Question 73

Question 74

Question 75

Download PDF File