Free Access CuramSoftware.CS0-002.v2023-02-13.q163 Practice Test (Page 17)

Question 76

While investigating reports or issues with a web server, a security analyst attempts to log in remotely and recedes the following message:

The analyst accesses the server console, and the following console messages are displayed:

The analyst is also unable to log in on the console. While reviewing network captures for the server, the analyst sees many packets with the following signature:

Which of the following is the BEST step for the analyst to lake next in this situation?

A.Corporate data is being exfilltrated from the server Reboot the server and log in to see if it contains any sensitive data.

B.After ensuring network captures from the server are saved isolate the server from the network take a memory snapshot, reboot and log in to do further analysis.

C.Load the network captures into a protocol analyzer to further investigate the communication with 128.30.100.23, as this may be a botnet command server

D.Cryptomining malware is running on the server and utilizing an CPU and memory. Reboot the server and disable any cron Jobs or startup scripts that start the mining software.

Question 77

During the forensic analysis of a compromised machine, a security analyst discovers some binaries that are exhibiting abnormal behaviors. After extracting the strings, the analyst finds unexpected content Which of the following is the NEXT step the analyst should take?

A.Run an antivirus against the binaries to check for malware.

B.Only allow whitelisted binaries to execute.

C.Use file integrity monitoring to validate the digital signature.

D.Validate the binaries' hashes from a trusted source.

Question 78

An incident responder successfully acquired application binaries off a mobile device for later forensic analysis.
Which of the following should the analyst do NEXT?

A.Decompile each binary to derive the source code.

B.Inspect the permissions manifests within each application.

C.Encrypt the binaries using an authenticated AES-256 mode of operation.

D.Compute SHA-256 hashes for each binary.

E.Perform a factory reset on the affected mobile device.

Question 79

While implementing a PKI for a company, a security analyst plans to utilize a dedicated server as the certAcate authority that is only used to sign intermediate certificates. Which of the following are the MOST secure states for the certificate authority server when it is not in use? (Select TWO)

A.Backed up hourly

B.VPN accessible only

C.Air gapped

D.Full disk encrypted

E.Powered off

F.On a private VLAN

Question 80

Which of the following BEST explains the function of a managerial control?

A.To help design and implement the security planning, program development, and maintenance of the security life cycle

B.To ensure tactical design, selection of technology to protect data, logical access reviews, and the implementation of audit trails

C.To guide the development of training, education, security awareness programs, and system maintenance

D.To create data classification, risk assessments, security control reviews, and contingency planning

Other Version: 1021CompTIA.CS0-002.v2025-03-13.q112; 2453CompTIA.CS0-002.v2024-10-25.q354; 623CompTIA.CS0-002.v2024-09-17.q264; 858CuramSoftware.CS0-002.v2024-02-05.q218; 4237CuramSoftware.CS0-002.v2022-08-26.q256; 120Curam-Software.Prepawaytest.CS0-002.v2022-02-03.by.kelly.205q.pdf; 14315CuramSoftware.CS0-002.v2022-01-17.q285

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 153Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 166TheSecOpsGroup.CNSP.v2025-09-08.q20; 226CFAInstitute.ESG-Investing.v2025-09-08.q173; 176PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 152Salesforce.Data-Architect.v2025-09-05.q216; 148Adobe.AD0-E605.v2025-09-05.q50

Question 76

Question 77

Question 78

Question 79

Question 80

Download PDF File