CertsTopics Logo

Weekend Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Complete CS0-001 CompTIA Materials

Page: 13 / 17
Total 455 questions
Get CS0-001 Full Access Download CS0-001 PDF

CompTIA CSA+ Certification Exam Questions and Answers

Question 49

While reviewing proxy logs, the security analyst noticed a suspicious traffic pattern. Several internal hosts were observed communicating with an external IP address over port 80 constantly. An incident was declared, and an investigation was launched. After interviewing the affected users, the analyst determined the activity started right after deploying a new graphic design suite. Based on this information, which of the following actions would be the appropriate NEXT step in the investigation?

Options:

A.

Update all antivirus and anti-malware products, as well as all other host-based security software on the servers the affected users authenticate to.

B.

Perform a network scan and identify rogue devices that may be generating the observed traffic. Remove those devices from the network.

C.

Identify what the destination IP address is and who owns it, and look at running processes on the affected hosts to determine if the activity is malicious or not.

D.

Ask desktop support personnel to reimage all affected workstations and reinstall the graphic design suite. Run a virus scan to identify if any viruses are present.

Question 50

A company has decided to process credit card transactions directly. Which of the following would meet the requirements for scanning this type of data?

Options:

A.

Quarterly

B.

Yearly

C.

Bi-annually

D.

Monthly

Question 51

An organization is attempting to harden its web servers and reduce the information that might be disclosed by potential attackers. A security analyst is reviewing vulnerability scan results from a recent web server scan.

Portions of the scan results are shown below:

Which of the following lines indicates information disclosure about the host that needs to be remediated?

Options:

A.

Response: ะก:\Documents\MarySmith\mailingList.pdf

B.

Finding#5144322

C.

First Time Detected 10 Nov 2015 09:00 GMT-0600

D.

Access Path: http://myOrg.com/mailingList.htm

E.

Request: GET http://myOrg.com/mailingList.aspx?content=volunteer

Question 52

The primary difference in concern between remediating identified vulnerabilities found in general-purpose IT network servers and that of SCADA systems is that:

Options:

A.

change and configuration management processes do not address SCADA systems.

B.

doing so has a greater chance of causing operational impact in SCADA systems.

C.

SCADA systems cannot be rebooted to have changes to take effect.

D.

patch installation on SCADA systems cannot be verified.

Page: 13 / 17
Total 455 questions
Get CS0-001 Full Access Download CS0-001 PDF