CertsTopics Logo

New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

CompTIA CS0-001 Actual Questions

Page: 8 / 17
Total 455 questions
Get CS0-001 Full Access Download CS0-001 PDF

CompTIA CSA+ Certification Exam Questions and Answers

Question 29

A company has received several reports that some or its user accounts were compromised, and Its website Is flagged as Insecure by major search engines. The security analyst reviews the relevant application logs to determine where the problem might be located:

Given the above log Information, which of the following would be the BEST recommendation for the security analyst to give?

Options:

A.

The networking team should update the WAF to block directory traversal.

B.

The development team should implement input sanitation on all web forms.

C.

The server administration team should scan for malware on the server.

D.

The security team should update the IPS to prevent network enumeration.

Question 30

Which of the following describes why it is important for an organization’s incident response team and legal department to meet and discuss communication processes during the incident response process?

Options:

A.

To comply with existing organization policies and procedures on interacting with internal and external parties

B.

To ensure all parties know their roles and effective lines of communication are established

C.

To identify which group will communicate details to law enforcement in the event of a security incident

D.

To predetermine what details should or should not be shared with internal or external parties in the event of an incident

Question 31

An excerpt from the process list of a known compromised host is shown below:

Which of the following would be the MOST plausible scenario describing what happened?

Options:

A.

The user opened an infected PDF file from a personal webmail account.

B.

The user Installed an infected version of Mozilla Firefox from a flash drive.

C.

An attacker used mimikatz to steal Kerberos tokens from the lsass.exe process.

D.

An Insider Is running a PowerShell script to steal user credentials.

Question 32

A security team is implementing a new vulnerability management program in an environment that has a historically poor security posture. The team is aware of issues patch management in the environment and expects a large number of findings. Which of the following would be the MOST efficient way to increase the security posture of the organization in the shortest amount of time?

Options:

A.

Create an SLA stating that remediation actions must occur within 30 days of discovery for all levels of vulnerabilities.

B.

Incorporate prioritization levels into the remediation process and address critical findings first.

C.

Create classification criteria for data residing on different servers and provide remediation only for servers housing sensitive data.

D.

Implement a change control policy that allows the security team to quickly deploy patches in the production environment to reduce the risk of any vulnerabilities found.

Page: 8 / 17
Total 455 questions
Get CS0-001 Full Access Download CS0-001 PDF