Winter Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

CompTIA CySA+ CS0-002 Release Date

Page: 15 / 28
Total 372 questions

CompTIA CySA+ Certification Exam (CS0-002) Questions and Answers

Question 57

Which of the following is the best method to ensure secure boot UEFI features are enabled to prevent boot malware?

Options:

A.

Enable secure boot in the hardware and reload the operating system.

B.

Reconfigure the system's MBR and enable NTFS.

C.

Set I-JEFI to legacy mode and enable security features.

D.

Convert the legacy partition table to UEFI and repair the operating system.

Question 58

A security analyst is reviewing vulnerability scans from an organization's internet-facing web services. The following is from an output file called ssl-test_webapps.comptia.org:

Which of the following lines from this output most likely indicates that attackers could quickly use brute force and determine the negotiated secret session key?

Options:

A.

TLS_RSA_WITH_DES_CBC_SHA 56

B.

TLS_DHE_RSA_WITH_AES_128_CBC_SHA 128 DH (1024 bits)

C.

TLS_RSA_K1TH_A£S_256_CBC_SHA 256

D.

TLS_DHE_RSA_WITH_AES_256_GCM_SHA256 DH (2048 bits)

Question 59

A new variant of malware is spreading on the company network using TCP 443 to contact its command-and-control server The domain name used for callback continues to change, and the analyst is unable to predict future domain name variance Which of the following actions should the analyst take to stop malicious communications with the LEAST disruption to service?

Options:

A.

Implement a sinkhole with a high entropy level

B.

Disable TCP/53 at the parameter firewall

C.

Block TCP/443 at the edge router

D.

Configure the DNS forwarders to use recursion

Question 60

A security is reviewing a vulnerability scan report and notes the following finding:

As part of the detection and analysis procedures, which of the following should the analyst do NEXT?

Options:

A.

Patch or reimage the device to complete the recovery

B.

Restart the antiviruses running processes

C.

Isolate the host from the network to prevent exposure

D.

Confirm the workstation's signatures against the most current signatures.

Page: 15 / 28
Total 372 questions