Winter Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Last Attempt CS0-002 Questions

Page: 26 / 28
Total 372 questions

CompTIA CySA+ Certification Exam (CS0-002) Questions and Answers

Question 101

An organization is adopting loT devices at an increasing rate and will need to account for firmware updates in its vulnerability management programs. Despite the number of devices being deployed, the organization has only focused on software patches so far. leaving hardware-related weaknesses open to compromise. Which of the following best practices will help the organization to track and deploy trusted firmware updates as part of its vulnerability management programs?

Options:

A.

Utilize threat intelligence to guide risk evaluation activities and implement critical updates after proper testing.

B.

Apply all firmware updates as soon as they are released to mitigate the risk of compromise.

C.

Determine an annual patch cadence to ensure all patching occurs at the same time.

D.

Implement an automated solution that detects when vendors release firmware updates and immediately deploy updates to production.

Question 102

During a review of the vulnerability scan results on a server, an information security analyst notices the following:

The MOST appropriate action for the analyst to recommend to developers is to change the web server so:

Options:

A.

It only accepts TLSvl 2

B.

It only accepts cipher suites using AES and SHA

C.

It no longer accepts the vulnerable cipher suites

D.

SSL/TLS is offloaded to a WAF and load balancer

Question 103

Which of the following are the most likely reasons to include reporting processes when updating an incident response plan after a breach? (Select two).

Options:

A.

To use the SLA to determine when to deliver the report

B.

To meet regulatory requirements for timely reporting

C.

To limit reputation damage caused by the breach

D.

To remediate vulnerabilities that led to the breach

E.

To isolate potential insider threats

F.

To provide secure network design changes

Question 104

Which of the following is the BEST way to gather patch information on a specific server?

Options:

A.

Event Viewer

B.

Custom script

C.

SCAP software

D.

CI/CD

Page: 26 / 28
Total 372 questions