Winter Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Pearson CS0-002 New Attempt

Page: 5 / 28
Total 372 questions

CompTIA CySA+ Certification Exam (CS0-002) Questions and Answers

Question 17

While reviewing system logs, a network administrator discovers the following entry:

Which of the following occurred?

Options:

A.

An attempt was made to access a remote workstation.

B.

The PsExec services failed to execute.

C.

A remote shell failed to open.

D.

A user was trying to download a password file from a remote system.

Question 18

Several operator workstations are exhibiting unusual behavior, including applications loading slowly, temporary files being overwritten, and reboot notifications to apply antivirus signatures. During an investigation, an analyst finds evidence of Bitcoin mining. Which of the following is the first step the analyst should take to prevent further spread of the mining operation?

Options:

A.

Reboot each host that is exhibiting the behaviors.

B.

Enable the host-based firewalls to prevent further activity.

C.

Quarantine all the impacted hosts for forensic analysis.

D.

Notify users to turn off all affected devices.

Question 19

A company wants to ensure a third party does not take intellectual property and build a competing product. Which of the following is a non-technical data and privacy control that would best protect the company?

Options:

A.

Data encryption

B.

A non-disclosure agreement

C.

Purpose limitation

D.

Digital rights management

Question 20

A company is required to monitor for unauthorized changes to baselines on all assets to comply with industry regulations. Two of the remote units did not recover after scans were performed on the assets. An analyst needs to recommend a solution to prevent recurrence. Which of the following is the best way to satisfy the regulatory requirement without impacting the availability to similar assets and creating an unsustainable process?

Options:

A.

Manually review the baselines daily and document the results in a change history log

B.

Document exceptions with compensating controls to demonstrate the risk mitigation efforts.

C.

Implement a new scanning technology to satisfy the monitoring requirement and train the team.

D.

Purchase new remote units from other vendors with a proven ability to support scanning requirements.

Page: 5 / 28
Total 372 questions