Online Access Free CompTIA.CS0-001.v2022-02-21.q338 Practice Test (Page 20)

CS0-001 Exam Question 91

A security audit revealed that port 389 has been used instead of 636 when connecting to LDAP for the authentication of users. The remediation recommended by the audit was to switch the port to 636 wherever technically possible. Which of the following is the BEST response?

A.Correct the audit. This finding is accurate, but the correct remediation is to update encryption keys on each of the servers to match port 636.

B.Correct the audit. This finding is a well-known false positive; the services that typically run on 389 and 636 are identical.

C.Change all devices and servers that support it to 636, as encrypted services run by default on 636.

D.Change all devices and servers that support it to 636, as 389 is a reserved port that requires root access and can expose the server to privilege escalation attacks.

CS0-001 Exam Question 92

An analyst identifies multiple instances of node-to-node communication between several endpoints within the
10.200.2.0/24 network and a user machine at the IP address 10.200.2.5. This user machine at the IP address
10.200.2.5 is also identified as initiating outbound communication during atypical business hours with several IP addresses that have recently appeared on threat feeds.
Which of the following can be inferred from this activity?

A.10.200.2.5 is a rogue endpoint.

B.10.200.2.0/24 is infected with ransomware.

C.10.200.2.5 is exfiltrating data.

D.10.200.2.0/24 is not routable address space.

CS0-001 Exam Question 93

Which of the following utilities could be used to resolve an IP address to a daman name, assuming the address has a PTR record?

A.ifconfig

B.arp

C.nbtotot

D.ping

CS0-001 Exam Question 94

Which of the following is the BEST way to share incident-related artifacts to provide non-repudiation?

A.Encrypted USB drives

B.Network folders

C.Secure email

D.Cloud containers

CS0-001 Exam Question 95

A company uses a managed IDS system, and a security analyst has noticed a large volume of brute force password attacks originating from a single IP address. The analyst put in a ticket with the IDS provider, but no action was taken for 24 hours, and the attacks continued. Which of the following would be the BEST approach for the scenario described?

A.Draft a new MOU to include response incentive fees.

B.Implement an MOA to improve vendor responsiveness.

C.Modify the SLA to support organizational requirements.

D.Reengineer the BPA to meet the organization's needs.

Other Version: 92CompTIA.Testkingfree.CS0-001.v2022-04-21.by.ingemar.338q.pdf; 91CompTIA.Itpass4sure.CS0-001.v2021-09-10.by.kerr.488q.pdf

Latest Upload: 171IIA.IIA-CIA-Part3.v2026-06-17.q220; 129WGU.Introduction-to-IT.v2026-06-17.q67; 189CompTIA.220-1202.v2026-06-16.q110; 125TheInstitutes.CPCU-500.v2026-06-16.q25; 200ACAMS.CAMS7-CN.v2026-06-16.q170; 203CBIC.CIC.v2026-06-15.q123; 136Peoplecert.ITIL-4-Specialist-High-velocity-IT.v2026-06-15.q16; 236HashiCorp.Terraform-Associate-004.v2026-06-15.q126; 141Peoplecert.ITILFNDv5.v2026-06-15.q26; 139Workday.Workday-Pro-HCM-Reporting.v2026-06-15.q28

CS0-001 Exam Question 91

CS0-001 Exam Question 92

CS0-001 Exam Question 93

CS0-001 Exam Question 94

CS0-001 Exam Question 95

Download PDF File