Online Access Free CompTIA.CS0-002.v2025-03-01.q161 Practice Test (Page 19)

CS0-002 Exam Question 86

A security analyst for a large pharmaceutical company was given credentials from a threat intelligence resources organisation for Internal users, which contain usernames and valid passwords for company accounts.
Which of the following is the FIRST action the analyst should take as part of security operations monitoring?

A.Change all the user passwords to ensure the malicious actors cannot use them.

B.Run scheduled antivirus scans on all employees' machines to look for malicious processes.

C.Reimage the machines of all users within the group in case of a malware infection.

D.Search the event logs for event identifiers that indicate Mimikatz was used.

CS0-002 Exam Question 87

Which of the following activities is designed to handle a control
failure that leads to a breach?

A.Vulnerability management

B.Risk assessment

C.Incident management

D.Root cause analysis

CS0-002 Exam Question 88

An organization has a practice of running some administrative services on non-standard ports as a way of frustrating any attempts at reconnaissance. The output of the latest scan on host
192.168.1.13 is shown below:

Which of the following statements is true?

A.Running SSH on port 23 provides little additional security from running it on the standard port.

B.Running SSH on the Telnet port will now be sent across an unencrypted port.

C.Remote SSH connections will automatically default to the standard SSH port.

D.Despite the results of the scan, the service running on port 23 is actually Telnet and not SSH, and creates an additional vulnerability

E.The use of OpenSSH on its default secure port will supersede any other remote connection attempts.

CS0-002 Exam Question 89

An incident responder successfully acquired application binaries off a mobile device for later forensic analysis.
Which of the following should the analyst do NEXT?

A.Inspect the permissions manifests within each application.

B.Encrypt the binaries using an authenticated AES-256 mode of operation.

C.Perform a factory reset on the affected mobile device.

D.Decompile each binary to derive the source code.

E.Compute SHA-256 hashes for each binary.

CS0-002 Exam Question 90

A vulnerability scan has returned the following information:

Which of the following describes the meaning of these results?

A.There is an unknown bug in a Lotus server with no Bugtraq ID.

B.Trend Micro has a known exploit that must be resolved or patched.

C.Connecting to the host using a null session allows enumeration of share names.

D.No CVE is present, so it is a false positive caused by Lotus running on a Windows server.

Other Version: 6619CompTIA.CS0-002.v2025-05-26.q232; 1963CuramSoftware.CS0-002.v2023-11-04.q182; 1412CuramSoftware.CS0-002.v2023-10-26.q112; 1813CuramSoftware.CS0-002.v2023-08-08.q122; 1781CuramSoftware.CS0-002.v2023-06-14.q111; 2689CuramSoftware.CS0-002.v2023-05-12.q218; 3400CuramSoftware.CS0-002.v2023-03-21.q254; 3244CuramSoftware.CS0-002.v2023-03-10.q196; 3035CuramSoftware.CS0-002.v2023-02-04.q184; 2933CuramSoftware.CS0-002.v2023-01-31.q186; 3097CuramSoftware.CS0-002.v2023-01-16.q187; 6869CuramSoftware.CS0-002.v2022-09-30.q394; 3127CuramSoftware.CS0-002.v2022-05-26.q114; 7079CuramSoftware.CS0-002.v2022-03-25.q285; 59Curam-Software.Suretorrent.CS0-002.v2022-03-24.by.sigrid.285q.pdf; 4355CuramSoftware.CS0-002.v2022-01-08.q156; 46Curam-Software.Exam-killer.CS0-002.v2021-08-20.by.ruth.172q.pdf

Latest Upload: 135Oracle.1D0-1057-25-D.v2026-06-03.q29; 268NAHQ.CPHQ.v2026-06-03.q396; 252CompTIA.220-1201.v2026-06-03.q196; 152GIAC.GCFE.v2026-06-03.q78; 145HIMSS.CPHIMS.v2026-06-03.q45; 229Google.Professional-Cloud-Architect.v2026-06-03.q165; 143HP.HPE7-A09.v2026-06-02.q48; 153ACDIS.CCDS-O.v2026-06-02.q56; 132Microsoft.AB-730.v2026-06-02.q31; 208ASQ.CSSBB.v2026-06-02.q130

CS0-002 Exam Question 86

CS0-002 Exam Question 87

CS0-002 Exam Question 88

CS0-002 Exam Question 89

CS0-002 Exam Question 90

Download PDF File