Online Access Free CompTIA.CS0-002.v2025-05-26.q232 Practice Test (Page 35)

CS0-002 Exam Question 166

An organization discovers motherboards within the environment that appear to have been physically altered during the manufacturing process. Which of the following is the BEST course of action to mitigate the risk of this reoccurring?

A.Perform an assessment of the firmware to determine any malicious modifications.

B.Conduct a trade study to determine if the additional risk constitutes further action.

C.Coordinate a supply chain assessment to ensure hardware authenticity.

D.Work with IT to replace the devices with the known-altered motherboards.

CS0-002 Exam Question 167

Industry partners from critical infrastructure organizations were victims of attacks on their SCADA devices. The attacker was able to gain access to the SCADA by logging in to an account with weak credentials. Which of the following identity and access management solutions would help to mitigate this risk?

A.Multifactor authentication

B.Endpoint detection and response

C.Manual access reviews

D.Role-based access control

CS0-002 Exam Question 168

During routine monitoring a security analyst identified the following enterpnse network traffic:
Packet capture output:

Which of the following BEST describes what the security analyst observed?

A.66.187.224.210 set up a DNS hijack with 192.168.12.21.

B.192.168.12.21 made a TCP connection to 209 132 177 50

C.209.132.177.50 set up a TCP reset attack to 192 168 12 21

D.192.168.12.21 made a TCP connection to 66 187 224 210

CS0-002 Exam Question 169

A security manager has asked an analyst to provide feedback on the results of a penetration test. After reviewing the results, the manager requests information regarding the possible exploitation of vulnerabilities. Which of the following information data points would be MOST useful for the analyst to provide to the security manager, who would then communicate the risk factors to the senior management team? (Select TWO).

A.Probability

B.Adversary capability

C.Attack vector

D.Impact

E.Classification

F.Indicators of compromise

CS0-002 Exam Question 170

A technician receives the following security alert from the firewall's automated system:

After reviewing the alert, which of the following is the BEST analysis?

A.This alert indicates a user was attempting to bypass security measures using dynamic DNS.

B.This alert was generated by the SIEM because the user attempted too many invalid login attempts.

C.This alert is a false positive because DNS is a normal network function.

D.This alert indicates an endpoint may be infected and is potentially contacting a suspect host.

Other Version: 520CompTIA.CS0-002.v2025-03-01.q161; 1633CuramSoftware.CS0-002.v2023-11-04.q182; 1116CuramSoftware.CS0-002.v2023-10-26.q112; 1515CuramSoftware.CS0-002.v2023-08-08.q122; 1516CuramSoftware.CS0-002.v2023-06-14.q111; 2334CuramSoftware.CS0-002.v2023-05-12.q218; 2958CuramSoftware.CS0-002.v2023-03-21.q254; 2828CuramSoftware.CS0-002.v2023-03-10.q196; 2574CuramSoftware.CS0-002.v2023-02-04.q184; 2520CuramSoftware.CS0-002.v2023-01-31.q186; 2749CuramSoftware.CS0-002.v2023-01-16.q187; 6399CuramSoftware.CS0-002.v2022-09-30.q394; 2865CuramSoftware.CS0-002.v2022-05-26.q114; 6537CuramSoftware.CS0-002.v2022-03-25.q285; 59Curam-Software.Suretorrent.CS0-002.v2022-03-24.by.sigrid.285q.pdf; 4099CuramSoftware.CS0-002.v2022-01-08.q156; 46Curam-Software.Exam-killer.CS0-002.v2021-08-20.by.ruth.172q.pdf

Latest Upload: 111PsychiatricRehabilitationAssociation.CPRP.v2025-10-22.q44; 108CompTIA.220-1101.v2025-10-22.q764; 108EC-COUNCIL.312-76.v2025-10-22.q127; 112Avaya.78201X.v2025-10-22.q116; 143NBRC.RPFT.v2025-10-21.q106; 115VMware.2V0-13.24.v2025-10-21.q73; 145PennsylvaniaRealEstateCommission.RePA_Sales_S.v2025-10-20.q17; 145Adobe.AD0-E608.v2025-10-20.q47; 128Appian.ACD-201.v2025-10-20.q65; 191SASInstitute.A00-215.v2025-10-18.q136

CS0-002 Exam Question 166

CS0-002 Exam Question 167

CS0-002 Exam Question 168

CS0-002 Exam Question 169

CS0-002 Exam Question 170

Download PDF File