CS0-002 Exam Question 21
An organization is focused on restructuring its data governance programs and an analyst has been Tasked with surveying sensitive data within the organization. Which of the following is the MOST accurate method for the security analyst to complete this assignment?
CS0-002 Exam Question 22
A security technician is testing a solution that will prevent outside entities from spoofing the company's email domain, which is comptia.org. The testing is successful, and the security technician is prepared to fully implement the solution.
Which of the following actions should the technician take to accomplish this task?
Which of the following actions should the technician take to accomplish this task?
CS0-002 Exam Question 23
During a routine network scan, a security administrator discovered an unidentified service running on a new embedded and unmanaged HVAC controller, which is used to monitor the company's datacenter:
The enterprise monitoring service requires SNMP and SNMPTRAP connectivity to operate.
Which of the following should the security administrator implement to harden the system?
The enterprise monitoring service requires SNMP and SNMPTRAP connectivity to operate.
Which of the following should the security administrator implement to harden the system?
CS0-002 Exam Question 24
A vulnerability assessment solution is hosted in the cloud This solution will be used as an accurate inventory data source for both the configuration management database and the governance nsk and compliance tool An analyst has been asked to automate the data acquisition Which of the following would be the BEST way to acqutre the data'
CS0-002 Exam Question 25
An organization has the following vulnerability remediation policies:
* For production environment servers:
* Vulnerabilities with a CVSS score of 9.0 or greater must be remediated within 48 hours.
* Vulnerabilities with a CVSS score of 5.0 to 8.9 must be remediated within 96 hours.
* Vulnerabilities in lower environments may be left unremediated for up to two weeks.
* All vulnerability remediations must be validated in a testing environment before they are applied in the production environment.
The organization has two environments: production and testing. The accountingProd server is the only server that contains highly sensitive information.
A recent vulnerability scan provided the following report:
Which of the following identifies the server that should be patched first? (Choose Two)
* For production environment servers:
* Vulnerabilities with a CVSS score of 9.0 or greater must be remediated within 48 hours.
* Vulnerabilities with a CVSS score of 5.0 to 8.9 must be remediated within 96 hours.
* Vulnerabilities in lower environments may be left unremediated for up to two weeks.
* All vulnerability remediations must be validated in a testing environment before they are applied in the production environment.
The organization has two environments: production and testing. The accountingProd server is the only server that contains highly sensitive information.
A recent vulnerability scan provided the following report:
Which of the following identifies the server that should be patched first? (Choose Two)