Online Access Free CuramSoftware.CS0-002.v2022-09-30.q394 Practice Test (Page 75)

CS0-002 Exam Question 366

A cybersecurity analyst is reviewing Apache logs on a web server and finds that some logs are missing. The analyst has identified that the systems administrator accidentally deleted some log files. Which of the following actions or rules should be implemented to prevent this incident from reoccurring?

A.Backup server

B.Separation of duties

C.Mandatory vacation

D.Personnel training

CS0-002 Exam Question 367

When reviewing network traffic, a security analyst detects suspicious activity:

Based on the log above, which of the following vulnerability attacks is occurring?

A.ShellShock

B.DROWN

C.Zeus

D.Heartbleed

E.POODLE

CS0-002 Exam Question 368

A company has been a victim of multiple volumetric DoS attacks. Packet analysis of the offending traffic shows the following:

Which of the following mitigation techniques is MOST effective against the above attack?

A.The company should contact the upstream ISP and ask that RFC1918 traffic be dropped.

B.The company should implement a network-based sinkhole to drop all traffic coming from
192.168.1.1 at their gateway router.

C.The company should enable the DoS resource starvation protection feature of the gateway NIPS.

D.The company should implement the following ACL at their gateway firewall:DENY IP HOST
192.168.1.1 170.43.30.0/24.

CS0-002 Exam Question 369

The steering committee for information security management annually reviews the security incident register for the organization to look for trends and systematic issues The steering committee wants to rank the risks based on past incidents to improve the security program for next year Below is the incident register for the organization.

Which of the following should the organization consider investing in FIRST due to the potential impact of availability?

CS0-002 Exam Question 370

A technician at a company's retail store notifies an analyst that disk space is being consumed at a rapid rate on several registers. The uplink back to the corporate office is also saturated frequently. The retail location has no Internet access. An analyst then observes several occasional IPS alerts indicating a server at corporate has been communicating with an address on a watchlist. Netflow data shows large quantities of data transferred at those times.
Which of the following is MOST likely causing the issue?

A.Ransomware on the corporate network has propagated from the corporate network to the registers and has begun encrypting files there.

B.Malware on a register is scraping credit card data and staging it on a server at the corporate office before uploading it to an attacker-controlled command and control server.

C.A penetration test is being run against the registers from the IP address indicated on the watchlist, generating large amounts of traffic and data storage.

D.A credit card processing file was declined by the card processor and caused transaction logs on the registers to accumulate longer than usual.

Other Version: 5507CompTIA.CS0-002.v2025-05-26.q232; 518CompTIA.CS0-002.v2025-03-01.q161; 1632CuramSoftware.CS0-002.v2023-11-04.q182; 1115CuramSoftware.CS0-002.v2023-10-26.q112; 1512CuramSoftware.CS0-002.v2023-08-08.q122; 1514CuramSoftware.CS0-002.v2023-06-14.q111; 2333CuramSoftware.CS0-002.v2023-05-12.q218; 2957CuramSoftware.CS0-002.v2023-03-21.q254; 2827CuramSoftware.CS0-002.v2023-03-10.q196; 2573CuramSoftware.CS0-002.v2023-02-04.q184; 2498CuramSoftware.CS0-002.v2023-01-31.q186; 2727CuramSoftware.CS0-002.v2023-01-16.q187; 2863CuramSoftware.CS0-002.v2022-05-26.q114; 6536CuramSoftware.CS0-002.v2022-03-25.q285; 59Curam-Software.Suretorrent.CS0-002.v2022-03-24.by.sigrid.285q.pdf; 4095CuramSoftware.CS0-002.v2022-01-08.q156; 46Curam-Software.Exam-killer.CS0-002.v2021-08-20.by.ruth.172q.pdf

Latest Upload: 165SASInstitute.A00-215.v2025-10-18.q136; 118ATLASSIAN.ACP-100.v2025-10-17.q60; 144SAP.P_BTPA_2408.v2025-10-16.q29; 169SAP.C-HAMOD-2404.v2025-10-16.q73; 210IASP.SPP.v2025-10-15.q59; 199AmericanSocietyofMicrobiology.ABMM.v2025-10-15.q70; 138EC-COUNCIL.312-39.v2025-10-15.q80; 124Huawei.H35-210_V2.5.v2025-10-14.q125; 154Oracle.1Z0-129.v2025-10-14.q73; 246VMware.2V0-17.25.v2025-10-14.q93

CS0-002 Exam Question 366

CS0-002 Exam Question 367

CS0-002 Exam Question 368

CS0-002 Exam Question 369

CS0-002 Exam Question 370

Download PDF File