Online Access Free CuramSoftware.CS0-002.v2023-02-04.q184 Practice Test (Page 32)

CS0-002 Exam Question 151

A security analyst receives an alert that highly sensitive information has left the company's network Upon investigation, the analyst discovers an outside IP range has had connections from three servers more than 100 times m the past month The affected servers are virtual machines Which of the following is the BEST course of action?

A.Report the data exfiltration to management take the affected servers offline, conduct an antivirus scan, remediate all threats found, and return the servers to service.

B.Determine if any other servers have been affected, snapshot any servers found, determine the vector that was used to allow the data exfiltration. fix any vulnerabilities, remediate, and report.

C.Disconnect the affected servers from the network, use the virtual machine console to access the systems, determine which information has left the network, find the security weakness, and remediate

D.Shut down the servers as soon as possible, move them to a clean environment, restart, run a vulnerability scanner to find weaknesses determine the root cause, remediate, and report

CS0-002 Exam Question 152

A team of security analysts has been alerted to potential malware activity. The initial examination indicates one of the affected workstations is beaconing on TCP port 80 to five IP addresses and attempting to spread across the network over port 445. Which of the following should be the team's NEXT step during the detection phase of this response process?

A.Escalate the incident to management, who will then engage the network infrastructure team to keep them informed.

B.Depending on system criticality, remove each affected device from the network by disabling wired and wireless connections.

C.Identify potentially affected systems by creating a correlation search in the SIEM based on the network traffic.

D.Engage the engineering team to block SMB traffic internally and outbound HTTP traffic to the five IP addresses.

CS0-002 Exam Question 153

Which of the following BEST articulates the benefit of leveraging SCAP in an organization's cybersecurity analysis toolset?

A.It automatically performs remedial configuration changes to enterprise security services

B.It provides validation of suspected system vulnerabilities through workflow orchestration

C.It establishes a continuous integration environment for software development operations

D.It enables standard checklist and vulnerability analysis expressions for automation

CS0-002 Exam Question 154

An information security analyst observes anomalous behavior on the SCADA devices in a power plant. This behavior results in the industrial generators overheating and destabilizing the power supply.
Which of the following would BEST identify potential indicators of compromise?

A.Use Nmap to capture packets from the management system to the SCADA devices.

B.Use tcpdump to capture packets from the SCADA device IP.

C.Use Wireshark to capture packets between SCADA devices and the management system.

D.Use Burp Suite to capture packets to the SCADA device's IP.

CS0-002 Exam Question 155

In web application scanning, static analysis refers to scanning:

A.an application that is installed and active on a system.

B.the compiled code of the application to detect possible issues.

C.the system for vulnerabilities before installing the application.

D.an application that is installed on a system that is assigned a static IP.

Other Version: 6669CompTIA.CS0-002.v2025-05-26.q232; 1405CompTIA.CS0-002.v2025-03-01.q161; 2018CuramSoftware.CS0-002.v2023-11-04.q182; 1449CuramSoftware.CS0-002.v2023-10-26.q112; 1824CuramSoftware.CS0-002.v2023-08-08.q122; 1818CuramSoftware.CS0-002.v2023-06-14.q111; 2773CuramSoftware.CS0-002.v2023-05-12.q218; 3447CuramSoftware.CS0-002.v2023-03-21.q254; 3291CuramSoftware.CS0-002.v2023-03-10.q196; 2992CuramSoftware.CS0-002.v2023-01-31.q186; 3111CuramSoftware.CS0-002.v2023-01-16.q187; 6897CuramSoftware.CS0-002.v2022-09-30.q394; 3194CuramSoftware.CS0-002.v2022-05-26.q114; 7115CuramSoftware.CS0-002.v2022-03-25.q285; 59Curam-Software.Suretorrent.CS0-002.v2022-03-24.by.sigrid.285q.pdf; 4380CuramSoftware.CS0-002.v2022-01-08.q156; 46Curam-Software.Exam-killer.CS0-002.v2021-08-20.by.ruth.172q.pdf

Latest Upload: 155CrowdStrike.CCSE-204.v2026-06-12.q25; 168VMware.2V0-17.25.v2026-06-12.q49; 167Appian.ACA-100.v2026-06-11.q23; 235CompTIA.220-1202.v2026-06-11.q114; 181CheckPoint.156-590.v2026-06-11.q47; 253CompTIA.220-1202.v2026-06-10.q109; 219CertiProf.CEHPC.v2026-06-10.q54; 154Hitachi.HQT-4160.v2026-06-10.q25; 416PMI.PMI-ACP-CN.v2026-06-09.q453; 199Splunk.SPLK-5002.v2026-06-08.q52

CS0-002 Exam Question 151

CS0-002 Exam Question 152

CS0-002 Exam Question 153

CS0-002 Exam Question 154

CS0-002 Exam Question 155

Download PDF File