Online Access Free CuramSoftware.CS0-002.v2023-03-10.q196 Practice Test (Page 19)

CS0-002 Exam Question 86

An analyst identifies multiple instances of node-to-node communication between several endpoints within the 10.200.2.0/24 network and a user machine at the IP address 10.200.2.5. This user machine at the IP address 10.200.2.5 is also identified as initiating outbound communication during atypical business hours with several IP addresses that have recently appeared on threat feeds.
Which of the following can be inferred from this activity?

A.10.200.2.5 is a rogue endpoint.

B.10.200.2.5 is exfiltrating data.

C.10.200.2.0/24 is infected with ransomware.

D.10.200.2.0/24 is not routable address space.

CS0-002 Exam Question 87

An organization has a policy that requires servers to be dedicated to one function and unneeded services to be disabled. Given the following output from an Nmap scan of a web server:

Which of the following ports should be closed?

A.1433

B.443

C.22

D.80

CS0-002 Exam Question 88

Which of the following, BEST explains the function of TPM?

A.To provide hardware-based security features using unique keys

B.To ensure platform confidentiality by storing security measurements

C.To implement encryption algorithms for hard drives

D.To improve management of the OS installation.

CS0-002 Exam Question 89

The help desk noticed a security analyst that emails from a new email server are not being sent out. The new email server was recently added to the existing ones. The analyst runs the following command on the new server.

Given the output, which of the following should the security analyst check NEXT?

A.The IP address of the new email server

B.The DNS name of the new email server

C.The version of SPF that is being used

D.The DMARC policy

CS0-002 Exam Question 90

When reviewing a compromised authentication server, a security analyst discovers the following hidden file:

Further analysis shows these users never logged in to the server. Which of the following types of attacks was used to obtain the file and what should the analyst recommend to prevent this type of attack from reoccurring?

A.A rainbow tables attack was used to compromise the accounts. The analyst should recommend that future password hashes contains a salt.

B.A password spraying attack was used to compromise the passwords. The analyst should recommend that all users receive a unique password.

C.A phishing attack was used to compromise the account. The analyst should recommend users install endpoint protection to disable phishing links.

D.A rogue LDAP server is installed on the system and is connecting passwords. The analyst should recommend wiping and reinstalling the server.

Other Version: 6778CompTIA.CS0-002.v2025-05-26.q232; 1472CompTIA.CS0-002.v2025-03-01.q161; 2051CuramSoftware.CS0-002.v2023-11-04.q182; 1474CuramSoftware.CS0-002.v2023-10-26.q112; 1837CuramSoftware.CS0-002.v2023-08-08.q122; 1860CuramSoftware.CS0-002.v2023-06-14.q111; 2791CuramSoftware.CS0-002.v2023-05-12.q218; 3520CuramSoftware.CS0-002.v2023-03-21.q254; 3122CuramSoftware.CS0-002.v2023-02-04.q184; 3021CuramSoftware.CS0-002.v2023-01-31.q186; 3161CuramSoftware.CS0-002.v2023-01-16.q187; 6922CuramSoftware.CS0-002.v2022-09-30.q394; 3227CuramSoftware.CS0-002.v2022-05-26.q114; 7158CuramSoftware.CS0-002.v2022-03-25.q285; 59Curam-Software.Suretorrent.CS0-002.v2022-03-24.by.sigrid.285q.pdf; 4389CuramSoftware.CS0-002.v2022-01-08.q156; 46Curam-Software.Exam-killer.CS0-002.v2021-08-20.by.ruth.172q.pdf

Latest Upload: 138VMware.3V0-21.25.v2026-06-20.q29; 138Microsoft.AB-731.v2026-06-19.q23; 276IIA.IIA-CIA-Part2.v2026-06-19.q308; 167DAMA.MD-1220.v2026-06-19.q66; 164ISTQB.CT-AI.v2026-06-18.q68; 280IIA.IIA-CIA-Part3.v2026-06-17.q220; 199WGU.Introduction-to-IT.v2026-06-17.q67; 264CompTIA.220-1202.v2026-06-16.q110; 155TheInstitutes.CPCU-500.v2026-06-16.q25; 247ACAMS.CAMS7-CN.v2026-06-16.q170

CS0-002 Exam Question 86

CS0-002 Exam Question 87

CS0-002 Exam Question 88

CS0-002 Exam Question 89

CS0-002 Exam Question 90

Download PDF File