Download CompTIA CSA+ Certification Exam.CS0-001.Train4Sure.2018-10-28.108q.tqb

Vendor: CompTIA
Exam Code: CS0-001
Exam Name: CompTIA CSA+ Certification Exam
Date: Oct 28, 2018
File Size: 2 MB
Download Exam

How to open TQB files?

Files with TQB (Taurus Question Bank) extension can be opened by Taurus Exam Studio.

Download
Taurus Exam Studio

Purchase
Coupon: TAURUSSIM_20OFF

Discount: 20%

Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator

Demo Questions

Question 1
An analyst wants to use a command line tool to identify open ports and running services on a host along with the application that is associated with those services and port. 
Which of the following should the analyst use?
  1. Wireshark
  2. Qualys
  3. netstat
  4. nmap
  5. ping
Correct answer: D
Question 2
In order to meet regulatory compliance objectives for the storage of PHI, vulnerability scans must be conducted on a continuous basis. The last completed scan of the network returned 5,682 possible vulnerabilities. The Chief Information Officer (CIO) would like to establish a remediation plan to resolve all known issues. 
Which of the following is the BEST way to proceed?
  1. Attempt to identify all false positives and exceptions, and then resolve all remaining items.
  2. Hold off on additional scanning until the current list of vulnerabilities have been resolved.
  3. Place assets that handle PHI in a sandbox environment, and then resolve all vulnerabilities.
  4. Reduce the scan to items identified as critical in the asset inventory, and resolve these issues first.
Correct answer: D
Question 3
An administrator has been investigating the way in which an actor had been exfiltrating confidential data from a web server to a foreign host. After a thorough forensic review, the administrator determined the server’s BIOS had been modified by rootkit installation. After removing the rootkit and flashing the BIOS to a known good state, which of the following would BEST protect against future adversary access to the BIOS, in case another rootkit is installed?
  1. Anti-malware application
  2. Host-based IDS
  3. TPM data sealing
  4. File integrity monitoring
Correct answer: C
Question 4
A security analyst is reviewing the following log after enabling key-based authentication. 
  
 
Given the above information, which of the following steps should be performed NEXT to secure the system?
  1. Disable anonymous SSH logins.
  2. Disable password authentication for SSH.
  3. Disable SSHv1.
  4. Disable remote root SSH logins.
Correct answer: B
Question 5
A cybersecurity analyst has received a report that multiple systems are experiencing slowness as a result of a DDoS attack. 
Which of the following would be the BEST action for the cybersecurity analyst to perform?
  1. Continue monitoring critical systems.
  2. Shut down all server interfaces.
  3. Inform management of the incident.
  4. Inform users regarding the affected systems.
Correct answer: C
Question 6
A security analyst has been asked to remediate a server vulnerability. Once the analyst has located a patch for the vulnerability, which of the following should happen NEXT?
  1. Start the change control process.
  2. Rescan to ensure the vulnerability still exists.
  3. Implement continuous monitoring.
  4. Begin the incident response process.
Correct answer: A
Question 7
A software assurance lab is performing a dynamic assessment on an application by automatically generating and inputting different, random data sets to attempt to cause an error/failure condition. Which of the following software assessment capabilities is the lab performing AND during which phase of the SDLC should this occur? (Select two.)
  1. Fuzzing
  2. Behavior modeling
  3. Static code analysis
  4. Prototyping phase
  5. Requirements phase
  6. Planning phase
Correct answer: AD
Explanation:
Reference: http://www.brighthub.com/computing/smb-security/articles/9956.aspx
Reference: http://www.brighthub.com/computing/smb-security/articles/9956.aspx
Question 8
Law enforcement has contacted a corporation’s legal counsel because correlated data from a breach shows the organization as the common denominator from all indicators of compromise. An employee overhears the conversation between legal counsel and law enforcement, and then posts a comment about it on social media. The media then starts contacting other employees about the breach. Which of the following steps should be taken to prevent further disclosure of information about the breach?
  1. Perform security awareness training about incident communication.
  2. Request all employees verbally commit to an NDA about the breach.
  3. Temporarily disable employee access to social media
  4. Have law enforcement meet with employees.
Correct answer: A
Question 9
A recent vulnerability scan found four vulnerabilities on an organization’s public Internet-facing IP addresses. 
Prioritizing in order to reduce the risk of a breach to the organization, which of the following should be remediated FIRST?
  1. A cipher that is known to be cryptographically weak.
  2. A website using a self-signed SSL certificate.
  3. A buffer overflow that allows remote code execution.
  4. An HTTP response that reveals an internal IP address.
Correct answer: C
Question 10
A security professional is analyzing the results of a network utilization report. The report includes the following information:
  
Which of the following servers needs further investigation?
  1. hr.dbprod.01
  2. R&D.file.srvr.01
  3. mrktg.file.srvr.02
  4. web.srvr.03
Correct answer: A
CONNECT US
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!