[Free] 2018(Jan) Dumps4cert Passguide CompTIA CS0-001 Dumps with VCE and PDF 31-40

Dumps4cert.com : Latest Dumps with PDF and VCE Files
2018 Jan CompTIA Official New Released CS0-001
100% Free Download! 100% Pass Guaranteed!

CompTIA CSA Certification Exam

Question No: 31

Due to new regulations, a company has decided to institute an organizational vulnerability management program and assign the function to the security team. Which of the following

frameworks would BEST support the program? (Select two.)

  1. COBIT

  2. NIST

  3. ISO 27000 series

  4. ITIL

  5. OWASP

Answer: D,E

Question No: 32

An administrator has been investigating the way in which an actor had been exfiltrating confidential data from a web server to a foreign host. After a thorough forensic review, the administrator determined the server’s BIOS had been modified by rootkit installation. After removing the rootkit and flashing the BIOS to a known good state, which of the following would BEST protect against future adversary access to the BIOS, in case another rootkit is installed?

  1. Anti-malware application

  2. Host-based IDS

  3. TPM data sealing

  4. File integrity monitoring

Answer: C

Question No: 33

The help desk informed a security analyst of a trend that is beginning to develop regarding a suspicious email that has been reported by multiple users. The analyst has determined the email includes an attachment named invoice.zip that contains the following files:

Locky.js xerty.ini xerty.lib

Further analysis indicates that when the .zip file is opened, it is installing a new version of ransomware on the devices. Which of the following should be done FIRST to prevent data on the company NAS from being encrypted by infected devices?

  1. Disable access to the company VPN.

  2. Email employees instructing them not to open the invoice attachment.

  3. Set permissions on file shares to read-only.

  4. Add the URL included in the .js file to the company’s web proxy filter.

Answer: B

Question No: 34

A security professional is analyzing the results of a network utilization report. The report includes the following information:

Dumps4Cert 2018 PDF and VCE

Which of the following servers needs further investigation?

  1. hr.dbprod.01

  2. Ramp;D.file.srvr.01

  3. mrktg.file.srvr.02

  4. web.srvr.03

Answer: B

Question No: 35

A security audit revealed that port 389 has been used instead of 636 when connecting to LDAP for the authentication of users. The remediation recommended by the audit was to switch the port to 636 wherever technically possible. Which of the following is the BEST response?

  1. Correct the audit. This finding is a well-known false positive; the services that typically run on 389 and 636 are identical.

  2. Change all devices and servers that support it to 636, as encrypted services run by default on 636.

  3. Change all devices and servers that support it to 636, as 389 is a reserved port that requires root access and can expose the server to privilege escalation attacks.

  4. Correct the audit. This finding is accurate, but the correct remediation is to update encryption keys on each of the servers to match port 636.

Answer: B

Question No: 36

A company has recently launched a new billing invoice website for a few key vendors. The cybersecurity analyst is receiving calls that the website is performing slowly and the pages sometimes time out. The analyst notices the website is receiving millions of requests, causing the service to become unavailable. Which of the following can be implemented to maintain the availability of the website?

  1. VPN

  2. Honeypot

  3. Whitelisting

  4. DMZ

  5. MAC filtering

Answer: C

Question No: 37

A software assurance lab is performing a dynamic assessment on an application by automatically generating and inputting different, random data sets to attempt to cause an error/failure condition. Which of the following software assessment capabilities is the lab performing AND during which phase of the SDLC should this occur? (Select two.)

  1. Fuzzing

  2. Behavior modeling

  3. Static code analysis

  4. Prototyping phase

  5. Requirements phase

  6. Planning phase

Answer: A,B,C,E,F

Question No: 38

A technician is running an intensive vulnerability scan to detect which ports are open to exploit. During the scan, several network services are disabled and production is affected. Which of the following sources would be used to evaluate which network service was interrupted?

  1. Syslog

  2. Network mapping

  3. Firewall logs

  4. NIDS

Answer: A

Question No: 39 CORRECT TEXT

The developers recently deployed new code to three web servers. A daily automated external device scan report shows server vulnerabilities that are failing items according to PCI DSS. If the vulnerability is not valid, the analyst must take the proper steps to get the scan clean. If the vulnerability is valid, the analyst must remediate the finding. After reviewing the given information, select the STEP 2 tab in order to complete the simulation by selecting the correct “Validation Result” AND “Remediation Action” for each server listed using the drop down options.


If at any time you would like to bring back the initial state of the simulation, please select the Reset button. When you have completed the simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue.

Dumps4Cert 2018 PDF and VCE

Dumps4Cert 2018 PDF and VCE

Dumps4Cert 2018 PDF and VCE

Dumps4Cert 2018 PDF and VCE

Dumps4Cert 2018 PDF and VCE

Dumps4Cert 2018 PDF and VCE

Answer: Pending

Please send your Suggestions for this question.

Question No: 40

A security analyst is creating baseline system images to remediate vulnerabilities found in different operating systems. Each image needs to be scanned before it is deployed. The security analyst must ensure the configurations match industry standard benchmarks and the process can be repeated frequently. Which of the following vulnerability options would BEST create the process requirements?

  1. Utilizing an operating system SCAP plugin

  2. Utilizing an authorized credential scan

  3. Utilizing a non-credential scan

  4. Utilizing a known malware plugin

Answer: A

100% Dumps4cert Free Download!
Download Free Demo:CS0-001 Demo PDF
100% Dumps4cert Free Guaranteed!
CS0-001 Dumps

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.