Labour Day Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bigdisc65

CompTIA CS0-001 Questions Answers

Previous
Page: 4 / 16
Next
Question 16

Given the following output from a Linux machine:

file2cable –i eth0 -f file.pcap

Which of the following BEST describes what a security analyst is trying to accomplish?

Options:

A.

The analyst is attempting to measure bandwidth utilization on interface eth0.

B.

The analyst is attempting to capture traffic on interface eth0.

C.

The analyst is attempting to replay captured data from a PCAP file.

D.

The analyst is attempting to capture traffic for a PCAP file.

E.

The analyst is attempting to use a protocol analyzer to monitor network traffic.

Question 17

During a review of security controls, an analyst was able to connect to an external, unsecured FTP server from a workstation. The analyst was troubleshooting and reviewed the ACLs of the segment firewall the workstation is connected to:

Based on the ACLs above, which of the following explains why the analyst was able to connect to the FTP server?

Options:

A.

FTP was explicitly allowed in Seq 8 of the ACL.

B.

FTP was allowed in Seq 10 of the ACL.

C.

FTP was allowed as being included in Seq 3 and Seq 4 of the ACL.

D.

FTP was allowed as being outbound from Seq 9 of the ACL.

Question 18

A technician receives the following security alert from the firewall’s automated system:

After reviewing the alert, which of the following is the BEST analysis?

Options:

A.

This alert is a false positive because DNS is a normal network function.

B.

This alert indicates a user was attempting to bypass security measures using dynamic DNS.

C.

This alert was generated by the SIEM because the user attempted too many invalid login attempts.

D.

This alert indicates an endpoint may be infected and is potentially contacting a suspect host.

Question 19

A security analyst is concerned that employees may attempt to exfiltrate data prior to tendering their resignations. Unfortunately, the company cannot afford to purchase a data loss prevention (DLP) system. Which of the following recommendations should the security analyst make to provide defense-in-depth against data loss? (Select THREE).

Options:

A.

Prevent users from accessing personal email and file-sharing sites via web proxy

B.

Prevent flash drives from connecting to USB ports using Group Policy

C.

Prevent users from copying data from workstation to workstation

D.

Prevent users from using roaming profiles when changing workstations

E.

Prevent Internet access on laptops unless connected to the network in the office or via VPN

F.

Prevent users from being able to use the copy and paste functions

Previous
Page: 4 / 16
Next
Pearson CS0-001 New Attempt, CompTIA CS0-001 Based on Real Exam Environment, CompTIA CS0-001 Questions Answers, Pass Using CS0-001 Exam Dumps, Newly Released CompTIA CS0-001 Exam PDF, Changed CS0-001 Exam Questions, Free CS0-001 Questions Attempt, CompTIA CySA+ Changed CS0-001 Questions, CS0-001 CompTIA Exam Lab Questions, Online CS0-001 Questions Video, CompTIA CySA+ CS0-001 Updated Exam, Sure Pass Exam CS0-001 PDF, CompTIA CySA+ CS0-001 Release Date, CompTIA CySA+ CS0-001 CompTIA Study Notes, PDF CS0-001 Study Guide,
Exam Code: CS0-001
Exam Name: CompTIA CSA+ Certification Exam
Last Update: Apr 14, 2023
Questions: 455
CS0-001 pdf

CS0-001 PDF

$28  $80
 Add to Cart
CS0-001 Engine

CS0-001 Testing Engine

$33.25  $95
 Add to Cart
CS0-001 PDF + Engine

CS0-001 PDF + Testing Engine

$45.5  $130
 Add to Cart