March Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bigdisc65

CompTIA CySA+ CS0-002 Passing Score

Page: 5 / 27
Question 20

At which of the following phases of the SDLC shoukJ security FIRST be involved?

Options:

A.

Design

B.

Maintenance

C.

Implementation

D.

Analysis

E.

Planning

F.

Testing

Question 21

According to a static analysis report for a web application, a dynamic code evaluation script injection vulnerability was found. Which of the following actions is the BEST option to fix the vulnerability in the source code?

Options:

A.

Delete the vulnerable section of the code immediately.

B.

Create a custom rule on the web application firewall.

C.

Validate user input before execution and interpretation.

D.

Use parameterized queries.

Question 22

A company stores all of its data in the cloud. All company-owned laptops are currently unmanaged, and all users have administrative rights. The security team is having difficulty identifying a way to secure the environment. Which of the following would be the BEST method to protect the company's data?

Options:

A.

Implement UEM on an systems and deploy security software.

B.

Implement DLP on all workstations and block company data from being sent outside the company

C.

Implement a CASB and prevent certain types of data from being downloaded to a workstation

D.

Implement centralized monitoring and logging for an company systems.

Question 23

A company is building a new fabrication plant and designing its production lines based on the products it manufactures and the networks to support them. The security engineer has the following requirements:

• Each production line must be secured using a single posture.

• Each production line must only communicate with the other lines in a least privilege method.

• Access to each production line from the rest of the network must be strictly controlled.

To best provide the protection that meets these requirements, each product line should be:

Options:

A.

logically segmented and firewalled to control inbound and outbound connectivity.

B.

air gapped and firewalled to manage connectivity.

C.

air gapped but connected to one another by data diodes.

D.

logically segmented and then air gapped to specifically limit traffic.

Page: 5 / 27
Exam Code: CS0-002
Exam Name: CompTIA CySA+ Certification Exam (CS0-002)
Last Update: Mar 29, 2024
Questions: 372
CS0-002 pdf

CS0-002 PDF

$28  $80
CS0-002 Engine

CS0-002 Testing Engine

$33.25  $95
CS0-002 PDF + Engine

CS0-002 PDF + Testing Engine

$45.5  $130