Winter Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bigdisc65

CS0-002 Leak Questions

Page: 18 / 27
Question 72

An analyst determines a security incident has occurred Which of the following is the most appropnate NEXT step in an incident response plan?

Options:

A.

Consult the malware analysis process

B.

Consult the disaster recovery plan

C.

Consult the data classification process

D.

Consult the communications plan

Question 73

A company's Chief Information Security Officer [CISO) is concerned about the integrity of some highly confidential files. Any changes to these files must be tied back to a specific authorized user's activity session. Which of the following is the best technique to address the ClSO's concerns?

Options:

A.

Configure DLP to reject all changes to the files without pre-authorization. Monitor the files for unauthorized changes.

B.

Regularly use SHA-256 to hash the directory containing the sensitive information. Monitor the files for unauthorized changes.

C.

Place a legal hold on the files Require authorized users to abide by a strict time context access policy. Monitor the files for unauthorized changes.

D.

Use Wireshark to scan all traffic to and from the directory. Monitor the files for unauthorized changes.

Question 74

An organization has the following risk mitigation policies

• Risks without compensating controls will be mitigated first it the nsk value is greater than $50,000

• Other nsk mitigation will be pnontized based on risk value.

The following risks have been identified:

Which of the following is the ordei of priority for risk mitigation from highest to lowest?

Options:

A.

A, C, D, B

B.

B, C, D, A

C.

C, B, A, D

D.

C. D, A, B

E.

D, C, B, A

Question 75

An incident response plan requires systems that contain critical data to be triaged first in the event of a compromise. Which of the following types of data would most likely be classified as critical?

Options:

A.

Encrypted data

B.

data

C.

Masked data

D.

Marketing data

Page: 18 / 27
Exam Code: CS0-002
Exam Name: CompTIA CySA+ Certification Exam (CS0-002)
Last Update: Dec 4, 2024
Questions: 372
CS0-002 pdf

CS0-002 PDF

$29.75  $84.99
CS0-002 Engine

CS0-002 Testing Engine

$33.25  $94.99
CS0-002 PDF + Engine

CS0-002 PDF + Testing Engine

$47.25  $134.99