A security analyst is investigating a malware infection that occurred on a Windows system. The system was not connected to a network and had no wireless capability Company policy prohibits using portable media or mobile storage The security analyst is trying to determine which user caused the malware to get onto the system Which of the following registry keys would MOST likely have this information?
A)
B)
C)
D)

AOption A

BOption B

COption C

DOption D

1 answers

90 votes

999

Answer Link

While investigating an incident in a company's SIEM console, a security analyst found hundreds of failed SSH login attempts, which all occurred in rapid succession. The failed attempts were followed by a successful login on the root user Company policy allows systems administrators to manage their systems only from the company's internal network using their assigned corporate logins. Which of the following are the BEST actions the analyst can take to stop any further compromise? (Select TWO).

AConfigure /etc/sshd_config to deny root logins and restart the SSHD service.

BAdd a rule on the network IPS to block SSH user sessions

CConfigure /etc/passwd to deny root logins and restart the SSHD service.

DReset the passwords for all accounts on the affected system.

EAdd a rule on the perimeter firewall to block the source IP address.

FAdd a rule on the affected system to block access to port TCP/22.

1 answers

96 votes

1253

A, E

Answer Link

A custom script monitors real-time

AAccess to logs may be delayed for some time.

BSAML logging is not supported for cloud-based authentication.

CLog data may be visible to other customers.

DLogs may contain incorrect information

1 answers

81 votes

1271

Answer Link

A security analyst is auditing firewall rules with the goal of scanning some known ports to check the firewall's behavior and responses. The analyst executes the following commands.
Which of the following BEST describes the firewall rule?

AREJECT with --tcp-reset

BDROP

CLOG -log-tcp-sequence

DDNAt -to-destination 1.1.1.1:3000

1 answers

80 votes

1202

Answer Link

A security analyst needs to assess the web server versions on a list of hosts to determine which are running a vulnerable version of the software and output that list into an XML file named Webserverlist. Xml. The host list is provided in a file named werbserverlist,text. Which of the fallowing Nmap commands would BEST accomplish this goal?
A)
B)
C)
D)

AOption A

BOption B

COption C

DOption D

1 answers

97 votes

1008

Answer Link

CompTIA CS0-002 Quiz:2 Topic:5 Questions:6-10

Free Practice Mock Questions Set 6-10 (Quiz # 2) for CompTIA CS0-002 Exam, according to official CompTIA Cybersecurity Analyst (CySA+) exam syllabus topic # 5

Quiz 1

Quiz 2

Quiz 3

Quiz 4

Quiz 5

A custom script monitors real-time

A security analyst is auditing firewall rules with the goal of scanning some known ports to check the firewall's behavior and responses. The analyst executes the following commands.Which of the following BEST describes the firewall rule?

CompTIA CS0-002 Quiz:2 Topic:5 Questions:6-10

A security analyst is auditing firewall rules with the goal of scanning some known ports to check the firewall's behavior and responses. The analyst executes the following commands.
Which of the following BEST describes the firewall rule?