The new CS0-001 dumps (Aug/2018 Updated) now are available, here are part of CS0-001 exam questions (FYI):
[Get the download link at the end of this post]
NEW QUESTION 175
A pharmacy gives its clients online access to their records and the ability to review bills and make payments. A new SSL vulnerability on a special platform was discovered, allowing an attacker to capture the data between the end user and the web server providing these services. After investigating the platform vulnerability, it was determined that the web services provided are being impacted by this new threat. Which of the following data types are MOST likely at risk of exposure based on this new threat? (Choose two.)
A. Cardholder data
B. Intellectual property
C. Personal health information
D. Employee records
E. Corporate financial data
NEW QUESTION 176
The security configuration management policy states that all patches must undergo testing procedures before being moved into production. The security analyst notices a single web application server has been downloading and applying patches during non-business hours without testing. There are no apparent adverse reactions, server functionality does not seem to be affected, and no malware was found after a scan. Which of the following actions should the analyst take?
A. Reschedule the automated patching to occur during business hours.
B. Monitor the web application service for abnormal bandwidth consumption.
C. Create an incident ticket for anomalous activity.
D. Monitor the web application for service interruptions caused from the patching.
NEW QUESTION 177
A malware infection spread to numerous workstations within the marketing department. The workstations were quarantined and replaced with machines. Which of the following represents a FINAL step in the eradication of the malware?
A. The workstations should be isolated from the network.
B. The workstations should be donated for reuse.
C. The workstations should be reimaged.
D. The workstations should be patched and scanned.
NEW QUESTION 178
An analyst has noticed unusual activities in the SIEM to a .cn domain name. Which of the following should the analyst use to identify the content of the traffic?
A. Log review
B. Service discovery
C. Packet capture
D. DNS harvesting
NEW QUESTION 179
An investigation showed a worm was introduced from an engineer's laptop. It was determined the company does not provide engineers with company-owned laptops, which would be subject to company policy and technical controls. Which of the following would be the MOST secure control implement?
A. Deploy HIDS on all engineer-provided laptops, and put a new router in the management network.
B. Implement role-based group policies on the management network for client access.
C. Utilize a jump box that is only allowed to connect to clients from the management network.
D. Deploy a company-wide approved engineering workstation for management access.
NEW QUESTION 180
A Chief Information Security Officer (CISO) wants to standardize the company's security program so it can be objectively assessed as part of an upcoming audit requested by management. Which of the following would holistically assist in this effort?
NEW QUESTION 181
A cybersecurity analyst was hired to resolve a security issue within a company after it was reported that many employee account passwords had been compromised. Upon investigating the incident, the cybersecurity analyst found that a brute force attack was launched against the company. Which of the following remediation actions should the cybersecurity analyst recommend to senior management to address these security issues?
A. Prohibit password reuse using a GPO.
B. Deploy multifactor authentication.
C. Require security awareness training.
D. Implement DLP solution.
NEW QUESTION 182
A zero-day crypto-worm is quickly spreading through the internal network on port 25 and exploiting a software vulnerability found within the email servers. Which of the following countermeasures needs to be implemented as soon as possible to mitigate the worm from continuing to spread?
A. Implement a traffic sinkhole.
B. Block all known port/services.
C. Isolate impacted servers.
D. Patch affected systems.
NEW QUESTION 183
Scan results identify critical Apache vulnerabilities on a company's web servers. A security analyst believes many of these results are false positives because the web environment mostly consists of Windows servers. Which of the following is the BEST method of verifying the scan results?
A. Run a service discovery scan on the identified servers.
B. Refer to the identified servers in the asset inventory.
C. Perform a top-ports scan against the identified servers.
D. Review logs of each host in the SIEM.
NEW QUESTION 184
A company has received the results of an external vulnerability scan from its approved scanning vendor. The company is required to remediate these vulnerabilities for clients within 72 hours of acknowledgement of the scan results. Which of the following contract breaches would result if this remediation is not provided for clients within the time frame?
A. Service level agreement
B. Regulatory compliance
C. Memorandum of understanding
D. Organizational governance
NEW QUESTION 185
A systems administrator is trying to secure a critical system. The administrator has placed the system behind a firewall, enabled strong authentication, and required all administrators of this system to attend mandatory training. Which of the following BEST describes the control being implemented?
A. Audit remediation
B. Defense in depth
C. Access control
D. Multifactor authentication
NEW QUESTION 186
A retail corporation with widely distributed store locations and IP space must meet PCI requirements relating to vulnerability scanning. The organization plans to outsource this function to a third party to reduce costs. Which of the following should be used to communicate expectations related to the execution of scans?
A. Vulnerability assessment report
B. Lessons learned documentation
NEW QUESTION 187
The primary difference in concern between remediating identified vulnerabilities found in general-purpose IT network servers and that of SCADA systems is that ____.
A. change and configuration management processes do not address SCADA systems
B. doing so has a greater chance of causing operational impact in SCADA systems
C. SCADA systems cannot be rebooted to have changes to take effect
D. patch installation on SCADA systems cannot be verified
NEW QUESTION 188
A security analyst at a small regional bank has received an alert that nation states are attempting to infiltrate financial institutions via phishing campaigns. Which of the following techniques should the analyst recommend as a proactive measure to defend against this type of threat?
B. Location-based NAC
C. System isolation
D. Mandatory access control
E. Bastion host
NEW QUESTION 189
Download more NEW PassLeader CS0-001 PDF dumps from Google Drive here:
Read the newest PassLeader CS0-001 exam questions from this Blog: