2019 Free Microsoft EnsurePass CS0-001 Dumps VCE and PDF Download Part 6

EnsurePass
Exam Dumps
CS0-001 Dumps VCE and PDF
2019 CS0-001 Dumps VCE and PDF

 

QUESTION 51

Given the following access log:

 

image069

 

Which of the following accurately describes what this log displays?

 

A.

A vulnerability in jQuery

B.

Application integration with an externally hosted database

C.

A vulnerability scan performed from the Internet

D.

A vulnerability in Javascript

 

Correct Answer: C

 

 

QUESTION 52

The new Chief Technology Officer (CTO) is seeking recommendations for network monitoring services for the local intranet. The CTO would like the capability to monitor all traffic to and from the gateway, as well as the capability to block certain content. Which of the following recommendations would meet the needs of the organization?

 

A.

Recommend setup of IP filtering on both the internal and external interfaces of the gateway router.

B.

Recommend installation of an IDS on the internal interface and a firewall on the external interface of the gateway router.

C.

Recommend installation of a firewall on the internal interface and a NIDS on the external interface of the gateway router.

D.

Recommend installation of an IPS on both the internal and external interfaces of the gateway router.

 

Correct Answer: C

 

 

QUESTION 53

A cybersecurity analyst has received the laptop of a user who recently left the company. The analyst types `history’ into the prompt, and sees this line of code in the latest bash history:

 

image070

 

This concerns the analyst because this subnet should not be known to users within the company. Which of the following describes what this code has done on the network?

 

A.

Performed a ping sweep of the Class C network.

B.

Performed a half open SYB scan on the network.

C.

Sent 255 ping packets to each host on the network.

D.

Sequentially sent an ICMP echo reply to the Class C network.

Correct Answer: A

 

 

QUESTION 54

A recent audit has uncovered several coding errors and a lack of input validation being used on a public portal. Due to the nature of the portal and the severity of the errors, the portal is unable to be patched. Which of the following tools could be used to reduce the risk of being compromised?

 

A.

Web application firewall

B.

Network firewall

C.

Web proxy

D.

Intrusion prevention system

 

Correct Answer: A

 

 

QUESTION 55

Which of the following principles describes how a security analyst should communicate during an incident?

 

A.

The communication should be limited to trusted parties only.

B.

The communication should be limited to security staff only.

C.

The communication should come from law enforcement.

D.

The communication should be limited to management only.

 

Correct Answer: B

 

 

QUESTION 56

After scanning the main company’s website with the OWASP ZAP tool, a cybersecurity analyst is reviewing the following warning:

 

image071

 

The analyst reviews a snippet of the offending code:

 

image072

 

Which of the following is the BEST course of action based on the above warning and code snippet?

 

A.

The analyst should implement a scanner exception for the false positive.

B.

The system administrator should disable SSL and implement TLS.

C.

The developer should review the code and implement a code fix.

D.

The organization should update the browser GPO to resolve the issue.

 

Correct Answer: D

 

 

QUESTION 57

A security analyst has noticed an alert from the SIEM. A workstation is repeatedly trying to connect to port 445 of a file server on the production network. All of the attempts are made with invalid credentials. Which of the following describes what is occurring?

 

A.

Malware has infected the workstation and is beaconing out to the specific IP address of the file server.

B.

The file server is attempting to transfer malware to the workstation via SMB.

C.

An attacker has gained control of the workstation and is attempting to pivot to the file server by creating an SMB session.

D.

An attacker has gained control of the workstation and is port scanning the network.

 

Correct Answer: C

 

 

QUESTION 58

A security analyst is performing a review of Active Directory and discovers two new user accounts in the accounting department. Neither of the users has elevated permissions, but accounts in the group are given access to the company’s sensitive financial management application by default. Which of the following is the BEST course of action?

 

A.

Follow the incident response plan for the introduction of new accounts

B.

Disable the user accounts

C.

Remove the accounts’ access privileges to the sensitive application

D.

Monitor the outbound traffic from the application for signs of data exfiltration

E.

Confirm the accounts are valid and ensure role-based permissions are appropriate

 

Correct Answer: E

 

 

QUESTION 59

A security analyst has created an image of a drive from an incident. Which of the following describes what the analyst should do NEXT?

 

A.

The analyst should create a backup of the drive and then hash the drive.

B.

The analyst should begin analyzing the image and begin to report findings.

C.

The analyst should create a hash of the image and compare it to the original drive’s hash.

D.

The analyst should create a chain of custody document and notify stakeholders.

 

Correct Answer: C

 

 

QUESTION 60

A system administrator recently deployed and verified the installation of a critical patch issued by the company’s primary OS vendor. This patch was supposed to remedy a vulnerability that would allow an adversary to remotely execute code from over the network. However, the administrator just ran a vulnerability assessment of networked systems, and each of them still reported having the same vulnerability. Which of the following is the MOST likely explanation for this?

 

A.

The administrator entered the wrong IP range for the assessment.

B.

The administrator did not wait long enough after applying the patch to run the assessment.

C.

The patch did not remediate the vulnerability.

D.

The vulnerability assessment returned false positives.

 

Correct Answer: C


Leave a Reply

Your email address will not be published. Required fields are marked *

  • Categories

  • Tags

  • Hot Exams

  • Hot Exams

  • Hot Catageories

  • microsoft dumps

    62-193 Dumps
    70-243 Dumps
    70-246 Dumps
    70-247 Dumps
    70-331 Dumps
    70-332 Dumps
    70-333 Dumps
    70-334 Dumps
    70-339 Dumps
    70-341 Dumps
    70-342 Dumps
    70-345 Dumps
    70-346 Dumps
    70-347 Dumps
    70-348 Dumps
    70-354 Dumps
    70-355 Dumps
    70-357 Dumps
    70-383 Dumps
    70-384 Dumps
    70-385 Dumps
    70-398 Dumps
    70-410 Dumps
    70-411 Dumps
    70-412 Dumps
    70-413 Dumps
    70-414 Dumps
    70-417 Dumps
    70-461 Dumps
    70-462 Dumps
    70-463 Dumps
    70-464 Dumps
    70-465 Dumps
    70-466 Dumps
    70-467 Dumps
    70-469 Dumps
    70-470 Dumps
    70-473 Dumps
    70-475 Dumps
    70-480 Dumps
    70-481 Dumps
    70-482 Dumps
    70-483 Dumps
    70-484 Dumps
    70-485 Dumps
    70-486 Dumps
    70-487 Dumps
    70-488 Dumps
    70-489 Dumps
    70-490 Dumps
    70-491 Dumps
    70-492 Dumps
    70-494 Dumps
    70-496 Dumps
    70-497 Dumps
    70-498 Dumps
    70-499 Dumps
    70-517 Dumps
    70-532 Dumps
    70-533 Dumps
    70-534 Dumps
    70-535 Dumps
    70-537 Dumps
    70-640 Dumps
    70-642 Dumps
    70-646 Dumps
    70-673 Dumps
    70-680 Dumps
    70-681 Dumps
    70-682 Dumps
    70-684 Dumps
    70-685 Dumps
    70-686 Dumps
    70-687 Dumps
    70-688 Dumps
    70-689 Dumps
    70-692 Dumps
    70-694 Dumps
    70-695 Dumps
    70-696 Dumps
    70-697 Dumps
    70-698 Dumps
    70-703 Dumps
    70-705 Dumps
    70-713 Dumps
    70-734 Dumps
    70-735 Dumps
    70-740 Dumps
    70-741 Dumps
    70-742 Dumps
    70-743 Dumps
    70-744 Dumps
    70-745 Dumps
    70-761 Dumps
    70-762 Dumps
    70-764 Dumps
    70-765 Dumps
    70-767 Dumps
    70-768 Dumps
    70-773 Dumps
    70-774 Dumps
    70-775 Dumps
    70-776 Dumps
    70-778 Dumps
    70-779 Dumps
    70-980 Dumps
    70-981 Dumps
    70-982 Dumps
    74-343 Dumps
    74-344 Dumps
    74-409 Dumps
    74-678 Dumps
    74-697 Dumps
    77-418 Dumps
    77-419 Dumps
    77-420 Dumps
    77-421 Dumps
    77-422 Dumps
    77-423 Dumps
    77-424 Dumps
    77-425 Dumps
    77-426 Dumps
    77-427 Dumps
    77-428 Dumps
    77-600 Dumps
    77-601 Dumps
    77-602 Dumps
    77-603 Dumps
    77-604 Dumps
    77-605 Dumps
    77-725 Dumps
    77-726 Dumps
    77-727 Dumps
    77-728 Dumps
    77-729 Dumps
    77-730 Dumps
    77-731 Dumps
    77-853 Dumps
    77-881 Dumps
    77-882 Dumps
    77-883 Dumps
    77-884 Dumps
    77-885 Dumps
    77-886 Dumps
    77-887 Dumps
    77-888 Dumps
    77-891 Dumps
    98-349 Dumps
    98-361 Dumps
    98-362 Dumps
    98-363 Dumps
    98-364 Dumps
    98-365 Dumps
    98-366 Dumps
    98-367 Dumps
    98-368 Dumps
    98-369 Dumps
    98-372 Dumps
    98-373 Dumps
    98-374 Dumps
    98-375 Dumps
    98-379 Dumps
    98-380 Dumps
    98-381 Dumps
    98-382 Dumps
    98-383 Dumps
    98-388 Dumps
    AZ-100 Dumps
    AZ-101 Dumps
    AZ-102 Dumps
    INF-203x Dumps
    INF-204x Dumps
    INF-205x Dumps
    INF-206x Dumps
    MB2-700 Dumps
    MB2-701 Dumps
    MB2-702 Dumps
    MB2-703 Dumps
    MB2-704 Dumps
    MB2-706 Dumps
    MB2-707 Dumps
    MB2-708 Dumps
    MB2-709 Dumps
    MB2-710 Dumps
    MB2-711 Dumps
    MB2-712 Dumps
    MB2-713 Dumps
    MB2-714 Dumps
    MB2-715 Dumps
    MB2-716 Dumps
    MB2-717 Dumps
    MB2-718 Dumps
    MB2-719 Dumps
    MB2-877 Dumps
    MB5-705 Dumps
    MB6-700 Dumps
    MB6-701 Dumps
    MB6-702 Dumps
    MB6-703 Dumps
    MB6-704 Dumps
    MB6-705 Dumps
    MB6-884 Dumps
    MB6-885 Dumps
    MB6-886 Dumps
    MB6-889 Dumps
    MB6-890 Dumps
    MB6-892 Dumps
    MB6-893 Dumps
    MB6-894 Dumps
    MB6-895 Dumps
    MB6-896 Dumps
    MB6-897 Dumps
    MB6-898 Dumps