CS0-002 CompTIA Exam Questions and Free Practice Test

Question 37

A system administrator is doing network reconnaissance of a company’s external network to determine the vulnerability of various services that are running. Sending some sample traffic to the external host, the administrator obtains the following packet capture:
CS0-002 dumps exhibit
Based on the output, which of the following services should be further tested for vulnerabilities?

A. SSH

B. HTTP

C. SMB

D. HTTPS

Correct Answer:C

Question 38

A security analyst needs to assess the web server versions on a list of hosts to determine which are running a vulnerable version of the software and output that list into an XML file named Webserverlist. Xml. The host list is provided in a file named werbserverlist,text. Which of the fallowing Nmap commands would BEST accomplish this goal?
A)
CS0-002 dumps exhibit
B)

C)

D)

A. Option A

B. Option B

C. Option C

D. Option D

Correct Answer:A

Question 39

Welcome to the Enterprise Help Desk System. Please work the ticket escalated to you in the desk ticket queue. INSTRUCTIONS
Click on me ticket to see the ticket details Additional content is available on tabs within the ticket
First, select the appropriate issue from the drop-down menu. Then, select the MOST likely root cause from second drop-down menu
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button
CS0-002 dumps exhibit

Solution:

Does this meet the goal?

A. Yes

B. No

Correct Answer:A

Question 40

A security analyst discovers a vulnerability on an unpatched web server that is used for testing machine learning on Bing Data sets. Exploitation of the vulnerability could cost the organization $1.5 million in lost productivity. The server is located on an isolated network segment that has a 5% chance of being compromised. Which of the following is the value of this risk?

A. $75.000

B. $300.000

C. $1.425 million

D. $1.5 million

Correct Answer:A

Question 41

A security analyst for a large financial institution is creating a threat model for a specific threat actor that is likely targeting an organization's financial assets.
Which of the following is the BEST example of the level of sophistication this threat actor is using?

A. Social media accounts attributed to the threat actor

B. Custom malware attributed to the threat actor from prior attacks

C. Email addresses and phone numbers tied to the threat actor

D. Network assets used in previous attacks attributed to the threat actor

E. IP addresses used by the threat actor for command and control

Correct Answer:D

Question 42

An information security analyst is compiling data from a recent penetration test and reviews the following output:
CS0-002 dumps exhibit
The analyst wants to obtain more information about the web-based services that are running on the target. Which of the following commands would MOST likely provide the needed information?

A. ping -t 10.79.95.173.rdns.datacenters.com

B. telnet 10.79.95.173 443

C. ftpd 10.79.95.173.rdns.datacenters.com 443

D. tracert 10.79.95.173

Correct Answer:B

START CS0-002 EXAM