2019 Free Microsoft EnsurePass CS0-001 Dumps VCE and PDF Download Part 8

EnsurePass
Exam Dumps
CS0-001 Dumps VCE and PDF
2019 CS0-001 Dumps VCE and PDF

 

QUESTION 71

A system administrator has reviewed the following output:

 

image078

 

Which of the following can a system administrator infer from the above output?

 

A.

The company email server is running a non-standard port.

B.

The company email server has been compromised.

C.

The company is running a vulnerable SSH server.

D.

The company web server has been compromised.

 

Correct Answer: A

 

 

QUESTION 72

A business-critical application is unable to support the requirements in the current password policy because it does not allow the use of special characters. Management does not want to accept the risk of a possible security incident due to weak password standards. Which of the following is an appropriate means to limit the risks related to the application?

 

A.

A compensating control

B.

Altering the password policy

C.

Creating new account management procedures

D.

Encrypting authentication traffic

 

Correct Answer: D

 

 

QUESTION 73

A threat intelligence feed has posted an alert stating there is a critical vulnerability in the kernel. Unfortunately, the company’s asset inventory is not current. Which of the following techniques would a cybersecurity analyst perform to find all affected servers within an organization?

 

A.

A manual log review from data sent to syslog

B.

An OS fingerprinting scan across all hosts

C.

A packet capture of data traversing the server network

D.

A service discovery scan on the network

 

Correct Answer: B

 

 

QUESTION 74

A cybersecurity analyst is reviewing the following outputs:

 

image080

 

Which of the following can the analyst infer from the above output?

 

A.

The remote host is redirecting port 80 to port 8080.

B.

The remote host is running a service on port 8080.

C.

The remote host’s firewall is dropping packets for port 80.

D.

The remote host is running a web server on port 80.

 

Correct Answer: B

 

 

 

 

 

QUESTION 75

A security analyst is reviewing IDS logs and notices the following entry:

 

image081

 

Which of the following attacks is occurring?

 

A.

Cross-site scripting

B.

Header manipulation

C.

SQL injection

D.

XML injection

 

Correct Answer: C

 

 

QUESTION 76

A company that is hiring a penetration tester wants to exclude social engineering from the list of authorized activities. Which of the following documents should include these details?

 

A.

Acceptable use policy

B.

Service level agreement

C.

Rules of engagement

D.

Memorandum of understanding

E.

Master service agreement

 

Correct Answer: C

 

 

QUESTION 77

A technician is running an intensive vulnerability scan to detect which ports are open to exploit. During the scan, several network services are disabled and production is affected. Which of the following sources would be used to evaluate which network service was interrupted?

 

A.

Syslog

B.

Network mapping

C.

Firewall logs

D.

NIDS

 

Correct Answer: A

 

 

QUESTION 78

CORRECT TEXT

The developers recently deployed new code to three web servers. A daily automated external device scan report shows server vulnerabilities that are failing items according to PCI DSS. If the vulnerability is not valid, the analyst must take the proper steps to get the scan clean. If the vulnerability is valid, the analyst must remediate the finding. After reviewing the given information, select the STEP 2 tab in order to complete the simulation by selecting the correct “Validation Result” AND “Remediation Action” for each server listed using the drop down options.

 

Instructions:

If at any time you would like to bring back the initial state of the simulation, please select the Reset button. When you have completed the simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue.

 

image083

image085

image087

image089

image091

image093

 

Correct Answer: See solution below

WEB_SERVER01: VALID – IMPLEMENT SSL/TLS

WEB_SERVER02: VALID – SET SECURE ATTRIBUTE WHEN COOKIE SHOULD SENT VIA HTTPS ONLY

WEB_SERVER03: VALID – IMPLEMENT CA SIGNED CERTIFICATE

 

 

QUESTION 79

A SIEM analyst noticed a spike in activities from the guest wireless network to several electronic health record (EHR) systems. After further analysis, the analyst discovered that a large volume of data has been uploaded to a cloud provider in the last six months. Which of the following actions should the analyst do FIRST?

 

A.

Contact the Office of Civil Rights (OCR) to report the breach

B.

Notify the Chief Privacy Officer (CPO)

C.

Activate the incident response plan

D.

Put an ACL on the gateway router

 

Correct Answer: D

 

 

QUESTION 80

A cybersecurity analyst traced the source of an attack to compromised user credentials. Log analysis revealed that the attacker successfully authenticated from an unauthorized foreign country. Management asked the security analyst to research and implement a solution to help mitigate attacks based on compromised passwords. Which of the following should the analyst implement?

 

A.

Self-service password reset

B.

Single sign-on

C.

Context-based authentication

D.

Password complexity

 

Correct Answer: C

20190508admin

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.