CompTIA CS0-001 CompTIA Cybersecurity Analyst Exam Practice Test Questions

• Question 1

  A small company Is publishing a new web application to receive customer feedback related to Its products. The web server will only host a form to receive the customer feedback and store It In a local database. The web server is placed In a DMZ network, and the web service and filesystem have been hardened. However, the cybersecurity analyst discovers data from the database can be mined from over the Internet. Which of the following should the cybersecurity analyst recommend be done to provide temporary mitigation from unauthorized access to the database?

  • Configure the database to listen for Incoming connections on the Internal network.
    
  • Change the database connection string and apply necessary patches.
    
  • Configure an ACL in the border firewall to block all connections to the web server for ports different than 80 and 443.
    
  • Deploy a web application firewall to protect the web application from attacks to the database.
    

  Show Answer Answer: 4 Next

• Question 2

  During a recent audit, there were a lot of findings similar to and including the following:Which of the following would be the BEST way to remediate these findings and minimize similar findings in the future?

  • Use an automated patch management solution.
    
  • Remove the affected software programs from the servers.
    
  • Run Microsoft Baseline Security Analyzer on all of the servers.
    
  • Schedule regular vulnerability scans for all servers on the network.
    

  Show Answer Answer: 1 Next

• Question 3

  A security analyst is conducting a vulnerability assessment of older SCADA devices on the corporate network. Which of the following compensating controls is likely to prevent the scans from providing value?

  • Access control list network segmentation that prevents access to the SCADA devices inside the network.
    
  • Detailed and tested firewall rules that effectively prevent outside access of the SCADA devices.
    
  • Implementation of a VLAN that allows all devices on the network to see all SCADA devices on the network.
    
  • SCADA systems configured with 'SCADA SUPPORT'=ENABLE
    

  Show Answer Answer: 1 Next

• Question 4

  The new Chief Technology Officer (CTO) is seeking recommendations for network monitoring services for the local intranet. The CTO would like the capability to monitor all traffic to and from the gateway, as well as the capability to block certain content. Which of the following recommendations would meet the needs of the organization?

  • Recommend setup of IP filtering on both the internal and external interfaces of the gateway router.
    
  • Recommend installation of an IDS on the internal interface and a firewall on the external interface of the gateway router.
    
  • Recommend installation of a firewall on the internal interface and a NIDS on the external interface of the gateway router.
    
  • Recommend installation of an IPS on both the internal and external interfaces of the gateway router.
    

  Show Answer Answer: 3 Next

• Question 5

  The business has been informed of a suspected breach of customer data. The internal audit team, in conjunction with the legal department, has begun working with the cybersecurity team to validate the report. To which of the following response processes should the business adhere during the investigation?

  • The security analysts should not respond to internal audit requests during an active investigation
    
  • The security analysts should report the suspected breach to regulators when an incident occurs
    
  • The security analysts should interview system operators and report their findings to the internal auditors
    
  • The security analysts should limit communication to trusted parties conducting the investigation
    

  Show Answer Answer: 4 Next