Monday, 24 February 2020

CompTIA CS0-001 Questions Answers

A security analyst is creating baseline system images to remediate vulnerabilities found in different operating systems. Each image needs to be scanned before it is deployed. The security analyst must ensure the configurations match industry standard benchmarks and the process can be repeated frequently. Which of the following vulnerability options would BEST create the process requirements?

A. Utilizing an operating system SCAP plugin
B. Utilizing an authorized credential scan
C. Utilizing a non-credential scan
D. Utilizing a known malware plugin

Answer: A


A cybersecurity analyst is retained by a firm for an open investigation. Upon arrival, the cybersecurity analyst reviews several security logs.
Given the following snippet of code:


Which of the following combinations BEST describes the situation and recommendations to be made for this situation?

A. The cybersecurity analyst has discovered host 192.168.0.101 using Windows Task Scheduler at 13:30 to runnc.exe; recommend proceeding with the next step of removing the host from the network.
B. The cybersecurity analyst has discovered host 192.168.0.101 to be running thenc.exe file at 13:30 using the auto cron job remotely, there are no
recommendations since this is not a threat currently.
C. The cybersecurity analyst has discovered host 192.168.0.101 is beaconing every day at 13:30 using thenc.exe file; recommend proceeding with the next step of removing the host from the network.
D. The security analyst has discovered host 192.168.0.101 is a rogue device on the network, recommend proceeding with the next step of removing the host from the network.

Answer: A

Wednesday, 2 October 2019

CompTIA CS0-001 Questions Answers

Review the following results:



Which of the following has occurred?

A. This is normal network traffic.
B. 123.120.110.212 is infected with a Trojan.
C. 172.29.0.109 is infected with a worm.
D. 172.29.0.109 is infected with a Trojan.

Answer: A

Friday, 14 December 2018

CompTIA CS0-001 Questions Answers

A system administrator recently deployed and verified the installation of a critical patch issued by the company’s primary OS vendor. This patch was supposed to remedy a vulnerability that would allow an adversary to remotely execute code from over the network. However, the administrator just ran a vulnerability assessment of networked systems, and each of them still reported having the same vulnerability. Which of the following if the MOST likely explanation for this?

A. The administrator entered the wrong IP range for the assessment.
B. The administrator did not wait long enough after applying the patch to run the assessment.
C. The patch did not remediate the vulnerability.
D. The vulnerability assessment returned false positives.

Answer: C


An incident response report indicates a virus was introduced through a remote host that was connected to corporate resources. A cybersecurity analyst has been asked for a recommendation to solve this issue. Which of the following should be applied?

A. MAC
B. TAP
C. NAC
D. ACL

Answer: C

Sunday, 22 July 2018

CompTIA CS0-001 Question Answer

A reverse engineer was analyzing malware found on a retailer’s network and found code extracting track data in memory. Which of the following threats did the engineer MOST likely uncover?

A. POS malware
B. Rootkit
C. Key logger
D. Ransomware

Answer: A


Due to new regulations, a company has decided to institute an organizational vulnerability management program and assign the function to the security team. Which of the following frameworks would BEST support the program? (Select two.)


A. COBIT
B. NIST
C. ISO 27000 series
D. ITIL
E. OWASP

Answer: DE

Wednesday, 28 February 2018

CompTIA CS0-001 Question Answer

security analyst is reviewing IDS logs and notices the following entry:
Which of the following attacks is occurring?

A. Cross-site scripting
B. Header manipulation
C. SQL injection
D. XML injection

Answer: C


A company that is hiring a penetration tester wants to exclude social engineering from the list of authorized activities. Which of the following documents should include these details?

A. Acceptable use policy
B. Service level agreement
C. Rules of engagement
D. Memorandum of understanding
E. Master service agreement

Answer: B

Thursday, 28 December 2017

PPCC Launches Cybersecurity Degree


Pikes Peak Community College will offer a cybersecurity degree beginning in the spring of 2018.

The Associate in Applied Science in Cybersecurity is being presented in addition to the preparatory courses for cybersecurity testing that PPCC has offered since 2016.

"We know how essential cybersecurity is for our country and our region," PPCC president Lance Bolton said in an email. "No one else is better positioned than Pikes Peak to get the number of trained professionals needed for those jobs and to grow that vital workforce."

According to a PPCC press release, there are currently 1,434 open positions for people with Security + certification in the Pikes Peak region, which makes it one of the regions with the highest demand for cybersecurity in the country.

The new degree program prepares students for the Cisco Certified Network Associate Security certification test (CCNA Security) or the Security + certification (CompTIA Security +) certification from the Computing Technology Industry Association, according to the statement, and graduates can follow careers as cyber security analysts, information systems, security engineers and systems design engineers, among others.

With two new cyber labs on its Rampart Range and Centennial Campus and a pending lease agreement for an additional cybersecurity lab facility on Catalyst Campus, PPCC can provide hands-on training to 75 qualified students, the statement said.

In addition, PPCC non-credit cybersecurity workshops are intended to provide IT enthusiasts and professionals with the skills and knowledge they need to pass the Network +, Security + and Hacker Certified Ethics (CEH) exams, which are the standards of the industry for professionals working in cybersecurity.

Using new cybersecurity ranges, students work in realistic settings in the lab. According to the statement, accelerated PPCC courses cost significantly less than most test preparation camps and, although they do not count toward a college degree, they come with a voucher to take the industry certification exam at no additional cost.

Friday, 27 October 2017

CompTIA CS0-001 Question Answer

A security audit revealed that port 389 has been used instead of 636 when connecting to LDAP for the authentication of users. The remediation recommended by the audit was to switch the port to 636 wherever technically possible. Which of the following is the BEST response?

A. the audit. This finding is a well-known false positive; the services that typically run on 389 and 636 are identical.
B. Change all devices and servers that support it to 636, as encrypted services run by default on 636.
C. Change all devices and servers that support it to 636, as 389 is a reserved port that requires root access and can expose the server to privilege escalation attacks.
D. the audit. This finding is accurate, but the remediation is to update encryption keys on each of the servers to match port 636.

Answer: B