CS0-002 Exam Dumps | An organization has the following policies: *Services must run on standard ports. *Unneeded services

Home
CompTIA
CompTIA Cybersecurity Analyst (CySA+) Certification Exam
CuramSoftware.CS0-002.v2023-09-19.q116
Question 5

Valid CS0-002 Dumps shared by ExamDiscuss.com for Helping Passing CS0-002 Exam! ExamDiscuss.com now offer the newest CS0-002 exam dumps, the ExamDiscuss.com CS0-002 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com CS0-002 dumps with Test Engine here:

Access CS0-002 Dumps Premium Version
(371 Q&As Dumps, 35%OFF Special Discount Code: freecram)

<< Prev Question Next Question >>

Question 5/116

An organization has the following policies:
*Services must run on standard ports.
*Unneeded services must be disabled.
The organization has the following servers:
*192.168.10.1 - web server
*192.168.10.2 - database server
A security analyst runs a scan on the servers and sees the following output:

Which of the following actions should the analyst take?

A. Disable HTTPS on 192.168.10.1.

B. Disable IIS on 192.168.10.1.

C. Disable DNS on 192.168.10.2.

D. Disable MSSQL on 192.168.10.2.

E. Disable SSH on both servers.

Correct Answer: E

SSH stands for Secure Shell, which is a protocol that allows remote access and administration of a server. If the organization has a policy that services must run on standard ports and unneeded services must be disabled, then SSH should be disabled on both servers, because it runs on port 22, which is not a standard port for a web server or a database server, and it is not needed for those servers to function properly. Disabling HTTPS on 192.168.10.1, disabling IIS on 192.168.10.1, disabling DNS on 192.168.10.1, or disabling MSSQL on 192.168.10.2 are not appropriate actions, because they would affect the functionality of the web server or the database server and violate the organization's policy of running services on standard ports. Reference: https://www.ssh.com/ssh/port

Your email address will not be published. Required fields are marked *

Comment: *

Name: *

Email: *

Rating: *

Verification: *

Question List (116q): Question 1: Industry partners from critical infrastructure organizations...; Question 2: A threat hurting team received a new loC from an ISAC that f...; Question 3: A security analyst sees the following OWASP ZAP output from ...; Question 4: At which of the following phases of the SDLC shoukJ security...; Question 5: An organization has the following policies: *Services must r...; Question 6: The following output is from a tcpdump al the edge of the co...; Question 7: A manufacturing company uses a third-party service provider ...; Question 8: Which of the following factors would determine the regulatio...; Question 9: An organization has the following risk mitigation policy: Ri...; Question 10: A company employee downloads an application from the interne...; Question 11: After a remote command execution incident occurred on a web ...; Question 12: An organization has a policy that requires servers to be ded...; Question 13: An organization prohibits users from logging in to the admin...; Question 14: In web application scanning, static analysis refers to scann...; Question 15: A security analyst is reviewing the output of tcpdump to ana...; Question 16: A security analyst recently observed evidence of an attack a...; Question 17: A security analyst is reviewing the following log entries to...; Question 18: Company A is m the process of merging with Company B As part...; Question 19: Which of the following BEST describes how logging and monito...; Question 20: A company's Chief Information Security Officer (CISO) publis...; Question 21: While implementing a PKI for a company, a security analyst p...; Question 22: A security technician configured a NIDS to monitor network t...; Question 23: Which of the following APT adversary archetypes represent no...; Question 24: The majority of a company's employees have stated they are u...; Question 25: A security analyst is reviewing WAF alerts and sees the foll...; Question 26: The Chief Information Security Officer (CISO) of a large fin...; Question 27: In response to an audit finding, a company's Chief informati...; Question 28: You are a penetration tester who is reviewing the system har...; Question 29: Which of the following software assessment methods world pea...; Question 30: A code review reveals a web application is using lime-based ...; Question 31: An analyst is reviewing the following output as part of an i...; Question 32: A security technician is testing a solution that will preven...; Question 33: The security team decides to meet informally to discuss and ...; Question 34: During a company's most recent incident, a vulnerability in ...; Question 35: An organizational policy requires one person to input accoun...; Question 36: During an Incident, it Is determined that a customer databas...; Question 37: A security analyst is monitoring a company's network traffic...; Question 38: While investigating reports or issues with a web server, a s...; Question 39: Which of the following BEST describes how logging and monito...; Question 40: Which of the following are considered PII by themselves? (Se...; Question 41: The help desk is having difficulty keeping up with all onboa...; Question 42: A security analyst needs to provide a copy of a hard drive f...; Question 43: Given the Nmap request below: (Exhibit) Which of the followi...; Question 44: During an audit, several customer order forms were found to ...; Question 45: While reviewing a vulnerability assessment, an analyst notic...; Question 46: Which of the following is a reason to use a nsk-based cybers...; Question 47: To validate local system-hardening requirements, which of th...; Question 48: During an incident response procedure, a security analyst co...; Question 49: An analyst is responding 10 an incident involving an attack ...; Question 50: An incident response team is responding to a breach of multi...; Question 51: Wncn ol the following provides an automated approach 10 chec...; Question 52: Which of the following is the BEST way to gather patch infor...; Question 53: A company offers a hardware security appliance to customers ...; Question 54: A security analyst is investigating a compromised Linux serv...; Question 55: An organization is developing software to match customers' e...; Question 56: During an audit several customer order forms were found to c...; Question 57: Which of the following is an advantage of SOAR over SIEM?...; Question 58: A security analyst who works in the SOC receives a new requi...; Question 59: A cyber-security analyst is implementing a new network confi...; Question 60: An IT security analyst has received an email alert regarding...; Question 61: After a series of Group Policy Object updates, multiple serv...; Question 62: A security analyst is investigating a reported phishing atte...; Question 63: A security engineer is reviewing security products that iden...; Question 64: Which of the following organizational initiatives would be M...; Question 65: Which of the following BEST explains the function of a manag...; Question 66: A Chief Executive Officer (CEO) is concerned about the compa...; Question 67: A security manager has asked an analyst to provide feedback ...; Question 68: A help desk technician inadvertently sent the credentials of...; Question 69: A security analyst is reviewing the following server statist...; Question 70: Which of the following is the software development process b...; Question 71: Which of the following BEST explains the function of trusted...; Question 72: A customer notifies a security analyst that a web applicatio...; Question 73: The IT department is concerned about the possibility of a gu...; Question 74: Which of the following ICS network protocols has no inherent...; Question 75: A company's legal department is concerned that its incident ...; Question 76: Due to a rise m cyberattackers seeking PHI, a healthcare com...; Question 77: A security officer needs to find the most cost-effective sol...; Question 78: An organization wants to move non-essential services into a ...; Question 79: During routine monitoring a security analyst identified the ...; Question 80: The developers recently deployed new code to three web serve...; Question 81: A security analyst is attempting to resolve an incident in w...; Question 82: industry partners from critical infrastructure organizations...; Question 83: To prioritize the morning's work, an analyst is reviewing se...; Question 84: An organization is focused on restructuring its data governa...; Question 85: A company is experiencing a malware attack within its networ...; Question 86: A company has a cluster of web servers that is critical to t...; Question 87: Legacy medical equipment, which contains sensitive data, can...; Question 88: A Chief Information Officer wants to implement a BYOD strate...; Question 89: Which of the following BEST describes HSM?...; Question 90: An email analysis system notifies a security analyst that th...; Question 91: Ensuring that all areas of security have the proper controls...; Question 92: An organization supports a large number of remote users. Whi...; Question 93: While conducting a cloud assessment, a security analyst perf...; Question 94: A new variant of malware is spreading on the company network...; Question 95: A security analyst is handling an incident in which ransomwa...; Question 96: Which of the following are the MOST likely reasons lo includ...; Question 97: A security analyst needs to provide the development team wit...; Question 98: A company's application development has been outsourced to a...; Question 99: A security analyst performs various types of vulnerability s...; Question 100: A security analyst is researching ways to improve the securi...; Question 101: After examining a header and footer file, a security analyst...; Question 102: An organization wants to ensure the privacy of the data that...; Question 103: A security analyst is concerned the number of security incid...; Question 104: A company recently experienced a breach of sensitive informa...; Question 105: As part of an Intelligence feed, a security analyst receives...; Question 106: A development team recently released a new version of a publ...; Question 107: A security is reviewing a vulnerability scan report and note...; Question 108: A product manager is working with an analyst to design a new...; Question 109: A company uses an FTP server to support its critical busines...; Question 110: A small business does not have enough staff in the accountin...; Question 111: An organization has the following risk mitigation policies *...; Question 112: Which of the following is MOST dangerous to the client envir...; Question 113: An organization is adopting loT devices at an increasing rat...; Question 114: An analyst determines a security incident has occurred Which...; Question 115: A company's Chief Information Officer wants to use a CASB so...; Question 116: During a routine review of service restarts a security analy...

[×]

Download PDF File

Enter your email address to download CuramSoftware.CS0-002.v2023-09-19.q116.pdf

Email:

Disclaimer:
Freecram doesn't offer Real GIAC Exam Questions. Freecram doesn't offer Real SAP Exam Questions. Freecram doesn't offer Real (ISC)² Exam Questions. Freecram doesn't offer Real CompTIA Exam Questions. Freecram doesn't offer Real Microsoft Exam Questions.
Oracle and Java are registered trademarks of Oracle and/or its affiliates.
Freecram material do not contain actual actual Oracle Exam Questions or material.
Microsoft®, Azure®, Windows®, Windows Vista®, and the Windows logo are registered trademarks of Microsoft Corporation.
Freecram Materials do not contain actual questions and answers from Cisco's Certification Exams. The brand Cisco is a registered trademark of CISCO, Inc.
CFA Institute does not endorse, promote or warrant the accuracy or quality of these questions. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
Freecram does not offer exam dumps or questions from actual exams. We offer learning material and practice tests created by subject matter experts to assist and help learners prepare for those exams. All certification brands used on the website are owned by the respective brand owners. Freecram does not own or claim any ownership on any of the brands.

Question 5/116

LEAVE A REPLY

Download PDF File