ExamGecko
Home / CompTIA / SK0-005 / List of questions
Ask Question

CompTIA SK0-005 Practice Test - Questions Answers, Page 52

Add to Whishlist

List of questions

Question 511

Report Export Collapse

Which of the following supports the process of collecting a large pool of behavioral observations to inform decision-making?

Become a Premium Member for full access
  Unlock Premium Member

Question 512

Report Export Collapse

An organization is prioritizing efforts to remediate or mitigate risks identified during the latest assessment. For one of the risks, a full remediation was not possible, but the organization was able to successfully apply mitigations to reduce the likelihood of the impact. Which of the following should the organization perform next?

Become a Premium Member for full access
  Unlock Premium Member

Question 513

Report Export Collapse

A security analyst is reviewing the following vulnerability assessment report:

192.168.1.5, Host = Server1, CVSS 7.5, Web Server, Remotely Executable = Yes, Exploit = Yes

205.1.3.5, Host = Server2, CVSS 6.5, Bind Server, Remotely Executable = Yes, Exploit = POC

207.1.5.7, Host = Server3, CVSS 5.5, Email Server, Remotely Executable = Yes, Exploit = Yes

192.168.1.6, Host = Server4, CVSS 9.8, Domain Controller, Remotely Executable = Yes, Exploit = Yes

Which of the following should be patched first to minimize attacks against internet-facing hosts?

Become a Premium Member for full access
  Unlock Premium Member

Question 514

Report Export Collapse

PKI can be used to support security requirements in the change management process. Which of the following capabilities does PKI provide for messages?

Become a Premium Member for full access
  Unlock Premium Member

Question 515

Report Export Collapse

A user from the sales department opened a suspicious file attachment. The sales department then contacted the SOC to investigate a number of unresponsive systems, and the team successfully identified the file and the origin of the attack. Which of the following is the next step of the incident response plan?

Become a Premium Member for full access
  Unlock Premium Member

Question 516

Report Export Collapse

A security analyst is performing a review of a web application. During testing as a standard user, the following error log appears:

Error Message in Database Connection

Connection to host USA-WebApp-Database failed

Database 'Prod-DB01' not found

Table 'CustomerInfo' not found

Please retry your request later

Which of the following best describes the analyst's findings and a potential mitigation technique?

Become a Premium Member for full access
  Unlock Premium Member

Question 517

Report Export Collapse

A company wants to improve and automate the compliance of its cloud environments to meet industry standards. Which of the following resources should the company use to best achieve this goal?

Become a Premium Member for full access
  Unlock Premium Member

Question 518

Report Export Collapse

A security architect is mitigating a vulnerability that previously led to a web application data breach. An analysis into the root cause of the issue finds the following:

An administrator's account was hijacked and used on several Autonomous System Numbers within 30 minutes.

All administrators use named accounts that require multifactor authentication.

Single sign-on is used for all company applications.

Which of the following should the security architect do to mitigate the issue?

Become a Premium Member for full access
  Unlock Premium Member

Question 519

Report Export Collapse

An organization currently has IDS, firewall, and DLP systems in place. The systems administrator needs to integrate the tools in the environment to reduce response time. Which of the following should the administrator use?

Become a Premium Member for full access
  Unlock Premium Member

Question 520

Report Export Collapse

During a periodic internal audit, a company identifies a few new, critical security controls that are missing. The company has a mature risk management program in place, and the following requirements must be met:

The stakeholders should be able to see all the risks.

The risks need to have someone accountable for them.

Which of the following actions should the GRC analyst take next?

Become a Premium Member for full access
  Unlock Premium Member
Total 530 questions
Go to page: of 53
Search

Related questions