Comptia (CAS-003) Exam Questions And Answers page 1
A recent CRM upgrade at a branch office was completed after the desired deadline. Several technical issues were found during the upgrade and need to be discussed in depth before the next branch office is upgraded.
Which of the following should be used to identify weak processes and other vulnerabilities?
Which of the following should be used to identify weak processes and other vulnerabilities?
Benchmarks and baseline results
Risk assessment
Lessons learned report
Risk Management
Enterprise Security Operations
A security analyst is responsible for the completion of a vulnerability assessment at a regional healthcare facility. The analyst reviews the following Nmap output:
Which of the following is MOST likely what the security analyst is reviewing?
Which of the following is MOST likely what the security analyst is reviewing?
An Nmap script to scan for unsafe servers on UDP 445
An Nmap script to run the SMB servers
An Nmap script to stop the SMB servers
An Nmap script to scan for vulnerable SMB servers
Risk Management
Enterprise Security Operations
The results of an external penetration test for a software development company show a small number of applications account for the largest number of findings. While analyzing the content and purpose of the applications, the following matrix is created:
The findings are then categorized according to the following chart:
Which of the following would BEST reduce the amount of immediate risk incurred by the organization from a compliance and legal standpoint? (Choose two.)
The findings are then categorized according to the following chart:
Which of the following would BEST reduce the amount of immediate risk incurred by the organization from a compliance and legal standpoint? (Choose two.)
Place a WAF in line with Application 2
Move Application 3 to a secure VLAN and require employees to use a jump server for access
Apply the missing OS and software patches to the server hosting Application 4
Use network segmentation and ACLs to control access to Application 5
Implement an IDS/IPS on the same network segment as Application 3
Install a FIM on the server hosting Application 4
Enforce Group Policy password complexity rules on the server hosting Application 1
Risk Management
Risk Management
The Chief Information Security Officer (CISO) suspects that a database administrator has been tampering with financial data to the administrator s advantage. Which of the following would allow a third-party consultant to conduct an on-site review of the administrator s activity?
Separation of duties
Job rotation
Continuous monitoring
Mandatory vacation
Enterprise Security Operations
Enterprise Security Operations
When reviewing KRIs of the email security appliance with the Chief Information Security Officer (CISO) of an insurance company, the security engineer notices the following:
Which of the following measures should the security engineer take to ensure PII is not intercepted in transit while also preventing interruption to business?
Which of the following measures should the security engineer take to ensure PII is not intercepted in transit while also preventing interruption to business?
Quarantine emails sent to external domains containing PII and release after inspection.
Prevent PII from being sent to domains that allow users to sign up for free webmail.
Enable transport layer security on all outbound email communications and attachments.
Provide security awareness training regarding transmission of PII.
Risk Management
Enterprise Security Operations
A software development manager is running a project using agile development methods. The company cybersecurity engineer has noticed a high number of vulnerabilities have been making it into production code on the project.
Which of the following methods could be used in addition to an integrated development environment to reduce the severity of the issue?
Which of the following methods could be used in addition to an integrated development environment to reduce the severity of the issue?
Conduct a penetration test on each function as it is developed
Develop a set of basic checks for common coding errors
Adopt a waterfall method of software development
Implement unit tests that incorporate static code analyzers
Risk Management
Risk Management
In the past, the risk committee at Company A has shown an aversion to even minimal amounts of risk acceptance. A security engineer is preparing recommendations regarding the risk of a proposed introducing legacy ICS equipment. The project will introduce a minor vulnerability into the enterprise. This vulnerability does not significantly expose the enterprise to risk and would be expensive against.
Which of the following strategies should the engineer recommended be approved FIRST?
Which of the following strategies should the engineer recommended be approved FIRST?
Avoid
Mitigate
Transfer
Accept
Risk Management
Enterprise Security Operations
While conducting online research about a company to prepare for an upcoming penetration test, a security analyst discovers detailed financial information on an investor website the company did not make public. The analyst shares this information with the Chief Financial Officer (CFO), who confirms the information is accurate, as it was recently discussed at a board of directors meeting. Many of the details are verbatim discussion comments captured by the board secretary for purposes of transcription on a mobile device. Which of the following would MOST likely prevent a similar breach in the future?
Remote wipe
FDE
Geolocation
eFuse
VPN
Risk Management
Enterprise Security Architecture
A server was compromised recently, and two unauthorized daemons were set up to listen for incoming connections. In addition, CPU cycles were being used by an additional unauthorized cron job. Which of the following would have prevented the breach if it was properly configured?
Set up log forwarding and utilize a SIEM for centralized management and alerting.
Use a patch management system to close the vulnerabilities in a shorter time frame.
Implement a NIDS/NIPS.
Deploy SELinux using the system baseline as the starting point.
Configure the host firewall to block unauthorized inbound connections.
Enterprise Security Operations
Technical Integration of Enterprise Security
A security analyst is reviewing the corporate MDM settings and notices some disabled settings, which consequently permit users to download programs from untrusted developers and manually install them. After some conversations, it is confirmed that these settings were disabled to support the internal development of mobile applications. The security analyst is now recommending that developers and testers have a separate device profile allowing this, and that the rest of the organization s users do not have the ability to manually download and install untrusted applications. Which of the following settings should be toggled to achieve the goal? (Choose two.)
OTA updates
Remote wiping
Side loading
Sandboxing
Containerization
Signed applications
Risk Management
Enterprise Security Operations
Comments