Exam Logo

Comptia (CAS-003) Exam Questions And Answers page 12

A company is not familiar with the risks associated with IPv6. The systems administrator wants to isolate IPv4 from IPv6 traffic between two different network segments. Which of the following should the company implement? (Choose two.)
Risk Management Enterprise Security Operations
A company wants to confirm sufficient executable space protection is in place for scenarios in which malware may be attempting buffer overflow attacks. Which of the following should the security engineer check?
Risk Management Enterprise Security Operations
A security administrator adding a NAC requirement for all VPN users to ensure the connecting devices are compliant with company policy. Which of the following items provides the HIGHEST assurance to meet this requirement?
Risk Management Enterprise Security Operations
A security engineer discovers a PC may have been breached and accessed by an outside agent. The engineer wants to find out how this breach occurred before remediating the damage. Which of the following should the security engineer do FIRST to begin this investigation?
Risk Management Enterprise Security Operations
A company has created a policy to allow employees to use their personally owned devices. The Chief Information Security Officer (CISO) is getting reports of company data appearing on unapproved forums and an increase in theft of personal electronic devices.

Which of the following security controls would BEST reduce the risk of exposure?
Risk Management Enterprise Security Operations
A software development company lost customers recently because of a large number of software issues. These issues were related to integrity and availability defects, including buffer overflows, pointer dereferences, and others. Which of the following should the company implement to improve code quality? (Choose two.)
Enterprise Security Operations Technical Integration of Enterprise Security
Following a recent and very large corporate merger, the number of log files an SOC needs to review has approximately tripled. The Chief Information Security Officer (CISO) has not been allowed to hire any more staff for the SOC, but is looking for other ways to automate the log review process so the SOC receives less noise. Which of the following would BEST reduce log noise for the SOC?
Enterprise Security Operations Enterprise Security Operations
A security architect is determining the best solution for a new project. The project is developing a new intranet with advanced authentication capabilities, SSO for users, and automated provisioning to streamline Day 1 access to systems. The security architect has identified the following requirements:

1. Information should be sourced from the trusted master data source.
2. There must be future requirements for identity proofing of devices and users.
3. A generic identity connector that can be reused must be developed.
4. The current project scope is for internally hosted applications only.

Which of the following solution building blocks should the security architect use to BEST meet the requirements?
Enterprise Security Architecture Enterprise Security Operations
A Chief Information Security Officer (CISO) is developing a new BIA for the organization. The CISO wants to gather requirements to determine the appropriate RTO and RPO for the organization s ERP. Which of the following should the CISO interview as MOST qualified to provide RTO/RPO metrics?
Risk Management Risk Management
Due to a recent acquisition, the security team must find a way to secure several legacy applications. During a review of the applications, the following issues are documented:

• The applications are considered mission-critical.
• The applications are written in code languages not currently supported by the development staff.
• Security updates and patches will not be made available for the applications.
• Username and passwords do not meet corporate standards.
• The data contained within the applications includes both PII and PHI.
• The applications communicate using TLS 1.0.
• Only internal users access the applications.

Which of the following should be utilized to reduce the risk associated with these applications and their current architecture?
Risk Management Enterprise Security Architecture