Exam Logo

Comptia (CAS-003) Exam Questions And Answers page 13

A security engineer is performing a routine audit of a company s decommissioned devices. The current process involves a third-party firm removing the hard drive from a company device, wiping it using a seven-pass software, placing it back into the device, and tagging the device for reuse or disposal. The audit reveals sensitive information is present in the hard drive cluster tips. Which of the following should the third-party firm implement NEXT to ensure all data is permanently removed?
Risk Management Enterprise Security Operations
A consultant is hired to perform a passive vulnerability assessment of a company to determine what information might be collected about the company and its employees. The assessment will be considered successful if the consultant can discover the name of one of the IT administrators.

Which of the following is MOST likely to produce the needed information?
Risk Management Enterprise Security Operations
An organization wants to allow its employees to receive corporate email on their own smartphones. A security analyst is reviewing the following information contained within the file system of an employee s smartphone:

FamilyPix.jpg
Taxreturn.tax
paystub.pdf
employeesinfo.xls
SoccerSchedule.doc
RecruitmentPlan.xls

Based on the above findings, which of the following should the organization implement to prevent further exposure? (Choose two.)
Risk Management Enterprise Security Architecture
As part of the asset management life cycle, a company engages a certified equipment disposal vendor to appropriately recycle and destroy company assets that are no longer in use. As part of the company s vendor due diligence, which of the following would be MOST important to obtain from the vendor?
Risk Management Risk Management
A security engineer is working with a software development team. The engineer is tasked with ensuring all security requirements are adhered to by the developers.

Which of the following BEST describes the contents of the supporting document the engineer is creating?
Enterprise Security Operations Enterprise Security Operations
A network service on a production system keeps crashing at random times. The systems administrator suspects a bug in the listener is causing the service to crash, resulting in a DoS. When the service crashes, a core dump is left in the /tmp directory. Which of the following tools can the systems administrator use to reproduce these symptoms?
Enterprise Security Operations Enterprise Security Operations
Ann, a terminated employee, left personal photos on a company-issued laptop and no longer has access to them. Ann emails her previous manager and asks to get her personal photos back.

Which of the following BEST describes how the manager should respond?
Risk Management Enterprise Security Operations
A government contracting company issues smartphones to employees to enable access to corporate resources. Several employees will need to travel to a foreign country for business purposes and will require access to their phones. However, the company recently received intelligence that its intellectual property is highly desired by the same country s government. Which of the following MDM configurations would BEST reduce the risk of compromise while on foreign soil?
Risk Management Enterprise Security Operations
A Chief Information Security Officer (CISO) needs to establish a KRI for a particular system. The system holds archives of contracts that are no longer in use. The contracts contain intellectual property and have a data classification of non-public. Which of the following be the BEST risk indicator for this system?
Risk Management Risk Management
A security manager is determining the best DLP solution for an enterprise. A list of requirements was created to use during the source selection. The security manager wants to confirm a solution exists for the requirements that have been defined. Which of the following should the security manager use?
Risk Management Enterprise Security Operations