Comptia (CAS-003) Exam Questions And Answers page 13
A security engineer is performing a routine audit of a company s decommissioned devices. The current process involves a third-party firm removing the hard drive from a company device, wiping it using a seven-pass software, placing it back into the device, and tagging the device for reuse or disposal. The audit reveals sensitive information is present in the hard drive cluster tips. Which of the following should the third-party firm implement NEXT to ensure all data is permanently removed?
Scramble the file allocation table.
Wipe the drives using a 21-pass overwrite.
Disable the logic board using high-voltage input.
Risk Management
Enterprise Security Operations
A consultant is hired to perform a passive vulnerability assessment of a company to determine what information might be collected about the company and its employees. The assessment will be considered successful if the consultant can discover the name of one of the IT administrators.
Which of the following is MOST likely to produce the needed information?
Which of the following is MOST likely to produce the needed information?
Whois
DNS enumeration
Vulnerability scanner
Fingerprinting
Risk Management
Enterprise Security Operations
An organization wants to allow its employees to receive corporate email on their own smartphones. A security analyst is reviewing the following information contained within the file system of an employee s smartphone:
FamilyPix.jpg
Taxreturn.tax
paystub.pdf
employeesinfo.xls
SoccerSchedule.doc
RecruitmentPlan.xls
Based on the above findings, which of the following should the organization implement to prevent further exposure? (Choose two.)
FamilyPix.jpg
Taxreturn.tax
paystub.pdf
employeesinfo.xls
SoccerSchedule.doc
RecruitmentPlan.xls
Based on the above findings, which of the following should the organization implement to prevent further exposure? (Choose two.)
Remote wiping
Side loading
VPN
Containerization
Rooting
Geofencing
Jailbreaking
Risk Management
Enterprise Security Architecture
As part of the asset management life cycle, a company engages a certified equipment disposal vendor to appropriately recycle and destroy company assets that are no longer in use. As part of the company s vendor due diligence, which of the following would be MOST important to obtain from the vendor?
A copy of the vendor s information security policies.
A copy of the current audit reports and certifications held by the vendor.
A signed NDA that covers all the data contained on the corporate systems.
A copy of the procedures used to demonstrate compliance with certification requirements.
Risk Management
Risk Management
A security engineer is working with a software development team. The engineer is tasked with ensuring all security requirements are adhered to by the developers.
Which of the following BEST describes the contents of the supporting document the engineer is creating?
Which of the following BEST describes the contents of the supporting document the engineer is creating?
A series of ad-hoc tests that each verify security control functionality of the entire system at once.
A series of discrete tasks that, when viewed in total, can be used to verify and document each individual constraint from the SRTM.
A set of formal methods that apply to one or more of the programing languages used on the development project.
A methodology to verify each security control in each unit of developed code prior to committing the code.
Enterprise Security Operations
Enterprise Security Operations
A network service on a production system keeps crashing at random times. The systems administrator suspects a bug in the listener is causing the service to crash, resulting in a DoS. When the service crashes, a core dump is left in the /tmp directory. Which of the following tools can the systems administrator use to reproduce these symptoms?
Fuzzer
Vulnerability scanner
Core dump analyzer
Debugger
Enterprise Security Operations
Enterprise Security Operations
Ann, a terminated employee, left personal photos on a company-issued laptop and no longer has access to them. Ann emails her previous manager and asks to get her personal photos back.
Which of the following BEST describes how the manager should respond?
Which of the following BEST describes how the manager should respond?
Determine if the data still exists by inspecting to ascertain if the laptop has already been wiped and if the storage team has recent backups.
Inform Ann that the laptop was for company data only and she should not have stored personal photos on a company asset.
Report the email because it may have been a spoofed request coming from an attacker who is trying to exfiltrate data from the company laptop.
Consult with the legal and/or human resources department and check company policies around employment and termination procedures.
Risk Management
Enterprise Security Operations
A government contracting company issues smartphones to employees to enable access to corporate resources. Several employees will need to travel to a foreign country for business purposes and will require access to their phones. However, the company recently received intelligence that its intellectual property is highly desired by the same country s government. Which of the following MDM configurations would BEST reduce the risk of compromise while on foreign soil?
Disable firmware OTA updates.
Disable location services.
Disable push notification services.
Disable wipe
Risk Management
Enterprise Security Operations
A Chief Information Security Officer (CISO) needs to establish a KRI for a particular system. The system holds archives of contracts that are no longer in use. The contracts contain intellectual property and have a data classification of non-public. Which of the following be the BEST risk indicator for this system?
Average minutes of downtime per quarter
Percent of patches applied in the past 30 days
Count of login failures per week
Number of accounts accessing the system per day
Risk Management
Risk Management
A security manager is determining the best DLP solution for an enterprise. A list of requirements was created to use during the source selection. The security manager wants to confirm a solution exists for the requirements that have been defined. Which of the following should the security manager use?
NDA
RFP
RFQ
MSA
RFI
Risk Management
Enterprise Security Operations
Comments