Comptia (CAS-003) Exam Questions And Answers page 14
An electric car company hires an IT consulting company to improve the cybersecurity of its vehicles. Which of the following should achieve the BEST long-term result for the company?
Reviewing proposed designs and prototypes for cybersecurity vulnerabilities
Performing a cyber risk assessment on production vehicles
Reviewing and influencing requirements for an early development vehicle
Enterprise Security Operations
Enterprise Security Operations
A laptop is recovered a few days after it was stolen.
Which of the following should be verified during incident response activities to determine the possible impact of the incident?
Which of the following should be verified during incident response activities to determine the possible impact of the incident?
Full disk encryption status
TPM PCR values
File system integrity
Presence of UEFI vulnerabilities
Risk Management
Enterprise Security Operations
An SQL database is no longer accessible online due to a recent security breach. An investigation reveals that unauthorized access to the database was possible due to an SQL injection vulnerability. To prevent this type of breach in the future, which of the following security controls should be put in place before bringing the database back online? (Choose two.)
Secure storage policies
Browser security updates
Input validation
Web application firewall
Secure coding standards
Database activity monitoring
Risk Management
Enterprise Security Architecture
An organization enables BYOD but wants to allow users to access the corporate email, calendar, and contacts from their devices. The data associated with the user s accounts is sensitive, and therefore, the organization wants to comply with the following requirements:
• Active full-device encryption
• Enabled remote-device wipe
• Blocking unsigned applications
• Containerization of email, calendar, and contacts
Which of the following technical controls would BEST protect the data from attack or loss and meet the above requirements?
• Active full-device encryption
• Enabled remote-device wipe
• Blocking unsigned applications
• Containerization of email, calendar, and contacts
Which of the following technical controls would BEST protect the data from attack or loss and meet the above requirements?
Require frequent password changes and disable NFC.
Enforce device encryption and activate MAM.
Install a mobile antivirus application.
Configure and monitor devices with an MDM.
Risk Management
Enterprise Security Operations
Following a recent network intrusion, a company wants to determine the current security awareness of all of its employees. Which of the following is the BEST way to test awareness?
Conduct a series of security training events with comprehensive tests at the end
Hire an external company to provide an independent audit of the network security posture
Review the social media of all employees to see how much proprietary information is shared
Send an email from a corporate account, requesting users to log onto a website with their enterprise account
Risk Management
Enterprise Security Operations
During the deployment of a new system, the implementation team determines that APIs used to integrate the new system with a legacy system are not functioning properly. Further investigation shows there is a misconfigured encryption algorithm used to secure data transfers between systems. Which of the following should the project manager use to determine the source of the defined algorithm in use?
Code repositories
Security requirements traceability matrix
Software development lifecycle
Roles matrix
Implementation guide
Enterprise Security Operations
Technical Integration of Enterprise Security
An internal penetration tester was assessing a recruiting page for potential issues before it was pushed to the production website. The penetration tester discovers an issue that must be corrected before the page goes live. The web host administrator collects the log files below and gives them to the development team so improvements can be made to the security design of the website.
Which of the following types of attack vectors did the penetration tester use?
Which of the following types of attack vectors did the penetration tester use?
SQL injection
CSRF
Brute force
XSS
TOC/TOU
Enterprise Security Operations
Enterprise Security Operations
A regional transportation and logistics company recently hired its first Chief Information Security Officer (CISO). The CISO s first project after onboarding involved performing a vulnerability assessment against the company s public facing network. The completed scan found a legacy collaboration platform application with a critically rated vulnerability. While discussing this issue with the line of business, the CISO learns the vulnerable application cannot be updated without the company incurring significant losses due to downtime or new software purchases.
Which of the following BEST addresses these concerns?
Which of the following BEST addresses these concerns?
The company should plan future maintenance windows such legacy application can be updated as needed.
The CISO must accept the risk of the legacy application, as the cost of replacing the application greatly exceeds the risk to the company.
The company should implement a WAF in front of the vulnerable application to filter out any traffic attempting to exploit the vulnerability.
The company should build a parallel system and perform a cutover from the old application to the new application, with less downtime than an upgrade.
Risk Management
Enterprise Security Operations
A company wants to secure a newly developed application that is used to access sensitive information and data from corporate resources. The application was developed by a third-party organization, and it is now being used heavily, despite lacking the following controls:
• Certificate pinning
• Tokenization
• Biometric authentication
The company has already implemented the following controls:
• Full device encryption
• Screen lock
• Device password
• Remote wipe
The company wants to defend against interception of data attacks. Which of the following compensating controls should the company implement NEXT?
• Certificate pinning
• Tokenization
• Biometric authentication
The company has already implemented the following controls:
• Full device encryption
• Screen lock
• Device password
• Remote wipe
The company wants to defend against interception of data attacks. Which of the following compensating controls should the company implement NEXT?
Enforce the use of a VPN when using the newly developed application
Implement a geofencing solution that disables the application according to company requirements
Implement an out-of-band second factor to authenticate authorized users
Install the application in a secure container requiring additional authentication controls
Risk Management
Enterprise Security Operations
The Chief Information Officer (CISO) is concerned that certain systems administrators will privileged access may be reading other users emails. Review of a tool s output shows the administrators have used web mail to log into other users inboxes.
Which of the following tools would show this type of output?
Which of the following tools would show this type of output?
Log analysis tool
Password cracker
Command-line tool
File integrity monitoring tool
Risk Management
Enterprise Security Operations
Comments