Exam Logo

Comptia (CAS-003) Exam Questions And Answers page 15

A penetration tester is conducting an assessment on Comptia.org and runs the following command from a coffee shop while connected to the public Internet:
Which of the following should the penetration tester conclude about the command output?
Enterprise Security Operations Enterprise Security Operations
A manufacturing company recently recovered from an attack on its ICS devices. It has since reduced the attack surface by isolating the affected components. The company now wants to implement detection capabilities. It is considering a system that is based on machine learning. Which of the following features would BEST describe the driver to adopt such nascent technology over mainstream commercial IDSs?
A company has made it a spending priority to implement security architectures that will be resilient during an attack. Recent incidents have involved attackers leveraging latent vulnerabilities in cryptographic implementations and VPN concentrators to be able to compromise sensitive information. Patches have been slowly released for these emergent vulnerabilities, leaving weeks to months of exposed and vulnerable attack surface. Which of the following approaches would be BEST to increase enterprise resilience during similar future attacks?
Enterprise Security Architecture Enterprise Security Operations
The board of a financial services company has requested that the senior security analyst acts as a cybersecurity advisor in order to comply with recent federal legislation. The analyst is required to give a report on current cybersecurity and threat trends in the financial services industry at the next board meeting. Which of the following would be the BEST methods to prepare this report? (Choose two.)
Risk Management Enterprise Security Architecture
A newly hired security analyst has joined an established SOC team. Not long after going through corporate orientation, a new attack method on web-based applications was publicly revealed. The security analyst immediately brings this new information to the team lead, but the team lead is not concerned about it.

Which of the following is the MOST likely reason for the team lead s position?
Enterprise Security Operations Enterprise Security Operations
SIMULATION

You are a security analyst tasked with interpreting an Nmap scan output from Company A s privileged network.

The company s hardening guidelines indicate the following:
• There should be one primary server or service per device.
• Only default ports should be used.
• Non-secure protocols should be disabled.

INSTRUCTIONS

Using the Nmap output, identify the devices on the network and their roles, and any open ports that should be closed. For each device found, add a device entry to the Devices Discovered list, with the following information:
• The IP address of the device
• The primary server or service of the device
• The protocol(s) that should be disabled based on the hardening guidelines

To select multiple protocols, use CTRL+CLICK.

If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.


Risk Management Enterprise Security Architecture
A small firm s newly created website has several design flaws. The developer created the website to be fully compatible with ActiveX scripts in order to use various digital certificates and trusting certificate authorities. However, vulnerability testing indicates sandboxes were enabled, which restricts the code s access to resources within the user s computer. Which of the following is the MOST likely cause of the error?
Risk Management Enterprise Security Operations
An organization is moving internal core data-processing functions related to customer data to a global public cloud provider that uses aggregated services from other partner organizations. Which of the following compliance issues will MOST likely be introduced as a result of the migration?
Risk Management Enterprise Security Operations
A company is deploying laptops to replace all current desktop endpoints. This increases the risk of data loss. Which of the following is the BEST solution to address this risk?
Risk Management Risk Management
As part of incident response, a technician is taking an image of a compromised system and copying the image to a remote image server (192.168.45.82). The system drive is very large but does not contain the sensitive data. The technician has limited time to complete this task. Which of the following is the BEST command for the technician to run?
Enterprise Security Operations Enterprise Security Operations