Comptia (CAS-003) Exam Questions And Answers page 17
A Chief Information Security Officer (CISO) has created a survey that will be distributed to managers of mission-critical functions across the organization. The survey requires the managers to determine how long their respective units can operate in the event of an extended IT outage before the organization suffers monetary losses from the outage. To which of the following is the survey question related? (Choose two.)
Business impact
Risk assessment
Recovery point objective
Recovery time objective
Mean time between failures
Risk Management
Risk Management
A remote user reports the inability to authenticate to the VPN concentrator. During troubleshooting, a security administrator captures an attempted authentication and discovers the following being presented by the user s VPN client:
Which of the following BEST describes the reason the user is unable to connect to the VPN service?
Which of the following BEST describes the reason the user is unable to connect to the VPN service?
The user s certificate is not signed by the VPN service provider
The user s certificate has been compromised and should be revoked
The user s certificate was not created for VPN use
The user s certificate was created using insecure encryption algorithms
Enterprise Security Operations
Enterprise Security Operations
A development team releases updates to an application regularly. The application is compiled with several standard, open-source security products that require a minimum version for compatibility. During the security review portion of the development cycle, which of the following should be done to minimize possible application vulnerabilities?
The developers should require an exact version of the open-source security products, preventing the introduction of new vulnerabilities.
The application development team should move to an Agile development approach to identify security concerns faster.
The change logs for the third-party libraries should be reviewed for security patches, which may need to be included in the release
The application should eliminate the use of open-source libraries and products to prevent known vulnerabilities from being included
Risk Management
Enterprise Security Architecture
A new cluster of virtual servers has been set up in a lab environment and must be audited before being allowed on the production network. The security manager needs to ensure unnecessary services are disabled and all system accounts are using strong credentials.
Which of the following tools should be used? (Choose two.)
Which of the following tools should be used? (Choose two.)
Fuzzer
SCAP scanner
Packet analyzer
Password cracker
Network enumerator
SIEM
Enterprise Security Operations
Enterprise Security Operations
Company.org has requested a black-box security assessment be performed on key cyber terrain. One area of concern is the company s SMTP services. The security assessor wants to run reconnaissance before taking any additional action and wishes to determine which SMTP server is Internet-facing.
Which of the following commands should the assessor use to determine this information?
Which of the following commands should the assessor use to determine this information?
dnsrecon d company.org t SOA
dig company.org mx
nc v company.org
whois company.org
Enterprise Security Operations
Enterprise Security Operations
A company uses an application in its warehouse that works with several commercially available tablets and can only be accessed inside the warehouse. The support department would like the selection of tablets to be limited to three models to provide better support and ensure spares are on hand. Users often keep the tablets after they leave the department, as many of them store personal media items.
Which of the following should the security engineer recommend to meet these requirements?
Which of the following should the security engineer recommend to meet these requirements?
COPE with geofencing
BYOD with containerization
MDM with remote wipe
CYOD with VPN
Risk Management
Enterprise Security Operations
A developer is concerned about input validation for a newly created shopping-cart application, which will be released soon on a popular website. Customers were previously able to manipulate the shopping cart so they could receive multiple items while only paying for one item. This resulted in large losses. Which of the following would be the MOST efficient way to test the shopping cart and address the developer s concerns?
Log analysis
Dynamic analysis
Vulnerability assessment
Gray-box testing
Manual code review
Risk Management
Enterprise Security Operations
A Chief Information Security Officer (CISO) is creating a security committee involving multiple business units of the corporation.
Which of the following is the BEST justification to ensure collaboration across business units?
Which of the following is the BEST justification to ensure collaboration across business units?
A risk to one business unit is a risk avoided by all business units, and liberal BYOD policies create new and unexpected avenues for attackers to exploit enterprises.
A single point of coordination is required to ensure cybersecurity issues are addressed in protected, compartmentalized groups.
Without business unit collaboration, risks introduced by one unit that affect another unit may go without compensating controls.
The CISO is uniquely positioned to control the flow of vulnerability information between business units.
Research, Development, and Collaboration
Research, Development, and Collaboration
During a security assessment, activities were divided into two phases: internal and external exploitation. The security assessment team set a hard time limit on external activities before moving to a compromised box within the enterprise perimeter.
Which of the following methods is the assessment team most likely to employ NEXT?
Which of the following methods is the assessment team most likely to employ NEXT?
Pivoting from the compromised, moving laterally through the enterprise, and trying to exfiltrate data and compromise devices.
Conducting a social engineering attack attempt with the goal of accessing the compromised box physically.
Exfiltrating network scans from the compromised box as a precursor to social media reconnaissance
Open-source intelligence gathering to identify the network perimeter and scope to enable further system compromises.
Enterprise Security Operations
Technical Integration of Enterprise Security
A penetration test is being scoped for a set of web services with API endpoints. The APIs will be hosted on existing web application servers. Some of the new APIs will be available to unauthenticated users, but some will only be available to authenticated users. Which of the following tools or activities would the penetration tester MOST likely use or do during the engagement? (Choose two.)
Static code analyzer
Intercepting proxy
Port scanner
Reverse engineering
Reconnaissance gathering
User acceptance testing
Risk Management
Enterprise Security Operations
Comments