Comptia (CAS-003) Exam Questions And Answers page 19
Two new technical SMB security settings have been enforced and have also become policies that increase secure communications.
Network Client: Digitally sign communication
Network Server: Digitally sign communication
A storage administrator in a remote location with a legacy storage array, which contains time-sensitive data, reports employees can no longer connect to their department shares. Which of the following mitigation strategies should an information security manager recommend to the data owner?
Network Client: Digitally sign communication
Network Server: Digitally sign communication
A storage administrator in a remote location with a legacy storage array, which contains time-sensitive data, reports employees can no longer connect to their department shares. Which of the following mitigation strategies should an information security manager recommend to the data owner?
Accept the risk for the remote location, and reverse the settings indefinitely since the legacy storage device will not be upgraded
Mitigate the risk for the remote location by suggesting a move to a cloud service provider. Have the remote location request an indefinite risk exception for the use of cloud storage
Avoid the risk, leave the settings alone, and decommission the legacy storage device
Risk Management
Enterprise Security Operations
A user workstation was infected with a new malware variant as a result of a drive-by download. The security administrator reviews key controls on the infected workstation and discovers the following:
Which of the following would BEST prevent the problem from reoccurring in the future? (Choose two.)
Which of the following would BEST prevent the problem from reoccurring in the future? (Choose two.)
Install HIPS
Enable DLP
Install EDR
Install HIDS
Enable application blacklisting
Improve patch management processes
Risk Management
Enterprise Security Operations
A software company is releasing a new mobile application to a broad set of external customers. Because the software company is rapidly releasing new features, it has built in an over-the-air software update process that can automatically update the application at launch time. Which of the following security controls should be recommended by the company s security architect to protect the integrity of the update process? (Choose two.)
Validate cryptographic signatures applied to software updates
Perform certificate pinning of the associated code signing key
Require HTTPS connections for downloads of software updates
Ensure there are multiple download mirrors for availability
Enforce a click-through process with user opt-in for new features
Enterprise Security Operations
Technical Integration of Enterprise Security
Which of the following BEST represents a risk associated with merging two enterprises during an acquisition?
The consolidation of two different IT enterprises increases the likelihood of the data loss because there are now two backup systems
Integrating two different IT systems might result in a successful data breach if threat intelligence is not shared between the two enterprises
Merging two enterprise networks could result in an expanded attack surface and could cause outages if trust and permission issues are not handled carefully
Expanding the set of data owners requires an in-depth review of all data classification decisions, impacting availability during the review
Risk Management
Enterprise Security Architecture
A Chief Information Security Officer (CISO) has launched an initiative to create a robust BCP/DR plan for the entire company. As part of the initiative, the security team must gather data supporting operational importance for the applications used by the business and determine the order in which the applications must be brought back online. Which of the following should be the FIRST step taken by the team?
Perform a review of all policies and procedures related to BCP and DR and create an educational module that can be assigned to all employees to provide training on BCP/DR events.
Create an SLA for each application that states when the application will come back online and distribute this information to the business units.
Have each business unit conduct a BIA and categorize the applications according to the cumulative data gathered.
Implement replication of all servers and application data to back up datacenters that are geographically dispersed from the central datacenter and release an updated BPA to all clients.
Risk Management
Risk Management
A request has been approved for a vendor to access a new internal server using only HTTPS and SSH to manage the back-end system for the portal. Internal users just need HTTP and HTTPS access to all internal web servers. All other external access to the new server and its subnet is not allowed. The security manager must ensure proper access is configured.
Below is a snippet from the firewall related to that server (access is provided in a top-down model):
Which of the following lines should be configured to allow the proper access? (Choose two.)
Below is a snippet from the firewall related to that server (access is provided in a top-down model):
Which of the following lines should be configured to allow the proper access? (Choose two.)
Move line 3 below line 4 and change port 80 to 443 on line 4.
Move line 3 below line 4 and add port 443 to line.
Move line 4 below line 5 and add port 80 to 8080 on line 2.
Add port 22 to line 2.
Add port 22 to line 5.
Add port 443 to line 2.
Add port 443 to line 5.
Risk Management
Enterprise Security Operations
A security manager needed to protect a high-security data center, so the manager installed a mantrap that can detect an employee s heartbeat, weight, and badge. Which of the following did the security manager implement?
A physical control
A corrective control
A compensating control
A managerial control
Risk Management
Enterprise Security Architecture
A hospital uses a legacy electronic medical record system that requires multicast for traffic between the application servers and databases on virtual hosts that support segments of the application. Following a switch upgrade, the electronic medical record is unavailable despite physical connectivity between the hypervisor and the storage being in place. The network team must enable multicast traffic to restore access to the electronic medical record. The ISM states that the network team must reduce the footprint of multicast traffic on the network.
Using the above information, on which VLANs should multicast be enabled?
Using the above information, on which VLANs should multicast be enabled?
VLAN201, VLAN202, VLAN400
VLAN201, VLAN202, VLAN700
VLAN201, VLAN202, VLAN400, VLAN680, VLAN700
VLAN400, VLAN680, VLAN700
Risk Management
Enterprise Security Operations
Which of the following are the MOST likely vectors for the unauthorized or unintentional inclusion of vulnerable code in a software company s final software releases? (Choose two.)
Unsecure protocols
Use of penetration-testing utilities
Weak passwords
Included third-party libraries
Vendors/supply chain
Outdated anti-malware software
Risk Management
Risk Management
A secure facility has a server room that currently is controlled by a simple lock and key, and several administrators have copies of the key. To maintain regulatory compliance, a second lock, which is controlled by an application on the administrators smartphones, is purchased and installed. The application has various authentication methods that can be used. The criteria for choosing the most appropriate method are:
• It cannot be invasive to the end user.
• It must be utilized as a second factor.
• Information sharing must be avoided.
• It must have a low false acceptance rate.
Which of the following BEST meets the criteria?
• It cannot be invasive to the end user.
• It must be utilized as a second factor.
• Information sharing must be avoided.
• It must have a low false acceptance rate.
Which of the following BEST meets the criteria?
Facial recognition
Swipe pattern
Fingerprint scanning
Complex passcode
Token card
Enterprise Security Architecture
Enterprise Security Operations
Comments