Comptia (CAS-003) Exam Questions And Answers page 27
A security consultant is performing a penetration test on www.comptia.org and wants to discover the DNS administrator s email address to use in a later social engineering attack. The information listed with the DNS registrar is private. Which of the following commands will also disclose the email address?
whois f comptia.org
nslookup type=SOA comptia.org
dnsrecon i comptia.org t hostmaster
Enterprise Security Architecture
Enterprise Security Operations
A developer is reviewing the following transaction logs from a web application:
Username: John Doe
Street name: Main St.
Street number: <script></script>
Username: John Doe
Street name: Main St.
Street number: <script></script>
if ($input != strcmp($var1, <> )) {die();}
$input=strip_tags(trim($_POST[ var1 ]));
Risk Management
Enterprise Security Operations
A security analyst who is concerned about sensitive data exfiltration reviews the following:
Which of the following tools would allow the analyst to confirm if data exfiltration is occuring?
Which of the following tools would allow the analyst to confirm if data exfiltration is occuring?
Port scanner
SCAP tool
File integrity monitor
Protocol analyzer
Enterprise Security Operations
Technical Integration of Enterprise Security
A company has entered into a business agreement with a business partner for managed human resources services. The Chief Information Security Officer (CISO) has been asked to provide documentation that is required to set up a business-to-business VPN between the two organizations. Which of the following is required in this scenario?
ISA
BIA
SLA
RA
Enterprise Security Operations
Enterprise Security Operations
An organization is engaged in international business operations and is required to comply with various legal frameworks. In addition to changes in legal frameworks, which of the following is a primary purpose of a compliance management program?
Following new requirements that result from contractual obligations
Answering requests from auditors that relate to e-discovery
Responding to changes in regulatory requirements
Developing organizational policies that relate to hiring and termination procedures
Risk Management
Enterprise Security Architecture
A server (10.0.0.2) on the corporate network is experiencing a DoS from a number of marketing desktops that have been compromised and are connected to a separate network segment. The security engineer implements the following configuration on the management router:
Which of the following is the engineer implementing?
Which of the following is the engineer implementing?
Remotely triggered black hole
Route protection
Port security
Transport security
Address space layout randomization
Risk Management
Enterprise Security Operations
The security administrator of a small firm wants to stay current on the latest security vulnerabilities and attack vectors being used by crime syndicates and nation-states. The information must be actionable and reliable. Which of the following would BEST meet the needs of the security administrator?
Software vendor threat reports
White papers
Security blogs
Threat data subscription
Enterprise Security Architecture
Enterprise Security Architecture
An attacker has been compromising banking institution targets across a regional area. The Chief Information Security Officer (CISO) at a local bank wants to detect and prevent an attack before the bank becomes a victim. Which of the following actions should the CISO take?
Utilize cloud-based threat analytics to identify anomalous behavior in the company s B2B and vendor traffic
Purchase a CASB solution to identify and control access to cloud-based applications and services and integrate them with on-premises legacy security monitoring
Instruct a security engineer to configure the IDS to consume threat intelligence feeds from an information-sharing association in the banking sector
Attend and present at the regional banking association lobbying group meetings each month and facilitate a discussion on the topic
Risk Management
Enterprise Security Operations
A corporate forensic investigator has been asked to acquire five forensic images of an employee database application. There are three images to capture in the United States, one in the United Kingdom, and one in Germany. Upon completing the work, the forensics investigator saves the images to a local workstation. Which of the following types of concerns should the forensic investigator have about this work assignment?
Environmental
Privacy
Ethical
Criminal
Risk Management
Enterprise Security Operations
Engineers at a company believe a certain type of data should be protected from competitors, but the data owner insists the information is not sensitive. An information security engineer is implementing controls to secure the corporate SAN. The controls require dividing data into four groups: non-sensitive, sensitive but accessible, sensitive but export-controlled, and extremely sensitive.
Which of the following actions should the engineer take regarding the data?
Which of the following actions should the engineer take regarding the data?
Label the data as extremely sensitive.
Label the data as sensitive but accessible.
Label the data as non-sensitive.
Label the data as sensitive but export-controlled.
Risk Management
Enterprise Security Operations
Comments