Exam Logo

Comptia (CAS-003) Exam Questions And Answers page 28

A security analyst is reviewing the following packet capture of communication between a host and a company s router:


Which of the following actions should the security analyst take to remove this vulnerability?
Risk Management Enterprise Security Operations
The Chief Information Officer (CIO) wants to increase security and accessibility among the organization s cloud SaaS applications. The applications are configured to use passwords, and two-factor authentication is not provided natively.

Which of the following would BEST address the CIO s concerns?
Enterprise Security Operations Enterprise Security Operations
An employee decides to log into an authorized system. The system does not prompt the employee for authentication prior to granting access to the console, and it cannot authenticate the network resources. Which of the following attack types can this lead to if it is not mitigated?
Risk Management Enterprise Security Operations
A company s user community is being adversely affected by various types of emails whose authenticity cannot be trusted. The Chief Information Security Officer (CISO) must address the problem.

Which of the following solutions would BEST support trustworthy communication solutions?
Risk Management Enterprise Security Architecture
A researcher is working to identify what appears to be a new variant of an existing piece of malware commonly used in ransomware attacks. While it is not identical to the malware previously evaluated, it has a number of similarities including language, payload, and algorithms. Which of the following would help the researcher safely compare the code base of the two variants?
Enterprise Security Operations Enterprise Security Operations
An organization is in the process of evaluating service providers for an upcoming migration to cloud-based services for the organization s ERP system. As part of the requirements defined by the project team, regulatory requirements specify segmentation and isolation of the organization s data. Which of the following should the vendor management team identify as a requirement during the procurement process?
Risk Management Enterprise Security Operations
While attending a meeting with the human resources department, an organization s information security officer sees an employee using a username and password written on a memo pad to log into a specific service. When the information security officer inquires further as to why passwords are being written down, the response is that there are too many passwords to remember for all the different services the human resources department is required to use.

Additionally, each password has specific complexity requirements and different expiration time frames.
Which of the following would be the BEST solution for the information security officer to recommend?
Risk Management Enterprise Security Operations
Several recent ransomware outbreaks at a company have cost a significant amount of lost revenue. The security team needs to find a technical control mechanism that will meet the following requirements and aid in preventing these outbreaks:

• Stop malicious software that does not match a signature
• Report on instances of suspicious behavior
• Protect from previously unknown threats
• Augment existing security capabilities

Which of the following tools would BEST meet these requirements?
Enterprise Security Operations Technical Integration of Enterprise Security
A security analyst receives an email from a peer that includes a sample of code from a piece of malware found in an application running in the organization s staging environment. During the incident response process, it is determined the code was introduced into the environment as a result of a compromised laptop being used to harvest credentials and access the organization s code repository. While the laptop itself was not used to access the code repository, an attacker was able to leverage the harvested credentials from another system in the development environment to bypass the ACLs limiting access to the repositories. Which of the following controls MOST likely would have interrupted the kill chain in this attack?
Risk Management Enterprise Security Operations
A newly hired Chief Information Security Officer (CISO) is reviewing the organization s security budget from the previous year. The CISO notices $100,000 worth of fines were paid for not properly encrypting outbound email messages. The CISO expects next year s costs associated with fines to double and the volume of messages to increase by 100%. The organization sent out approximately 25,000 messages per year over the last three years. Given the table below:


Which of the following would be BEST for the CISO to include in this year s budget?
Risk Management Enterprise Security Operations