Comptia (CAS-003) Exam Questions And Answers page 29
Given the following:
Which of the following vulnerabilities is present in the above code snippet?
Which of the following vulnerabilities is present in the above code snippet?
SQL-based string concatenation
DOM-based injection
Information disclosure in comments
Risk Management
Enterprise Security Operations
At a meeting, the systems administrator states the security controls a company wishes to implement seem excessive, since all of the information on the company s web servers can be obtained publicly and is not proprietary in any way. The next day the company s website is defaced as part of an SQL injection attack, and the company receives press inquiries about the message the attackers displayed on the website.
Which of the following is the FIRST action the company should take?
Which of the following is the FIRST action the company should take?
Refer to and follow procedures from the company s incident response plan.
Call a press conference to explain that the company has been hacked.
Establish chain of custody for all systems to which the systems administrator has access.
Conduct a detailed forensic analysis of the compromised system.
Inform the communications and marketing department of the attack details.
Risk Management
Enterprise Security Operations
An organization s network engineering team recently deployed a new software encryption solution to ensure the confidentiality of data at rest, which was found to add 300ms of latency to data read-write requests in storage, impacting business operations.
Which of the following alternative approaches would BEST address performance requirements while meeting the intended security objective?
Which of the following alternative approaches would BEST address performance requirements while meeting the intended security objective?
Employ hardware FDE or SED solutions.
Utilize a more efficient cryptographic hash function.
Replace HDDs with SSD arrays.
Use a FIFO pipe a multithreaded software solution.
Risk Management
Enterprise Security Operations
As part of the development process for a new system, the organization plans to perform requirements analysis and risk assessment. The new system will replace a legacy system, which the organization has used to perform data analytics.
Which of the following is MOST likely to be part of the activities conducted by management during this phase of the project?
Which of the following is MOST likely to be part of the activities conducted by management during this phase of the project?
Static code analysis and peer review of all application code
Validation of expectations relating to system performance and security
Load testing the system to ensure response times is acceptable to stakeholders
Design reviews and user acceptance testing to ensure the system has been deployed properly
Regression testing to evaluate interoperability with the legacy system during the deployment
Risk Management
Risk Management
A security administrator wants to allow external organizations to cryptographically validate the company s domain name in email messages sent by employees. Which of the following should the security administrator implement?
SPF
S/MIME
TLS
DKIM
Risk Management
Enterprise Security Architecture
As part of an organization s compliance program, administrators must complete a hardening checklist and note any potential improvements. The process of noting improvements in the checklist is MOST likely driven by:
the collection of data as part of the continuous monitoring program.
adherence to policies associated with incident response.
the organization s software development life cycle.
changes in operating systems or industry trends.
Risk Management
Enterprise Security Operations
A security architect is designing a system to satisfy user demand for reduced transaction time, increased security and message integrity, and improved cryptographic security. The resultant system will be used in an environment with a broad user base where many asynchronous transactions occur every minute and must be publicly verifiable.
Which of the following solutions BEST meets all of the architect s objectives?
Which of the following solutions BEST meets all of the architect s objectives?
An internal key infrastructure that allows users to digitally sign transaction logs
An agreement with an entropy-as-a-service provider to increase the amount of randomness in generated keys.
A publicly verified hashing algorithm that allows revalidation of message integrity at a future date.
An open distributed transaction ledger that requires proof of work to append entries.
Enterprise Security Architecture
Enterprise Security Operations
A systems administrator at a medical imaging company discovers protected health information (PHI) on a general-purpose file server. Which of the following steps should the administrator take NEXT?
Isolate all of the PHI on its own VLAN and keep it segregated at Layer 2
Immediately encrypt all PHI with AES-256
Delete all PHI from the network until the legal department is consulted
Consult the legal department to determine legal requirements
Risk Management
Enterprise Security Operations
Ann, a security manager, is reviewing a threat feed that provides information about attacks that allow a malicious user to gain access to private contact lists. Ann receives a notification that the vulnerability can be exploited within her environment. Given this information, Ann can anticipate an increase in:
vishing attacks
SQL injections attacks
web application attacks
brute-force attacks
Risk Management
Enterprise Security Operations
The HVAC and fire suppression systems that were recently deployed at multiple locations are susceptible to a new vulnerability. A security engineer needs to ensure the vulnerability is not exploited. The devices are directly managed by a smart controller and do not need access to other parts of the network. Signatures are available to detect this vulnerability. Which of the following should be the FIRST step in completing the request?
Deploy a NAC solution that disables devices with unknown MACs.
Create a firewall policy with access to the smart controller from the internal network only.
Create a segmented subnet for all HVAC devices and the smart controller.
Create an IPS profile for the HVAC devices that includes the signatures.
Enterprise Security Operations
Enterprise Security Operations
Comments