Exam Logo

Comptia (CAS-003) Exam Questions And Answers page 31

A security administrator receives reports that several workstations are unable to access resources within one network segment. A packet capture shows the segment is flooded with ICMPv6 traffic from the source fe80::21ae:4571:42ab:1fdd and for the destination ff02::1. Which of the following should the security administrator integrate into the network to help prevent this from occurring?
Enterprise Security Architecture Enterprise Security Operations
A Chief Information Security Officer (CISO) implemented MFA for all accounts in parallel with the BYOD policy. After the implementation, employees report the increased authentication method is causing increased time to tasks. This applies both to accessing the email client on the workstation and the online collaboration portal. Which of the following should be the CISO implement to address the employees concerns?
Enterprise Security Operations Enterprise Security Operations
Ann, a security administrator, is conducting an assessment on a new firewall, which was placed at the perimeter of a network containing PII. Ann runs the following commands on a server (10.0.1.19) behind the firewall:


From her own workstation (192.168.2.45) outside the firewall, Ann then runs a port scan against the server and records the following packet capture of the port scan:


Connectivity to the server from outside the firewall worked as expected prior to executing these commands.

Which of the following can be said about the new firewall?
Risk Management Enterprise Security Operations
Providers at a healthcare system with many geographically dispersed clinics have been fined five times this year after an auditor received notice of the following SMS messages:


Which of the following represents the BEST solution for preventing future fines?
Risk Management Enterprise Security Operations
A penetration tester is on an active engagement and has access to a remote system. The penetration tester wants to bypass the DLP, which is blocking emails that are encrypted or contain sensitive company information. Which of the following cryptographic techniques should the penetration tester use?
Enterprise Security Architecture Enterprise Security Operations
The director of sales asked the development team for some small changes to increase the usability of an application used by the sales team. Prior security reviews of the code showed no significant vulnerabilities, and since the changes were small, they were given a peer review and then pushed to the live environment. Subsequent vulnerability scans now show numerous flaws that were not present in the previous versions of the code.

Which of the following is an SDLC best practice that should have been followed?
Risk Management Enterprise Security Operations
Due to a recent breach, the Chief Executive Officer (CEO) has requested the following activities be conducted during incident response planning:

• Involve business owners and stakeholders
• Create an applicable scenario
• Conduct a biannual verbal review of the incident response plan
• Report on the lessons learned and gaps identified

Which of the following exercises has the CEO requested?
Risk Management Enterprise Security Operations
A creative services firm has a limited security budget and staff. Due to its business model, the company sends and receives a high volume of files every day through the preferred method defined by its customers. These include email, secure file transfers, and various cloud service providers. Which of the following would BEST reduce the risk of malware infection while meeting the company s resource requirements and maintaining its current workflow?
Risk Management Enterprise Security Operations
A company suspects a web server may have been infiltrated by a rival corporation. The security engineer reviews the web server logs and finds the following:

ls -l -a /usr/heinz/public; cat ./config/db.yml

The security engineer looks at the code with a developer, and they determine the log entry is created when the following line is run:

system ("ls -l -a #{path}")

Which of the following is an appropriate security control the company should implement?
Risk Management Enterprise Security Operations
A group of security consultants is conducting an assessment of a customer s network across multiple physical locations. To save time, the customer has allowed the consultants to install a single server inside the network perimeter. In addition to open-source intelligence gathering and social engineering, which of the following BEST describes the technique the consultants are employing?
Risk Management Enterprise Security Operations