Comptia (CAS-003) Exam Questions And Answers page 34
The Chief Information Security Officer (CISO) of a small, local bank has a compliance requirement that a third-party penetration test of the core banking application must be conducted annually. Which of the following services would fulfill the compliance requirement with the LOWEST resource usage?
Gray-box testing
Red-team hunting
White-box testing
Blue-team exercises
Risk Management
Enterprise Security Operations
After significant vulnerabilities and misconfigurations were found in numerous production web applications, a security manager identified the need to implement better development controls.
Which of the following controls should be verified? (Choose two.)
Which of the following controls should be verified? (Choose two.)
Input validation routines are enforced on the server side.
Operating systems do not permit null sessions.
Systems administrators receive application security training.
VPN connections are terminated after a defined period of time.
Error-handling logic fails securely.
OCSP calls are handled effectively.
Enterprise Security Operations
Enterprise Security Operations
An information security manager is concerned that connectivity used to configure and troubleshoot critical network devices could be attacked. The manager has tasked a network security engineer with meeting the following requirements:
• Encrypt all traffic between the network engineer and critical devices.
• Segregate the different networking planes as much as possible.
• Do not let access ports impact configuration tasks.
Which of the following would be the BEST recommendation for the network security engineer to present?
• Encrypt all traffic between the network engineer and critical devices.
• Segregate the different networking planes as much as possible.
• Do not let access ports impact configuration tasks.
Which of the following would be the BEST recommendation for the network security engineer to present?
Deploy control plane protections.
Use SSH over out-of-band management.
Force only TACACS to be allowed.
Require the use of certificates for AAA.
Risk Management
Enterprise Security Operations
A security engineer is employed by a hospital that was recently purchased by a corporation. Throughout the acquisition process, all data on the virtualized file servers must be shared by departments within both organizations. The security engineer considers data ownership to determine:
the amount of data to be moved.
the frequency of data backups.
which users will have access to which data
when the file server will be decommissioned
Risk Management
Enterprise Security Operations
To prepare for an upcoming audit, the Chief Information Security Officer (CISO) asks for all 1200 vulnerabilities on production servers to be remediated. The security engineer must determine which vulnerabilities represent real threats that can be exploited so resources can be prioritized to migrate the most dangerous risks. The CISO wants the security engineer to act in the same manner as would an external threat, while using vulnerability scan results to prioritize any actions. Which of the following approaches is described?
Blue team
Red team
Black box
White team
Risk Management
Enterprise Security Operations
A project manager is working with a software development group to collect and evaluate user stories related to the organization s internally designed CRM tool. After defining requirements, the project manager would like to validate the developer s interpretation and understanding of the user s request. Which of the following would BEST support this objective?
Peer review
Design review
Scrum
User acceptance testing
Unit testing
Risk Management
Enterprise Security Operations
A company has decided to replace all the T-1 uplinks at each regional office and move away from using the existing MPLS network. All regional sites will use high-speed connections and VPNs to connect back to the main campus. Which of the following devices would MOST likely be added at each location?
SIEM
IDS/IPS
Proxy server
Firewall
Router
Enterprise Security Operations
Enterprise Security Operations
The audit team was only provided the physical and logical addresses of the network without any type of access credentials.
Which of the following methods should the audit team use to gain initial access during the security assessment? (Choose two.)
Which of the following methods should the audit team use to gain initial access during the security assessment? (Choose two.)
Reconnaissance
Tabletop exercise
Social engineering
Runtime debugging
Code review
Remote access tool
Enterprise Security Operations
Technical Integration of Enterprise Security
What is the example of the given code snippet?
Single Choice
Given the following code snippet:
Of which of the following is this snippet an example?
Of which of the following is this snippet an example?
Data execution prevention
Buffer overflow
Failure to use standard libraries
Improper filed usage
Input validation
Risk Management
Enterprise Security Operations
A Chief Information Security Officer (CISO) is working with a consultant to perform a gap assessment prior to an upcoming audit. It is determined during the assessment that the organization lacks controls to effectively assess regulatory compliance by third-party service providers. Which of the following should be revised to address this gap?
Privacy policy
Work breakdown structure
Incident response plan
Vendor management plan
Audit report
Risk Management
Enterprise Security Operations
Comments