Exam Logo

Comptia (CAS-003) Exam Questions And Answers page 39

The Chief Information Security Officer (CISO) developed a robust plan to address both internal and external vulnerabilities due to an increase in ransomware attacks on the network. However, the number of successful attacks continues to increase. Which of the following is the MOST likely failure?
Risk Management Enterprise Security Operations
A firewall specialist has been newly assigned to participate in red team exercises and needs to ensure the skills represent real-world threats.

Which of the following would be the BEST choice to help the new team member learn bleeding-edge techniques?
Enterprise Security Operations Enterprise Security Operations
A company recently experienced a security incident in which its domain controllers were the target of a DoS attack. In which of the following steps should technicians connect domain controllers to the network and begin authenticating users again?
Risk Management Enterprise Security Operations
A security engineer is performing an assessment again for a company. The security engineer examines the following output from the review:


Which of the following tools is the engineer utilizing to perform this assessment?
Enterprise Security Operations Enterprise Security Operations
After embracing a BYOD policy, a company is faced with new security challenges from unmanaged mobile devices and laptops. The company s IT department has seen a large number of the following incidents:

• Duplicate IP addresses
• Rogue network devices
• Infected systems probing the company s network

Which of the following should be implemented to remediate the above issues? (Choose two.)
Enterprise Security Operations Technical Integration of Enterprise Security
A systems administrator at a medical imaging company discovers protected health information (PHI) on a general-purpose file server. Which of the following steps should the administrator take NEXT?
Risk Management Enterprise Security Operations
A company wants to implement a cloud-based security solution that will sinkhole malicious DNS requests. The security administrator has implemented technical controls to direct DNS requests to the cloud servers but wants to extend the solution to all managed and unmanaged endpoints that may have user-defined DNS manual settings. Which of the following should the security administrator implement to ensure the solution will protect all connected devices?
Enterprise Security Operations Enterprise Security Operations
A security engineer successfully exploits an application during a penetration test. As proof of the exploit, the security engineer takes screenshots of how data was compromised in the application. Given the information below from the screenshot.


Which of the following tools was MOST likely used to exploit the application?
Risk Management Enterprise Security Operations
A penetration tester is trying to gain access to a remote system. The tester is able to see the secure login page and knows one user account and email address, but has not yet discovered a password.

Which of the following would be the EASIEST method of obtaining a password for the known account?
Risk Management Enterprise Security Operations
A vulnerability was recently announced that allows a malicious user to gain root privileges on other virtual machines running within the same hardware cluster. Customers of which of the following cloud-based solutions should be MOST concerned about this vulnerability?
Enterprise Security Operations Enterprise Security Operations