Exam Logo

Comptia (CAS-003) Exam Questions And Answers page 40

A systems administrator receives an advisory email that a recently discovered exploit is being used in another country and the financial institutions have ceased operations while they find a way to respond to the attack. Which of the following BEST describes where the administrator should look to find information on the attack to determine if a response must be prepared for the systems? (Choose two.)
Risk Management Enterprise Security Operations
A security analyst has requested network engineers integrate sFlow into the SOC s overall monitoring picture. For this to be a useful addition to the monitoring capabilities, which of the following must be considered by the engineering team?
Enterprise Security Operations Technical Integration of Enterprise Security
A systems administrator has deployed the latest patches for Windows-based machines. However, the users on the network are experiencing exploits from various threat actors, which the patches should have corrected. Which of the following is the MOST likely scenario?
Risk Management Enterprise Security Operations
A company has gone through a round of phishing attacks. More than 200 users have had their workstation infected because they clicked on a link in an email. An incident analysis has determined an executable ran and compromised the administrator account on each workstation. Management is demanding the information security team prevent this from happening again.

Which of the following would BEST prevent this from happening again?
Risk Management Enterprise Security Operations
A security engineer at a company is designing a system to mitigate recent setbacks caused by competitors that are beating the company to market with new products. Several of the products incorporate proprietary enhancements developed by the engineer s company. The network already includes a SIEM and a NIPS and requires 2FA for all user access. Which of the following systems should the engineer consider NEXT to mitigate the associated risks?
Risk Management Enterprise Security Operations
Following a merger, the number of remote sites for a company has doubled to 52. The company has decided to secure each remote site with an NGFW to provide web filtering, NIDS/NIPS, and network antivirus. The Chief Information Officer (CIO) has requested that the security engineer provide recommendations on sizing for the firewall with the requirements that it be easy to manage and provide capacity for growth.

The tables below provide information on a subset of remote sites and the firewall options:

Which of the following would be the BEST option to recommend to the CIO?
Risk Management Enterprise Security Operations
A company provides guest WiFi access to the Internet and physically separates the guest network from the company s internal WiFi. Due to a recent incident in which an attacker gained access to the company s internal WiFi, the company plans to configure WPA2 Enterprise in an EAP-TLS configuration. Which of the following must be installed on authorized hosts for this new configuration to work properly?
Risk Management Enterprise Security Operations
A security engineer is assessing a new IoT product. The product interfaces with the ODBII port of a vehicle and uses a Bluetooth connection to relay data to an onboard data logger located in the vehicle. The data logger can only transfer data over a custom USB cable. The engineer suspects a replay attack is possible against the cryptographic implementation used to secure messages between segments of the system. Which of the following tools should the engineer use to confirm the analysis?
Enterprise Security Architecture Enterprise Security Operations
A company is migrating systems from an on-premises facility to a third-party managed datacenter. For continuity of operations and business agility, remote access to all hardware platforms must be available at all times. Access controls need to be very robust and provide an audit trail. Which of the following security controls will meet the company s objectives? (Choose two.)
Risk Management Enterprise Security Operations
A security administrator wants to stand up a NIPS that is multilayered and can incorporate many security technologies into a single platform. The product should have diverse capabilities, such as antivirus, VPN, and firewall services, and be able to be updated in a timely manner to meet evolving threats. Which of the following network prevention system types can be used to satisfy the requirements?
Enterprise Security Architecture Enterprise Security Operations