Comptia (CAS-003) Exam Questions And Answers page 6
With which of the following departments should an engineer for a consulting firm coordinate when determining the control and reporting requirements for storage of sensitive, proprietary customer information?
Financial
Sales
Legal counsel
Risk Management
Risk Management
The government is concerned with remote military missions being negatively impacted by the use of technology that may fail to protect operational security. To remediate this concern, a number of solutions have been implemented, including the following:
• End-to-end encryption of all inbound and outbound communication, including personal email and chat sessions that allow soldiers to securely communicate with families.
• Layer 7 inspection and TCP/UDP port restriction, including firewall rules to only allow TCP port 80 and 443 and approved applications
• A host-based whitelist of approved websites and applications that only allow mission-related tools and sites
• The use of satellite communication to include multiple proxy servers to scramble the source IP address
Which of the following is of MOST concern in this scenario?
• End-to-end encryption of all inbound and outbound communication, including personal email and chat sessions that allow soldiers to securely communicate with families.
• Layer 7 inspection and TCP/UDP port restriction, including firewall rules to only allow TCP port 80 and 443 and approved applications
• A host-based whitelist of approved websites and applications that only allow mission-related tools and sites
• The use of satellite communication to include multiple proxy servers to scramble the source IP address
Which of the following is of MOST concern in this scenario?
The unsecure port 80 being used for general web traffic
Family members posting geotagged images on social media that were received via email from soldiers
The effect of communication latency that may negatively impact real-time communication with mission control
The use of centrally managed military network and computers by soldiers when communicating with external parties
Risk Management
Enterprise Security Architecture
The risk subcommittee of a corporate board typically maintains a master register of the most prominent risks to the company. A centralized holistic view of risk is particularly important to the corporate Chief Information Security Officer (CISO) because:
IT systems are maintained in silos to minimize interconnected risks and provide clear risk boundaries used to implement compensating controls
risks introduced by a system in one business unit can affect other business units in ways in which the individual business units have no awareness
corporate general counsel requires a single system boundary to determine overall corporate risk exposure
major risks identified by the subcommittee merit the prioritized allocation of scare funding to address cybersecurity concerns
Risk Management
Enterprise Security Operations
An external red team member conducts a penetration test, attempting to gain physical access to a large organization's server room in a branch office. During reconnaissance, the red team member sees a clearly marked door to the server room, located next to the lobby, with a tumbler lock.
Which of the following is BEST for the red team member to bring on site to open the locked door as quickly as possible without causing significant damage?
Which of the following is BEST for the red team member to bring on site to open the locked door as quickly as possible without causing significant damage?
Screwdriver set
Bump key
RFID duplicator
Rake picking
Risk Management
Enterprise Security Operations
A bank is initiating the process of acquiring another smaller bank. Before negotiations happen between the organizations, which of the following business documents would be used as the FIRST step in the process?
BPA
NDA
MOU
OLA
Risk Management
Enterprise Security Architecture
A company monitors the performance of all web servers using WMI. A network administrator informs the security engineer that web servers hosting the company s client-facing portal are running slowly today. After some investigation, the security engineer notices a large number of attempts at enumerating host information via SNMP from multiple IP addresses. Which of the following would be the BEST technique for the security engineer to employ in an attempt to prevent reconnaissance activity?
Install a HIPS on the web servers
Disable inbound traffic from offending sources
Disable SNMP on the web servers
Install anti-DDoS protection in the DMZ
Enterprise Security Architecture
Enterprise Security Operations
A software development team has spent the last 18 months developing a new web-based front-end that will allow clients to check the status of their orders as they proceed through manufacturing. The marketing team schedules a launch party to present the new application to the client base in two weeks. Before the launch, the security team discovers numerous flaws that may introduce dangerous vulnerabilities, allowing direct access to a database used by manufacturing. The development team did not plan to remediate these vulnerabilities during development. Which of the following SDLC best practices should the development team have followed?
Implementing regression testing
Completing user acceptance testing
Verifying system design documentation
Using a SRTM
Risk Management
Enterprise Security Operations
An engineer is reviewing the security architecture for an enterprise network. During the review, the engineer notices an undocumented node on the network. Which of the following approaches can be utilized to determine how this node operates? (Choose two.)
Use reverse engineering and techniques
Assess the node within a continuous integration environment
Employ a static code analyzer
Review network and traffic logs
Use a penetration testing framework to analyze the node
Analyze the output of a ping sweep
Enterprise Security Architecture
Enterprise Security Operations
A security administrator is concerned about the increasing number of users who click on malicious links contained within phishing emails. Although the company has implemented a process to block these links at the network perimeter, many accounts are still becoming compromised. Which of the following should be implemented for further reduce the number of account compromises caused by remote users who click these links?
Anti-spam gateways
Security awareness training
URL rewriting
Internal phishing campaign
Risk Management
Enterprise Security Operations
A security analyst is attempting to break into a client s secure network. The analyst was not given prior information about the client, except for a block of public IP addresses that are currently in use.
After network enumeration, the analyst s NEXT step is to perform:
After network enumeration, the analyst s NEXT step is to perform:
a gray-box penetration test
a risk analysis
a vulnerability assessment
an external security audit
a red team exercise
Risk Management
Enterprise Security Operations
Comments