Exam Logo

Comptia (CAS-003) Exam Questions And Answers page 7

A line-of-business manager has decided, in conjunction with the IT and legal departments, that outsourcing a specific function to a third-party vendor would be the best course of action for the business to increase efficiency and profit. Which of the following should the Chief Security Officer (CSO) perform before signing off on the third-party vendor?
Enterprise Security Architecture Enterprise Security Operations
After analyzing code, two developers at a company bring these samples to the security operations manager:


Which of the following would BEST solve these coding problems?
Risk Management Enterprise Security Operations
An internal application has been developed to increase the efficiency of an operational process of a global manufacturer. New code was implemented to fix a security bug, but it has caused operations to halt. The executive team has decided fixing the security bug is less important than continuing operations.

Which of the following would BEST support immediate rollback of the failed fix? (Choose two.)
Enterprise Security Operations Enterprise Security Operations
A network engineer is concerned about hosting web, SFTP, and email services in a single DMZ that is hosted in the same security zone. This could potentially allow lateral movement within the environment. Which of the following should the engineer implement to mitigate the risk?
Risk Management Enterprise Security Operations
A penetration tester has been contracted to conduct a physical assessment of a site. Which of the following is the MOST plausible method of social engineering to be conducted during this engagement?
Risk Management Enterprise Security Operations
A network printer needs Internet access to function. Corporate policy states all devices allowed on the network must be authenticated. Which of the following is the MOST secure method to allow the printer on the network without violating policy?
Risk Management Enterprise Security Operations
After investigating virus outbreaks that have cost the company $1000 per incident, the company s Chief Information Security Officer (CISO) has been researching new antivirus software solutions to use and be fully supported for the next two years. The CISO has narrowed down the potential solutions to four candidates that meet all the company s performance and capability requirements:


Using the table above, which of the following would be the BEST business-driven choice among the five possible solutions?
Risk Management Enterprise Security Architecture
Following a recent outage, a systems administrator is conducting a study to determine a suitable bench stock on server hard drives.

Which of the following metrics is MOST valuable to the administrator in determining how many hard drives to keep-on hand?
Risk Management Enterprise Security Operations
An information security manager conducted a gap analysis, which revealed a 75% implementation of security controls for high-risk vulnerabilities, 90% for medium vulnerabilities, and 10% for low-risk vulnerabilities. To create a road map to close the identified gaps, the assurance team reviewed the likelihood of exploitation of each vulnerability and the business impact of each associated control. To determine which controls to implement, which of the following is the MOST important to consider?
Risk Management Enterprise Security Operations
A product manager is concerned about the unintentional sharing of the company s intellectual property through employees use of social media. Which of the following would BEST mitigate this risk?
Risk Management Enterprise Security Architecture