Exam Logo

Comptia (CAS-003) Exam Questions And Answers page 9

A company is acquiring incident response and forensic assistance from a managed security service provider in the event of a data breach. The company has selected a partner and must now provide required documents to be reviewed and evaluated. Which of the following documents would BEST protect the company and ensure timely assistance? (Choose two.)
Enterprise Security Operations Enterprise Security Operations
A security administrator is updating corporate policies to respond to an incident involving collusion between two systems administrators that went undetected for more than six months.

Which of the following policies would have MOST likely uncovered the collusion sooner? (Choose two.)
Risk Management Enterprise Security Operations
An enterprise is trying to secure a specific web-based application by forcing the use of multifactor authentication. Currently, the enterprise cannot change the application s sign-in page to include an extra field. However, the web-based application supports SAML. Which of the following would BEST secure the application?
Enterprise Security Architecture Enterprise Security Operations
An administrator is working with management to develop policies related to the use of the cloud-based resources that contain corporate data. Management plans to require some control over organizational data stored on personal devices, such as tablets. Which of the following controls would BEST support management s policy?
Risk Management Enterprise Security Operations
A company has decided to move an ERP application to a public cloud vendor. The company wants to replicate some of its global policies from on premises to cloud. The policies include data encryption, token management, and limited user access to the ERP application. The Chief Information Officer (CIO) is mainly concerned about privileged accounts that might be compromised and used to alter data in the ERP application. Which of the following is the BEST option to meet the requirements?
Risk Management Enterprise Security Operations
A company wants to configure its wireless network to require username and password authentication. Which of the following should the system administrator implement?
Enterprise Security Operations Enterprise Security Operations
A security engineer is deploying an IdP to broker authentication between applications. These applications all utilize SAML 2.0 for authentication. Users log into the IdP with their credentials and are given a list of applications they may access. One of the application s authentications is not functional when a user initiates an authentication attempt from the IdP. The engineer modifies the configuration so users browse to the application first, which corrects the issue. Which of the following BEST describes the root cause?
Risk Management Enterprise Security Architecture
An internal staff member logs into an ERP platform and clicks on a record. The browser URL changes to:

URL: http://192.168.0.100/ERP/accountId=5&action=SELECT

Which of the following is the MOST likely vulnerability in this ERP platform?
Enterprise Security Operations Technical Integration of Enterprise Security
A company deploys a system to use device and user certificates for network authentication. Previously, the company only used separate certificates to send/receive encrypted email. Users have begun notifying the help desk because they cannot read encrypted email. Which of the following is the MOST likely cause of the issues?
Risk Management Enterprise Security Architecture
A security analyst is validating the MAC policy on a set of Android devices. The policy was written to ensure non-critical applications are unable to access certain resources. When reviewing dmesg, the analyst notes many entries, such as:


Despite the deny message, this action was still permitted. Which of the following is the MOST likely fix for this issue?
Enterprise Security Operations Enterprise Security Operations