A company uses an enterprise desktop imaging solution to manage deployment of its desktop computers. Desktop computer users are only permitted to use software that is part of the baseline image. Which of the following technical solutions was MOST likely deployed by the company to ensure only known-good software can be installed on corporate desktops?
A. Network access control
B. Configuration Manager
C. Application whitelisting
D. File integrity checks
A company recently experienced a security incident in which its domain controllers were the target of a DoS attack. In which of the following steps should technicians connect domain controllers to the network and begin authenticating users again?
A. Preparation
B. Identification
C. Containment
D. Eradication
E. Recovery
F. Lessons learned
A security architect has designated that a server segment of an enterprise network will require each server to have secure and measured boot capabilities. The architect now wishes to ensure service consumers and peers can verify the integrity of hosted services. Which of the following capabilities must the architect consider for enabling the verification?
A. Centralized attestation server
B. Enterprise HSM
C. vTPM
D. SIEM
A systems analyst is concerned that the current authentication system may not provide the appropriate level of security. The company has integrated WAYF within its federation system and implemented a mandatory two-step authentication system. Some accounts are still becoming compromised via phishing attacks that redirect users to a fake portal, which is automatically collecting and replaying the stolen credentials. Which of the following is a technical solution that would BEST reduce the risk of similar compromises?
A. Security awareness training
B. Push-based authentication
C. Software-based TOTP
D. OAuth tokens
E. Shibboleth
A newly hired Chief Information Security Officer (CISO) wants to understand how the organization's CIRT handles issues brought to their attention, but needs to be very cautious about impacting any systems. The MOST appropriate method to use would be:
A. an internal vulnerability assessment.
B. a red-team threat-hunt exercise.
C. a white-box penetration test.
D. a guided tabletop exercise.
A systems administrator has deployed the latest patches for Windows-based machines. However, the users on the network are experiencing exploits from various threat actors, which the patches should have corrected. Which of the following is the MOST likely scenario?
A. The machines were infected with malware.
B. The users did not reboot the computer after the patches were deployed.
C. The systems administrator used invalid credentials to deploy the patches.
D. The patches were deployed on non-Windows-based machines.
A cybersecurity consulting company supports a diverse customer base. Which of the following types of constraints is MOST important for the consultancy to consider when advising a regional healthcare provider versus a global conglomerate?
A. Return on investment
B. Regulatory standards
C. Pre-existing service agreements
D. Insider threats
After an employee was terminated, the company discovered the employee still had access to emails and attached content that should have been destroyed during the off-boarding. The employee's laptop and cell phone were confiscated and accounts were disabled promptly. Forensic investigation suggests the company's DLP was effective, and the content in question was not sent outside of work or transferred to removable media. Personality owned devices are not permitted to access company systems or information.
Which of the following would be the MOST efficient control to prevent this from occurring in the future?
A. Install application whitelist on mobile devices.
B. Disallow side loading of applications on mobile devices.
C. Restrict access to company systems to expected times of day and geographic locations.
D. Prevent backup of mobile devices to personally owned computers.
E. Perform unannounced insider threat testing on high-risk employees.
During a recent incident, sensitive data was disclosed and subsequently destroyed through a properly secured, cloud-based storage platform. An incident response technician is working with management to develop an after action report that conveys critical metrics regarding the incident.
Which of the following would be MOST important to senior leadership to determine the impact of the breach?
A. The likely per-record cost of the breach to the organization
B. The legal or regulatory exposure that exists due to the breach
C. The amount of downtime required to restore the data
D. The number of records compromised
A company uses an application in its warehouse that works with several commercially available tablets and can only be accessed inside the warehouse. The support department would like the selection of tablets to be limited to three models to provide better support and ensure spares are on hand. Users often keep the tablets after they leave the department, as many of them store personal media items.
Which of the following should the security engineer recommend to meet these requirements?
A. COPE with geofencing
B. BYOD with containerization
C. MDM with remote wipe
D. CYOD with VPN
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-003 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.