CompTIA CAS-003 Online Practice Questions and Exam Preparation

CompTIA CAS-003 Online Questions & Answers

• Question 451:

  A critical system audit shows that the payroll system is not meeting security policy due to missing OS security patches. Upon further review, it appears that the system is not being patched at all. The vendor states that the system is only supported on the current OS patch level. Which of the following compensating controls should be used to mitigate the vulnerability of missing OS patches on this system?

  A. Isolate the system on a secure network to limit its contact with other systems
  B. Implement an application layer firewall to protect the payroll system interface
  C. Monitor the system's security log for unauthorized access to the payroll application
  D. Perform reconciliation of all payroll transactions on a daily basis
  A. Isolate the system on a secure network to limit its contact with other systems

  ---

  The payroll system is not meeting security policy due to missing OS security patches. We cannot apply the patches to the system because the vendor states that the system is only supported on the current OS patch level. Therefore, we need another way of securing the system.

  We can improve the security of the system and the other systems on the network by isolating the payroll system on a secure network to limit its contact with other systems. This will reduce the likelihood of a malicious user accessing the payroll system and limit any damage to other systems if the payroll system is attacked.

• Question 452:

  An employee decides to log into an authorized system The system does not prompt the employee for authentication prior to granting access to the console, and it cannot authenticate the network resources. Which of the following attack types can this lead to if it is not mitigated?

  A. Memory leak
  B. Race condition
  C. Smurf
  D. Deadlock
  C. Smurf

  ---

  Reference: https://www imperva com/learn/ddos/smurf-attack-ddos/

• Question 453:

  A software company is releasing a new mobile application to a broad set of external customers. Because the software company is rapidly releasing new features, it has built in an over-the-air software update process that can automatically update the application at launch time. Which of the following security controls should be recommended by the company's security architect to protect the integrity of the update process? (Choose two.)

  A. Validate cryptographic signatures applied to software updates
  B. Perform certificate pinning of the associated code signing key
  C. Require HTTPS connections for downloads of software updates
  D. Ensure there are multiple download mirrors for availability
  E. Enforce a click-through process with user opt-in for new features
  A. Validate cryptographic signatures applied to software updates
  B. Perform certificate pinning of the associated code signing key

• Question 454:

  At a meeting, the systems administrator states the security controls a company wishes to implement seem excessive, since all of the information on the company's web servers can be obtained publicly and is not proprietary in any way. The next day the company's website is defaced as part of an SQL injection attack, and the company receives press inquiries about the message the attackers displayed on the website.

  Which of the following is the FIRST action the company should take?

  A. Refer to and follow procedures from the company's incident response plan.
  B. Call a press conference to explain that the company has been hacked.
  C. Establish chain of custody for all systems to which the systems administrator has access.
  D. Conduct a detailed forensic analysis of the compromised system.
  E. Inform the communications and marketing department of the attack details.
  A. Refer to and follow procedures from the company's incident response plan.

• Question 455:

  A vulnerability was recently announced that allows a malicious user to gain root privileges on other virtual machines running within the same hardware cluster. Customers of which of the following cloud-based solutions should be MOST concerned about this vulnerability?

  A. Single-tenant private cloud
  B. Multitenant SaaS cloud
  C. Single-tenant hybrid cloud
  D. Multitenant IaaS cloud
  E. Multitenant PaaS cloud
  F. Single-tenant public cloud
  E. Multitenant PaaS cloud

• Question 456:

  The Chief Information Officer (CIO) has been asked to develop a security dashboard with the relevant metrics. The board of directors will use the dashboard to monitor and track the overall security posture of the organization. The CIO produces a basic report containing both KPI and KRI data in two separate sections for the board to review.

  Which of the following BEST meets the needs of the board?

  A. KRI:- Compliance with regulations- Backlog of unresolved security investigations- Severity of threats and vulnerabilities reported by sensors- Time to patch critical issues on a monthly basisKPI:- Time to resolve open security items- % of suppliers with approved security control frameworks- EDR coverage across the fleet- Threat landscape rating
  B. KRI:- EDR coverage across the fleet- Backlog of unresolved security investigations- Time to patch critical issues on a monthly basis- Threat landscape ratingKPI:- Time to resolve open security items- Compliance with regulations- % of suppliers with approved security control frameworks- Severity of threats and vulnerabilities reported by sensors
  C. KRI:- EDR coverage across the fleet- % of suppliers with approved security control framework- Backlog of unresolved security investigations- Threat landscape ratingKPI:- Time to resolve open security items- Compliance with regulations-Time to patch critical issues on a monthly basis- Severity of threats and vulnerabilities reported by sensors
  D. KPI:- Compliance with regulations- % of suppliers with approved security control frameworks- Severity of threats and vulnerabilities reported by sensors- Threat landscape ratingKRI:- Time to resolve open security items- Backlog of unresolved security investigations- EDR coverage across the fleet- Time to patch critical issues on a monthly basis
  A. KRI:- Compliance with regulations- Backlog of unresolved security investigations- Severity of threats and vulnerabilities reported by sensors- Time to patch critical issues on a monthly basisKPI:- Time to resolve open security items- % of suppliers with approved security control frameworks- EDR coverage across the fleet- Threat landscape rating

• Question 457:

  A security architect is implementing security measures in response to an external audit that found vulnerabilities in the corporate collaboration tool suite. The report identified the lack of any mechanism to provide confidentiality for electronic correspondence between users and between users and group mailboxes. Which of the following controls would BEST mitigate the identified vulnerability?

  A. Issue digital certificates to all users, including owners of group mailboxes, and enable S/MIME
  B. Federate with an existing PKI provider, and reject all non-signed emails
  C. Implement two-factor email authentication, and require users to hash all email messages upon receipt
  D. Provide digital certificates to all systems, and eliminate the user group or shared mailboxes
  A. Issue digital certificates to all users, including owners of group mailboxes, and enable S/MIME

• Question 458:

  A security analyst who is concerned about sensitive data exfiltration reviews the following:

  

  Which of the following tools would allow the analyst to confirm if data exfiltration is occuring?

  A. Port scanner
  B. SCAP tool
  C. File integrity monitor
  D. Protocol analyzer
  D. Protocol analyzer

• Question 459:

  As part of the development process for a new system, the organization plans to perform requirements analysis and risk assessment. The new system will replace a legacy system, which the organization has used to perform data analytics. Which of the following is MOST likely to be part of the activities conducted by management during this phase of the project?

  A. Static code analysis and peer review of all application code
  B. Validation of expectations relating to system performance and security
  C. Load testing the system to ensure response times is acceptable to stakeholders
  D. Design reviews and user acceptance testing to ensure the system has been deployed properly
  E. Regression testing to evaluate interoperability with the legacy system during the deployment
  C. Load testing the system to ensure response times is acceptable to stakeholders

• Question 460:

  Providers at a healthcare system with many geographically dispersed clinics have been fined five times this year after an auditor received notice of the following SMS messages: Which of the following represents the BEST solution for preventing future fines?

  

  A. Implement a secure text-messaging application for mobile devices and workstations.
  B. Write a policy requiring this information to be given over the phone only.
  C. Provide a courier service to deliver sealed documents containing public health informatics.
  D. Implement FTP services between clinics to transmit text documents with the information.
  E. Implement a system that will tokenize patient numbers.
  A. Implement a secure text-messaging application for mobile devices and workstations.