CompTIA CompTIA Certifications CAS-003 Questions & Answers

• Question 501:

  A security administrator is troubleshooting RADIUS authentication issues from a newly implemented controller-based wireless deployment. The RADIUS server contains the following information in its logs:

  

  Based on this information, the administrator reconfigures the RADIUS server, which results in the following log data:

  

  To correct this error message, the administrator makes an additional change to the RADIUS server. Which of the following did the administrator reconfigure on the RADIUS server? (Select TWO)

  A. Added the controller address as an authorized client

  B. Registered the RADIUS server to the wireless controller

  C. Corrected a mismatched shared secret

  D. Renewed the expired client certificate

  E. Reassigned the RADIUS policy to the controller

  F. Modified the client authentication method

  Correct Answer: AC

• Question 502:

  A technician is configuring security options on the mobile device manager for users who often utilize public Internet connections while travelling. After ensuring that full disk encryption is enabled, which of the following security measures should the technician take? (Choose two.)

  A. Require all mobile device backups to be encrypted

  B. Ensure all mobile devices back up using USB OTG

  C. Issue a remote wipe of corporate and personal partitions

  D. Restrict devices from making long-distance calls during business hours

  E. Implement an always-on VPN

  Correct Answer: CE

• Question 503:

  A SaaS-based email service provider often receives reports from legitimate customers that their IP netblocks are on blacklists and they cannot send email. The SaaS has confirmed that affected customers typically have IP addresses within broader network ranges and some abusive customers within the same IP ranges may have performed spam campaigns. Which of the following actions should the SaaS provider perform to minimize legitimate customer impact?

  A. Inform the customer that the service provider does not have any control over third-party blacklist entries. The customer should reach out to the blacklist operator directly

  B. Perform a takedown of any customer accounts that have entries on email blacklists because this is a strong indicator of hostile behavior

  C. Work with the legal department and threaten legal action against the blacklist operator if the netblocks are not removed because this is affecting legitimate traffic

  D. Establish relationship with a blacklist operators so broad entries can be replaced with more granular entries and incorrect entries can be quickly pruned

  Correct Answer: D

• Question 504:

  An organization is engaged in international business operations and is required to comply with various legal frameworks. In addition to changes in legal frameworks, which of the following is a primary purpose of a compliance management program?

  A. Following new requirements that result from contractual obligations

  B. Answering requests from auditors that relate to e-discovery

  C. Responding to changes in regulatory requirements

  D. Developing organizational policies that relate to hiring and termination procedures

  Correct Answer: C

• Question 505:

  A web developer has implemented HTML5 optimizations into a legacy web application. One of the modifications the web developer made was the following client side optimization:

  localStorage.setItem("session-cookie", document.cookie);

  Which of the following should the security engineer recommend?

  A. SessionStorage should be used so authorized cookies expire after the session ends

  B. Cookies should be marked as "secure" and "HttpOnly"

  C. Cookies should be scoped to a relevant domain/path

  D. Client-side cookies should be replaced by server-side mechanisms

  Correct Answer: C

• Question 506:

  A security architect has been assigned to a new digital transformation program. The objectives are to provide better capabilities to customers and reduce costs. The program has highlighted the following requirements:

  Long-lived sessions are required, as users do not log in very often.

  The solution has multiple SPs, which include mobile and web applications.

  A centralized IdP is utilized for all customer digital channels.

  The applications provide different functionality types such as forums and customer portals.

  The user experience needs to be the same across both mobile and web-based applications.

  Which of the following would BEST improve security while meeting these requirements?

  A. Social login to IdP, securely store the session cookies, and implement one-time passwords sent to the mobile device

  B. Create-based authentication to IdP, securely store access tokens, and implement secure push notifications.

  C. Username and password authentication to IdP, securely store refresh tokens, and implement context-aware authentication.

  D. Username and password authentication to SP, securely store Java web tokens, and implement SMS OTPs.

  Correct Answer: A

• Question 507:

  During the decommissioning phase of a hardware project, a security administrator is tasked with ensuring no sensitive data is released inadvertently. All paper records are scheduled to be shredded in a crosscut shredded, and the waste will be burned. The system drives and removable media have been removed prior to e-cycling the hardware.

  Which of the following would ensure no data is recovered from the system droves once they are disposed of?

  A. Overwriting all HDD blocks with an alternating series of data.

  B. Physically disabling the HDDs by removing the dive head.

  C. Demagnetizing the hard drive using a degausser.

  D. Deleting the UEFI boot loaders from each HDD.

  Correct Answer: C

• Question 508:

  Within the past six months, a company has experienced a series of attacks directed at various collaboration tools. Additionally, sensitive information was compromised during a recent security breach of a remote access session from an unsecure site. As a result, the company is requiring all collaboration tools to comply with the following:

  Secure messaging between internal users using digital signatures Secure sites for video-conferencing sessions Presence information for all office employees Restriction of certain types of messages to be allowed into the network.

  Which of the following applications must be configured to meet the new requirements? (Select TWO.)

  A. Remote desktop

  B. VoIP

  C. Remote assistance

  D. Email

  E. Instant messaging

  F. Social media websites

  Correct Answer: BE

• Question 509:

  To prepare for an upcoming audit, the Chief Information Security Officer (CISO) asks for all 1200 vulnerabilities on production servers to be remediated. The security engineer must determine which vulnerabilities represent real threats that can be exploited so resources can be prioritized to migrate the most dangerous risks. The CISO wants the security engineer to act in the same manner as would an external threat, while using vulnerability scan results to prioritize any actions.

  Which of the following approaches is described?

  A. Blue team

  B. Red team

  C. Black box

  D. White team

  Correct Answer: C

• Question 510:

  A team is at the beginning stages of designing a new enterprise-wide application. The new application will have a large database and require a capital investment in hardware. The Chief Information Officer (IO) has directed the team to save money and reduce the reliance on the datacenter, and the vendor must specialize in hosting large databases in the cloud. Which of the following cloud-hosting options would BEST meet these needs?

  A. Multi-tenancy SaaS

  B. Hybrid IaaS

  C. Single-tenancy PaaS

  D. Community IaaS

  Correct Answer: C