CompTIA CAS-003 Online Practice Questions and Exam Preparation

CompTIA CAS-003 Online Questions & Answers

• Question 571:

  A security manager needed to protect a high-security data center, so the manager installed a mantrap that can detect an employee's heartbeat, weight, and badge. Which of the following did the security manager implement?

  A. A physical control
  B. A corrective control
  C. A compensating control
  D. A managerial control
  C. A compensating control

• Question 572:

  As a result of an acquisition, a new development team is being integrated into the company. The development team has BYOD laptops with IDEs installed, build servers, and code repositories that utilize SaaS. To have the team up and running effectively, a separate Internet connection has been procured. A stand up has identified the following additional requirements:

  1.

  Reuse of the existing network infrastructure

  2.

  Acceptable use policies to be enforced

  3.

  Protection of sensitive files

  4.

  Access to the corporate applications

  Which of the following solution components should be deployed to BEST meet the requirements? (Select three.)

  A. IPSec VPN
  B. HIDS
  C. Wireless controller
  D. Rights management
  E. SSL VPN
  F. NAC
  G. WAF
  H. Load balancer
  D. Rights management
  E. SSL VPN
  F. NAC

• Question 573:

  A new internal network segmentation solution will be implemented into the enterprise that consists of 200 internal firewalls. As part of running a pilot exercise, it was determined that it takes three changes to deploy a new application onto the network before it is operational. Security now has a significant effect on overall availability. Which of the following would be the FIRST process to perform as a result of these findings?

  A. Lower the SLA to a more tolerable level and perform a risk assessment to see if the solution could be met by another solution. Reuse the firewall infrastructure on other projects.
  B. Perform a cost benefit analysis and implement the solution as it stands as long as the risks are understood by the business owners around the availability issues. Decrease the current SLA expectations to match the new solution.
  C. Engage internal auditors to perform a review of the project to determine why and how the project did not meet the security requirements. As part of the review ask them to review the control effectiveness.
  D. Review to determine if control effectiveness is in line with the complexity of the solution. Determine if the requirements can be met with a simpler solution.
  D. Review to determine if control effectiveness is in line with the complexity of the solution. Determine if the requirements can be met with a simpler solution.

  ---

  Checking whether control effectiveness complies with the complexity of the solution and then determining if there is not an alternative simpler solution would be the first procedure to follow in the light of the findings.

• Question 574:

  The code snippet below controls all electronic door locks to a secure facility in which the doors should only fail open in an emergency. In the code, "criticalValue" indicates if an emergency is underway:

  

  Which of the following is the BEST course of action for a security analyst to recommend to the software developer?

  A. Rewrite the software to implement fine-grained, conditions-based testing
  B. Add additional exception handling logic to the main program to prevent doors from being opened
  C. Apply for a life-safety-based risk exception allowing secure doors to fail open
  D. Rewrite the software's exception handling routine to fail in a secure state
  B. Add additional exception handling logic to the main program to prevent doors from being opened

• Question 575:

  A company uses AD and RADIUS to authenticate VPN and WiFi connections The Chief Information Security Officer (CISO) initiates a project to extend a third-party MFA solution to VPN. During the pilot phase, VPN users successfully get an MFA challenge, however they also get the challenge when connecting to WiFi. which is not desirable Which of the following BEST explains why users are getting the MFA challenge when using WiFi?

  A. In the RADIUS server, the proxy rule has not specified the NAS-Port-Type attribute that should be matched
  B. In the firewall, in the AAA configuration the IP address of the third-party MFA solution needs to be set as a secondary RADIUS server
  C. In the third-party MFA solution authentication properties need to be configured to recognize WiFi authentication requests
  D. In the WiFi configuration authentication needs to be changed to WPA2 Enterprise using EAP-TLS to support the configuration
  A. In the RADIUS server, the proxy rule has not specified the NAS-Port-Type attribute that should be matched

• Question 576:

  A company is in the process of re-architecting its sensitive system infrastructure to take advantage of on-demand computing through a public cloud provider The system to be migrated is sensitive with respect to latency availability, and integrity The infrastructure team agreed to the following

  1.

  Application and middleware servers will migrate to the cloud"; Database servers will remain on-site

  2.

  Data backup wilt be stored in the cloud

  Which of the following solutions would ensure system and security requirements are met?

  A. Implement a direct connection from the company to the cloud provider
  B. Use a cloud orchestration tool and implement appropriate change control processes
  C. Implement a standby database on the cloud using a CASB for data-at-rest security
  D. Use multizone geographic distribution with satellite relays
  A. Implement a direct connection from the company to the cloud provider

• Question 577:

  Which of the following describes a risk and mitigation associated with cloud data storage?

  A. Risk: Shared hardware caused data leakage
  B. Mitigation: Strong encryption at rest
  C. Risk: Offsite replication Mitigation: Multi-site backups
  D. Risk: Data loss from de-duplication Mitigation: Dynamic host bus addressing
  E. Risk: Combined data archiving Mitigation: Two-factor administrator authentication
  A. Risk: Shared hardware caused data leakage

  ---

  With cloud data storage, the storage provider will have large enterprise SANs providing large pools of storage capacity. Portions of the storage pools are assigned to customers. The risk is that multiple customers are storing their data on the same physical hardware storage devices. This presents a risk (usually a very small risk, but a risk all the same) of other customers using the same cloud storage hardware being able to view your data.

  The mitigation of the risk is to encrypt your data stored on the SAN. Then the data would be unreadable even if another customer was able to access it.

• Question 578:

  After the departure of a developer under unpleasant circumstances, the company is concerned about the security of the software to which the developer has access. Which of the following is the BEST way to ensure security of the code following the incident?

  A. Hire an external red tem to conduct black box testing
  B. Conduct a peer review and cross reference the SRTM
  C. Perform white-box testing on all impacted finished products
  D. Perform regression testing and search for suspicious code
  D. Perform regression testing and search for suspicious code

• Question 579:

  An internal penetration tester was assessing a recruiting page for potential issues before it was pushed to the production website. The penetration tester discovers an issue that must be corrected before the page goes live. The web host administrator collects the log files below and gives them to the development team so improvements can be made to the security design of the website.

  

  Which of the following types of attack vector did the penetration tester use?

  A. SQL injection
  B. CSRF
  C. Brute force
  D. XSS
  E. TOC/TOU
  B. CSRF

• Question 580:

  A technician receives the following security alert from the firewall's automated system:

  

  After reviewing the alert, which of the following is the BEST analysis?

  A. This alert is false positive because DNS is a normal network function.
  B. This alert indicates a user was attempting to bypass security measures using dynamic DNS.
  C. This alert was generated by the SIEM because the user attempted too many invalid login attempts.
  D. This alert indicates an endpoint may be infected and is potentially contacting a suspect host.
  B. This alert indicates a user was attempting to bypass security measures using dynamic DNS.