CompTIA CAS-003 Online Practice Questions and Exam Preparation

CompTIA CAS-003 Online Questions & Answers

• Question 631:

  A security architect is reviewing the code for a company's financial website. The architect suggests adding the following HTML element, along with a server-side function, to generate a random number on the page used to initiate a funds transfer:

  Which of the following attacks is the security architect attempting to prevent?

  A. SQL injection
  B. XSRF
  C. XSS
  D. Clickjacking
  B. XSRF

• Question 632:

  An organization is reviewing endpoint security solutions. In evaluating products, the organization has the following requirements:

  Support server, laptop, and desktop infrastructure Due to limited security resources, implement active protection capabilities Provide users with the ability to self-service classify information and apply policies Protect data-at-rest and data-in-use

  Which of the following endpoint capabilities would BEST meet the above requirements? (Select two.)

  A. Data loss prevention
  B. Application whitelisting
  C. Endpoint detect and respond
  D. Rights management
  E. Log monitoring
  F. Antivirus
  C. Endpoint detect and respond
  F. Antivirus

• Question 633:

  A web developer has implemented HTML5 optimizations into a legacy web application. One of the modifications the web developer made was the following client side optimization:

  localStorage.setItem("session-cookie", document.cookie);

  Which of the following should the security engineer recommend?

  A. SessionStorage should be used so authorized cookies expire after the session ends
  B. Cookies should be marked as "secure" and "HttpOnly"
  C. Cookies should be scoped to a relevant domain/path
  D. Client-side cookies should be replaced by server-side mechanisms
  C. Cookies should be scoped to a relevant domain/path

• Question 634:

  A security architect is determining the best solution for a new project. The project is developing a new intranet with advanced authentication capabilities, SSO for users, and automated provisioning to streamline Day 1 access to systems. The security architect has identified the following requirements:

  1.

  Information should be sourced from the trusted master data source.

  2.

  There must be future requirements for identity proofing of devices and users.

  3.

  A generic identity connector that can be reused must be developed.

  4.

  The current project scope is for internally hosted applications only.

  Which of the following solution building blocks should the security architect use to BEST meet the requirements?

  A. LDAP, multifactor authentication, oAuth, XACML
  B. AD, certificate-based authentication, Kerberos, SPML
  C. SAML, context-aware authentication, oAuth, WAYF
  D. NAC, radius, 802.1x, centralized active directory
  A. LDAP, multifactor authentication, oAuth, XACML

• Question 635:

  A security administrator is assessing a new application. The application uses an API that is supposed to encrypt text strings that are stored in memory. How might the administrator test that the strings are indeed encrypted in memory?

  A. Use fuzzing techniques to examine application inputs
  B. Run nmap to attach to application memory
  C. Use a packet analyzer to inspect the strings
  D. Initiate a core dump of the application
  E. Use an HTTP interceptor to capture the text strings
  D. Initiate a core dump of the application

  ---

  Applications store information in memory and this information include sensitive data, passwords, and usernames and encryption keys. Conducting memory/core dumping will allow you to analyze the memory content and then you can test that the strings are indeed encrypted.

• Question 636:

  There have been some failures of the company's internal facing website. A security engineer has found the WAF to be the root cause of the failures. System logs show that the WAF has been unavailable for 14 hours over the past month, in four separate situations. One of these situations was a two hour scheduled maintenance time, aimed at improving the stability of the WAF. Using the MTTR based on the last month's performance figures, which of the following calculations is the percentage of uptime assuming there were 722 hours in the month?

  A. 92.24 percent
  B. 98.06 percent
  C. 98.34 percent
  D. 99.72 percent
  B. 98.06 percent

  ---

  A web application firewall (WAF) is an appliance, server plugin, or filter that applies a set of rules to an HTTP conversation. Generally, these rules cover common attacks such as cross-site scripting (XSS) and SQL injection. By customizing

  the rules to your application, many attacks can be identified and blocked.

  14h of down time in a period of 772 supposed uptime = 14/772 x 100 = 1.939 %

  Thus the % of uptime = 100% - 1.939% = 98.06%

  References:

  Gregg, Michael, and Billy Haines, CASP CompTIA Advanced Security Practitioner Study Guide, John Wiley and Sons, Indianapolis, 2012, pp. 43, 116

• Question 637:

  A company has adopted and established a continuous-monitoring capability, which has proven to be effective in vulnerability management, diagnostics, and mitigation. The company wants to increase the likelihood that it is able to discover and therefore respond to emerging threats earlier in the life cycle.

  Which of the following methodologies would BEST help the company to meet this objective? (Choose two.)

  A. Install and configure an IPS.
  B. Enforce routine GPO reviews.
  C. Form and deploy a hunt team.
  D. Institute heuristic anomaly detection.
  E. Use a protocol analyzer with appropriate connectors.
  A. Install and configure an IPS.
  D. Institute heuristic anomaly detection.

• Question 638:

  After multiple service interruptions caused by an older datacenter design, a company decided to migrate away from its datacenter. The company has successfully completed the migration of all datacenter servers and services to a cloud provider. The migration project includes the following phases:

  1.

  Selection of a cloud provider

  2.

  Architectural design

  3.

  Microservice segmentation

  4.

  Virtual private cloud

  5.

  Geographic service redundancy

  6.

  Service migration

  The Chief Information Security Officer (CISO) is still concerned with the availability requirements of critical company applications.

  Which of the following should the company implement NEXT?

  A. Multicloud solution
  B. Single-tenancy private cloud
  C. Hybrid cloud solution
  D. Cloud access security broker
  D. Cloud access security broker

• Question 639:

  An organization is moving internal core data-processing functions related to customer data to a global public cloud provider that uses aggregated services from other partner organizations. Which of the following compliance issues will MOST likely be introduced as a result of the migration?

  A. Internal data integrity standards and outsourcing contracts and partnerships
  B. Data ownership, internal data classification, and risk profiling of outsourcers
  C. Company audit functions, cross-boarding jurisdictional challenges, and export controls
  D. Data privacy regulations, data sovereignty, and third-party providers
  D. Data privacy regulations, data sovereignty, and third-party providers

• Question 640:

  A systems administrator has deployed the latest patches for Windows-based machines. However, the users on the network are experiencing exploits from various threat actors, which the patches should have corrected. Which of the following is the MOST likely scenario?

  A. The machines were infected with malware.
  B. The users did not reboot the computer after the patches were deployed.
  C. The systems administrator used invalid credentials to deploy the patches.
  D. The patches were deployed on non-Windows-based machines.
  B. The users did not reboot the computer after the patches were deployed.