CompTIA CAS-003 Online Practice Questions and Exam Preparation

CompTIA CAS-003 Online Questions & Answers

• Question 681:

  A developer needs to provide feedback on a peer's work during the SDLC. While reviewing the code changes, the developers session ID tokens for a web application will be transmitted over an unsecure connection. Which of the following code snippets should the developer recommend implement to correct the vulnerability?

  

  A. Option A
  B. Option B
  C. Option C
  D. Option D
  A. Option A

• Question 682:

  An enterprise's Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) are meeting to discuss ongoing capacity and resource planning issues. The enterprise has experienced rapid, massive growth over the last 12 months, and the technology department is stretched thin for resources. A new accounting service is required to support the enterprise's growth, but the only available compute resources that meet the accounting service requirements are on the virtual platform, which is hosting the enterprise's website.

  Which of the following should the CISO be MOST concerned about?

  A. Poor capacity planning could cause an oversubscribed host, leading to poor performance on the company's website.
  B. A security vulnerability that is exploited on the website could expose the accounting service.
  C. Transferring as many services as possible to a CSP could free up resources.
  D. The CTO does not have the budget available to purchase required resources and manage growth.
  A. Poor capacity planning could cause an oversubscribed host, leading to poor performance on the company's website.

• Question 683:

  The Chief Information Security Officer (CISO) for an organization wants to develop custom IDS rulesets faster, prior to new rules being released by IDS vendors. Which of the following BEST meets this objective?

  A. Identify a third-party source for IDS rules and change the configuration on the applicable IDSs to pull in the new rulesets
  B. Encourage cybersecurity analysts to review open-source intelligence products and threat database to generate new IDS rules based on those sources
  C. Leverage the latest TCP- and UDP-related RFCs to arm sensors and IDSs with appropriate heuristics for anomaly detection
  D. Use annual hacking conventions to document the latest attacks and threats, and then develop IDS rules to counter those threats
  B. Encourage cybersecurity analysts to review open-source intelligence products and threat database to generate new IDS rules based on those sources

• Question 684:

  A red team is able to connect a laptop with penetration testing tools directly into an open network port The team then is able to take advantage of a vulnerability on the domain controller to create and promote a new enterprise administrator. Which of the following technologies would MOST likely eliminate this attack vector m the future?

  A. Monitor for anomalous creations of privileged domain accounts
  B. Install a NIPS with rules appropriate to drop most exploit traffic
  C. Ensure the domain controller has the latest security patches
  D. Implement 802.1X with certificate-based authentication
  C. Ensure the domain controller has the latest security patches

• Question 685:

  A human resources manager at a software development company has been tasked with recruiting personnel for a new cyber defense division in the company. This division will require personnel to have high technology skills and industry certifications. Which of the following is the BEST method for this manager to gain insight into this industry to execute the task?

  A. Interview candidates, attend training, and hire a staffing company that specializes in technology jobs
  B. Interview employees and managers to discover the industry hot topics and trends
  C. Attend meetings with staff, internal training, and become certified in software management
  D. Attend conferences, webinars, and training to remain current with the industry and job requirements
  D. Attend conferences, webinars, and training to remain current with the industry and job requirements

  ---

  Conferences represent an important method of exchanging information between researchers who are usually experts in their respective fields. Together with webinars and training to remain current on the subject the manager will be able to gain valuable insight into the cyber defense industry and be able to recruit personnel.

• Question 686:

  A product owner is reviewing the output of a web-application penetration test and has identified an application that is presenting sensitive information in cleartext on a page. Which of the following code snippets would be BEST to use to remediate the vulnerability?

  

  A. Option A
  B. Option B
  C. Option C
  D. Option D
  C. Option C

• Question 687:

  A company uses an enterprise desktop imaging solution to manage deployment of its desktop computers. Desktop computer users are only permitted to use software that is part of the baseline image. Which of the following technical solutions was MOST likely deployed by the company to ensure only known-good software can be installed on corporate desktops?

  A. Network access control
  B. Configuration Manager
  C. Application whitelisting
  D. File integrity checks
  C. Application whitelisting

• Question 688:

  A company's Internet connection is commonly saturated during business hours, affecting Internet availability. The company requires all Internet traffic to be business related After analyzing the traffic over a period of a few hours, the security administrator observes the following:

  

  The majority of the IP addresses associated with the TCP/SSL traffic resolve to CDNs Which of the following should the administrator recommend for the CDN traffic to meet the corporate security requirements?

  A. Block outbound SSL traffic to prevent data exfiltration.
  B. Confirm the use of the CDN by monitoring NetFlow data
  C. Further investigate the traffic using a sanctioned MITM proxy.
  D. Implement an IPS to drop packets associated with the CDN.
  A. Block outbound SSL traffic to prevent data exfiltration.

• Question 689:

  A company has decided to replace all the T-1 uplinks at each regional office and move away from using the existing MPLS network. All regional sites will use high-speed connections and VPNs to connect back to the main campus. Which of the following devices would MOST likely be added at each location?

  A. SIEM
  B. IDS/IPS
  C. Proxy server
  D. Firewall
  E. Router
  D. Firewall

• Question 690:

  A systems administrator has installed a disk wiping utility on all computers across the organization and configured it to perform a seven-pass wipe and an additional pass to overwrite the disk with zeros. The company has also instituted a policy that requires users to erase files containing sensitive information when they are no longer needed.

  To ensure the process provides the intended results, an auditor reviews the following content from a randomly selected decommissioned hard disk: Which of the following should be included in the auditor's report based in the above findings?

  

  A. The hard disk contains bad sectors
  B. The disk has been degaussed.
  C. The data represents part of the disk BIOS.
  D. Sensitive data might still be present on the hard drives.
  A. The hard disk contains bad sectors