CompTIA CAS-003 Online Practice Questions and Exam Preparation

CompTIA CAS-003 Online Questions & Answers

• Question 701:

  An international e-commerce company has identified attack traffic originating from a whitelisted third party's IP address used to mask the third party's internal network. The security team needs to block the attack traffic without impacting the vendor's services. Which of the following is the BEST approach to identify the threat?

  A. Ask the third-party vendor to block the attack traffic
  B. Configure the third party's proxy to begin sending X-Forwarded-For headers
  C. Configure the e-commerce company's IPS to inspect HTTP traffic
  D. Perform a vulnerability scan against the network perimeter and remediate any issues identified
  B. Configure the third party's proxy to begin sending X-Forwarded-For headers

• Question 702:

  A security engineer is embedded with a development team to ensure security is built into products being developed. The security engineer wants to ensure developers are not blocked by a large number of security requirements applied at specific schedule points. Which of the following solutions BEST meets the engineer's goal?

  A. Schedule weekly reviews of al unit test results with the entire development team and follow up between meetings with surprise code inspections.
  B. Develop and implement a set of automated security tests to be installed on each development team leader's workstation.
  C. Enforce code quality and reuse standards into the requirements definition phase of the waterfall development process.
  D. Deploy an integrated software tool that builds and tests each portion of code committed by developers and provides feedback.
  C. Enforce code quality and reuse standards into the requirements definition phase of the waterfall development process.

• Question 703:

  An administrator has enabled salting for users' passwords on a UNIX box. A penetration tester must attempt to retrieve password hashes. Which of the following files must the penetration tester use to eventually obtain passwords on the system? (Select TWO).

  A. /etc/passwd
  B. /etc/shadow
  C. /etc/security
  D. /etc/password
  E. /sbin/logon
  F. /bin/bash
  A. /etc/passwd
  B. /etc/shadow

  ---

  In cryptography, a salt is random data that is used as an additional input to a one-way function that hashes a password or passphrase. In this question, enabling salting for users' passwords means to store the passwords in an encrypted format.

  Traditional Unix systems keep user account information, including one-way encrypted passwords, in a text file called ``/etc/passwd''. As this file is used by many tools (such as ``ls'') to display file ownerships, etc. by matching user id #'s with the user's names, the file needs to be world-readable. Consequentially, this can be somewhat of a security risk.

  Another method of storing account information is with the shadow password format. As with the traditional method, this method stores account information in the /etc/passwd file in a compatible format. However, the password is stored as a single "x" character (ie. not actually stored in this file). A second file, called ``/etc/shadow'', contains encrypted password as well as other information such as account or password expiration values, etc.

• Question 704:

  When of the following is the BEST reason to implement a separation of duties policy?

  A. It minimizes the risk of Dos due to continuous monitoring.
  B. It eliminates the need to enforce least privilege by logging all actions.
  C. It increases the level of difficulty for a single employee to perpetrate fraud.
  D. it removes barriers to collusion and collaboration between business units.
  A. It minimizes the risk of Dos due to continuous monitoring.

• Question 705:

  An organization enables BYOD but wants to allow users to access the corporate email, calendar, and contacts from their devices. The data associated with the user's accounts is sensitive, and therefore, the organization wants to comply with the following requirements:

  Active full-device encryption Enabled remote-device wipe Blocking unsigned applications Containerization of email, calendar, and contacts

  Which of the following technical controls would BEST protect the data from attack or loss and meet the above requirements?

  A. Require frequent password changes and disable NFC.
  B. Enforce device encryption and activate MAM.
  C. Install a mobile antivirus application.
  D. Configure and monitor devices with an MDM.
  B. Enforce device encryption and activate MAM.

• Question 706:

  A company is not familiar with the risks associated with IPv6. The systems administrator wants to isolate IPv4 from IPv6 traffic between two different network segments. Which of the following should the company implement? (Select TWO)

  A. Use an internal firewall to block UDP port 3544.
  B. Disable network discovery protocol on all company routers.
  C. Block IP protocol 41 using Layer 3 switches.
  D. Disable the DHCPv6 service from all routers.
  E. Drop traffic for ::/0 at the edge firewall.
  F. Implement a 6in4 proxy server.
  D. Disable the DHCPv6 service from all routers.
  E. Drop traffic for ::/0 at the edge firewall.

• Question 707:

  A company has decided to move an ERP application to a public cloud vendor. The company wants to replicate some of its global policies from on premises to cloud. The policies include data encryption, token management, and limited user

  access to the ERP application The Chief Information Officer (CIO) is mainly concerned about privileged accounts that might be compromised and used to alter data in the ERP application.

  Which of the following is the BEST option to meet the requirements?

  A. Sandboxing
  B. CASB
  C. MFA
  D. Security as a service
  D. Security as a service

• Question 708:

  The OS on several servers crashed around the same time for an unknown reason. The servers were restored to working conditions, and all file integrity was verified

  Which of the following should the incident response team perform to understand the crash and prevent it in the future?

  A. Root cause analysis
  B. Continuity of operations plan
  C. After-action report
  D. Lessons learned
  A. Root cause analysis

• Question 709:

  A bank is initiating the process of acquiring another smaller bank. Before negotiations happen between the organizations, which of the following business documents would be used as the FIRST step in the process?

  A. MOU
  B. OLA
  C. BPA
  D. NDA
  D. NDA

• Question 710:

  With which of the following departments should an engineer for a consulting firm coordinate when determining the control and reporting requirements for storage of sensitive, proprietary customer information?

  A. Human resources
  B. Financial
  C. Sales
  D. Legal counsel
  D. Legal counsel