CompTIA CAS-003 Online Practice Questions and Exam Preparation

CompTIA CAS-003 Online Questions & Answers

• Question 721:

  Company ABC is hiring customer service representatives from Company XYZ. The representatives reside at Company XYZ's headquarters. Which of the following BEST prevents Company XYZ representatives from gaining access to unauthorized Company ABC systems?

  A. Require each Company XYZ employee to use an IPSec connection to the required systems
  B. Require Company XYZ employees to establish an encrypted VDI session to the required systems
  C. Require Company ABC employees to use two-factor authentication on the required systems
  D. Require a site-to-site VPN for intercompany communications
  B. Require Company XYZ employees to establish an encrypted VDI session to the required systems

  ---

  VDI stands for Virtual Desktop Infrastructure. Virtual desktop infrastructure is the practice of hosting a desktop operating system within a virtual machine (VM) running on a centralized server.

  Company ABC can configure virtual desktops with the required restrictions and required access to systems that the users in company XYZ require. The users in company XYZ can then log in to the virtual desktops over a secure encrypted connection and then access authorized systems only.

• Question 722:

  SIMULATION

  As a security administrator, you are asked to harden a server running Red Hat Enterprise Server 5.5 64-bit.

  This server is being used as a DNS and time server. It is not used as a database, web server, or print server. There are no wireless connections to the server, and it does not need to print.

  The command window will be provided along with root access. You are connected via a secure shell with root access.

  You may query help for a list of commands.

  Instructions:

  You need to disable and turn off unrelated services and processes.

  It is possible to simulate a crash of your server session. The simulation can be reset, but the server cannot be rebooted. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

  

  

  Check the answer in explanation.

  See the explanation below In Order to deactivate web services, database services and print service, we can do following things 1) deactivate its services /etc/init.d/apache2 stop /etc/init.d/mysqld stop 2) close ports for these services Web Server

  iptables -I INPUT -p tcp -m tcp --dport 443 -j REJECTservice iptables save Print Server iptables -I INPUT -p tcp -m tcp --dport 631 -j REJECTservice iptables save

  Database Server iptables -I INPUT -p tcp -m tcp --dport <> -j REJECTservice iptables save 3) Kill the process any running for the same ps -aef|grep mysql kill -9 <>

• Question 723:

  select id, firstname, lastname from authors User input= firstname= Hack;man lastname=Johnson Which of the following types of attacks is the user attempting?

  A. XML injection
  B. Command injection
  C. Cross-site scripting
  D. SQL injection
  D. SQL injection

  ---

  The code in the question is SQL code. The attack is a SQL injection attack. SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution

  (e.g. to dump the database contents to the attacker). SQL injection must exploit a security vulnerability in an application's software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.

• Question 724:

  ABC Company must achieve compliance for PCI and SOX. Which of the following would BEST allow the organization to achieve compliance and ensure security? (Select THREE).

  A. Establish a list of users that must work with each regulation
  B. Establish a list of devices that must meet each regulation
  C. Centralize management of all devices on the network
  D. Compartmentalize the network
  E. Establish a company framework
  F. Apply technical controls to meet compliance with the regulation
  B. Establish a list of devices that must meet each regulation
  D. Compartmentalize the network
  F. Apply technical controls to meet compliance with the regulation

  ---

  Payment card industry (PCI) compliance is adherence to a set of specific security standards that were developed to protect card information during and after a financial transaction. PCI compliance is required by all card brands. There are six main requirements for PCI compliance. The vendor must: Build and maintain a secure network Protect cardholder data Maintain a vulnerability management program Implement strong access control measures Regularly monitor and test networks Maintain an information security policy To achieve PCI and SOX compliance you should: Establish a list of devices that must meet each regulation. List all the devices that contain the sensitive data. Compartmentalize the network. Compartmentalize the devices that contain the sensitive data to form a security boundary. Apply technical controls to meet compliance with the regulation. Secure the data as required.

• Question 725:

  A company sales manager received a memo from the company's financial department which stated that the company would not be putting its software products through the same security testing as previous years to reduce the research and development cost by 20 percent for the upcoming year. The memo also stated that the marketing material and service level agreement for each product would remain unchanged. The sales manager has reviewed the sales goals for the upcoming year and identified an increased target across the software products that will be affected by the financial department's change. All software products will continue to go through new development in the coming year. Which of the following should the sales manager do to ensure the company stays out of trouble?

  A. Discuss the issue with the software product's user groups
  B. Consult the company's legal department on practices and law
  C. Contact senior finance management and provide background information
  D. Seek industry outreach for software practices and law
  B. Consult the company's legal department on practices and law

  ---

  To ensure that the company stays out of trouble, the sales manager should enquire about the legal ramifications of the change by consulting with the company's legal department, particularly as the marketing material is not being amended.

• Question 726:

  Ann, a terminated employee, left personal photos on a company-issued laptop and no longer has access to them. Ann emails her previous manager and asks to get her personal photos back. Which of the following BEST describes how the manager should respond?

  A. Determine if the data still exists by inspecting to ascertain if the laptop has already been wiped and if the storage team has recent backups.
  B. Inform Ann that the laptop was for company data only and she should not have stored personal photos on a company asset.
  C. Report the email because it may have been a spoofed request coming from an attacker who is trying to exfiltrate data from the company laptop.
  D. Consult with the legal and/or human resources department and check company policies around employment and termination procedures.
  D. Consult with the legal and/or human resources department and check company policies around employment and termination procedures.

• Question 727:

  Due to compliance regulations, a company requires a yearly penetration test. The Chief Information Security Officer (CISO) has asked that it be done under a black box methodology.

  Which of the following would be the advantage of conducting this kind of penetration test?

  A. The risk of unplanned server outages is reduced.
  B. Using documentation provided to them, the pen-test organization can quickly determine areas to focus on.
  C. The results will show an in-depth view of the network and should help pin-point areas of internal weakness.
  D. The results should reflect what attackers may be able to learn about the company.
  D. The results should reflect what attackers may be able to learn about the company.

  ---

  A black box penetration test is usually done when you do not have access to the code, much the same like an outsider/attacker. This is then the best way to run a penetration test that will also reflect what an attacker/outsider can learn about the company. A black box test simulates an outsiders attack.

• Question 728:

  During the decommissioning phase of a hardware project, a security administrator is tasked with ensuring no sensitive data is released inadvertently. All paper records are scheduled to be shredded in a crosscut shredded, and the waste will be burned. The system drives and removable media have been removed prior to e-cycling the hardware.

  Which of the following would ensure no data is recovered from the system droves once they are disposed of?

  A. Overwriting all HDD blocks with an alternating series of data.
  B. Physically disabling the HDDs by removing the dive head.
  C. Demagnetizing the hard drive using a degausser.
  D. Deleting the UEFI boot loaders from each HDD.
  C. Demagnetizing the hard drive using a degausser.

• Question 729:

  A security analyst has been asked to develop a quantitative risk analysis and risk assessment for the company's online shopping application. Based on heuristic information from the Security Operations Center (SOC), a Denial of Service Attack (DoS) has been successfully executed 5 times a year. The Business Operations department has determined the loss associated to each attack is $40,000. After implementing application caching, the number of DoS attacks was reduced to one time a year. The cost of the countermeasures was $100,000. Which of the following is the monetary value earned during the first year of operation?

  A. $60,000
  B. $100,000
  C. $140,000
  D. $200,000
  A. $60,000

  ---

  ALE before implementing application caching: ALE = ARO x SLE ALE = 5 x $40,000 ALE = $200,000 ALE after implementing application caching: ALE = ARO x SLE ALE = 1 x $40,000 ALE = $40,000 The monetary value earned would be the sum of subtracting the ALE calculated after implementing application caching and the cost of the countermeasures, from the ALE calculated before implementing application caching. Monetary value earned = $200,000 - $40,000 - $100,000 Monetary value earned = $60,000

• Question 730:

  A security engineer is performing a routine audit of a company's decommissioned devices. The current process involves a third-party firm removing the hard drive from a company device, wiping it using a seven-pass software, placing it back

  into the device, and tagging the device for reuse or disposal. The audit reveals sensitive information is present in the hard drive cluster tips.

  Which of the following should the third-party firm implement NEXT to ensure all data is permanently removed?

  A. Degauss the drives using a commercial tool.
  B. Scramble the file allocation table
  C. Wipe the drives using a 21-pass overwrite
  D. Disable the logic board using high-voltage input
  A. Degauss the drives using a commercial tool.

  ---

  Erasing your hard drive with a degaussing tool prevents your information from being accessed by anyone, which helps prevent different and unfortunate events, such as employee theft, media loss dunng transport, and improper media destruction. Reference: https://potomacecycle com/what-does-it-mean-to-degauss-a-hard-drive