• Home
  • Articles
  • [Dec-2021] Verified CompTIA CAS-003 Bundle Real Exam Dumps PDF [Q59-Q76]

[Dec-2021] Verified CompTIA CAS-003 Bundle Real Exam Dumps PDF [Q59-Q76]

Share

[Dec-2021] Verified CompTIA CAS-003 Bundle Real Exam Dumps PDF

CAS-003 Dumps PDF New [2021] Ultimate Study Guide


Career Opportunities

The job titles that the candidates who pass the CompTIA CAS-003 exam can take up include a Security Engineer, an Application Security Engineer, a Technical Lead Analyst, and a Security Architect, among others. The salary potential for these professionals is an average of $105,000 per annum. Depending on their level of experience, this figure may be even higher.


Career Opportunities

The CompTIA CASP+ certification is considered an industry-standard in risk management and enterprise security. Earning it will open up various career opportunities with decent annual salaries, that include:

  • Security Architect $122k
  • Security Engineer $92k
  • Technical Lead Analyst $92k
  • Application Security Engineer $98k

 

NEW QUESTION 59
An external red team is brought into an organization to perform a penetration test of a new network-based application. The organization deploying the network application wants the red team to act like remote, external attackers, and instructs the team to use a black-box approach. Which of the following is the BEST methodology for the red team to follow?

  • A. Run a protocol analyzer to determine what traffic is flowing in and out of the server, and look for ways to alter the data stream that will result in information leakage or a system failure.
  • B. Ask for more details regarding the engagement using social engineering tactics in an attempt to get the organization to disclose more information about the network application to make attacks easier.
  • C. Send out spear-phishing emails against users who are known to have access to the network-based application, so the red team can go on-site with valid credentials and use the software.
  • D. Examine the application using a port scanner, then run a vulnerability scanner against open ports looking for known, exploitable weaknesses the application and related services may have.

Answer: D

 

NEW QUESTION 60
An assessor identifies automated methods for identifying security control compliance through validating sensors at the endpoint and at Tier 2. Which of the following practices satisfy continuous monitoring of authorized information systems?

  • A. Independent verification and validation
  • B. Ongoing authorization
  • C. Security test and evaluation
  • D. Risk assessment

Answer: B

Explanation:
Ongoing assessment and authorization is often referred to as continuous monitoring. It is a process that determines whether the set of deployed security controls in an information system continue to be effective with regards to planned and unplanned changes that occur in the system and its environment over time.
Continuous monitoring allows organizations to evaluate the operating effectiveness of controls on or near a real-time basis. Continuous monitoring enables the enterprise to detect control failures quickly because it transpires immediately or closely after events in which the key controls are utilized.
Incorrect Answers:
A: Independent verification and validation (IV&V) is executed by a third party organization not involved in the development of a product. This is not considered continuous monitoring of authorized information systems.
B: Security test and evaluation is not considered continuous monitoring of authorized information systems.
C: Risk assessment is the identification of potential risks and threats. It is not considered continuous monitoring of authorized information systems.
References:
http://www.fedramp.net/ongoing-assessment-and-authorization-continuous-monitoring
https://www.techopedia.com/definition/24836/independent-verification-and-validation--iv&v
Gregg, Michael, and Billy Haines, CASP CompTIA Advanced Security Practitioner Study Guide, John Wiley & Sons, Indianapolis, 2012, pp. 213, 219

 

NEW QUESTION 61
A security architect is reviewing the code for a company's financial website. The architect suggests adding the following HTML element, along with a server-side function, to generate a random number on the page used to initiate a funds transfer:
<input type="hidden" name="token" value=generateRandomNumber()>
Which of the following attacks is the security architect attempting to prevent?

  • A. SQL injection
  • B. Clickjacking
  • C. XSS
  • D. XSRF

Answer: B

 

NEW QUESTION 62
A security administrator is hardening a TrustedSolaris server that processes sensitive data. The data owner has established the following security requirements:
The data is for internal consumption only and shall not be distributed to outside individuals

The systems administrator should not have access to the data processed by the server

The integrity of the kernel image is maintained

Which of the following host-based security controls BEST enforce the data owner's requirements?
(Choose three.)

  • A. Measured boot
  • B. Data encryption
  • C. Watermarking
  • D. SELinux
  • E. HIDS
  • F. Host-based firewall
  • G. DLP

Answer: A,B,E

 

NEW QUESTION 63
The legal department has required that all traffic to and from a company's cloud-based word processing and email system is logged. To meet this requirement, the Chief Information Security Officer (CISO) has implemented a next-generation firewall to perform inspection of the secure traffic and has decided to use a cloud-based log aggregation solution for all traffic that is logged.
Which of the following presents a long-term risk to user privacy in this scenario?

  • A. Confidential or sensitive documents are inspected by the firewall before being logged.
  • B. Latency when viewing videos and other online content may increase.
  • C. Reports generated from the firewall will take longer to produce due to more information from inspected traffic.
  • D. Stored logs may contain non-encrypted usernames and passwords for personal websites.

Answer: A

 

NEW QUESTION 64
A security administrator wants to deploy a dedicated storage solution which is inexpensive, can natively integrate with AD, allows files to be selectively encrypted and is suitable for a small number of users at a satellite office. Which of the following would BEST meet the requirement?

  • A. SAN
  • B. Virtual SAN
  • C. Virtual storage
  • D. NAS

Answer: D

Explanation:
A NAS is an inexpensive storage solution suitable for small offices. Individual files can be encrypted by using the EFS (Encrypted File System) functionality provided by the NTFS file system.
NAS typically uses a common Ethernet network and can provide storage services to any authorized devices on that network.
Two primary NAS protocols are used in most environments. The choice of protocol depends largely on the type of computer or server connecting to the storage. Network File System (NFS) protocol usually used by servers to access storage in a NAS environment.
Common Internet File System (CIFS), also sometimes called Server Message Block (SMB), is usually used for desktops, especially those running Microsoft Windows.
Unlike DAS and SAN, NAS is a file-level storage technology. This means the NAS appliance maintains and controls the files, folder structures, permission, and attributes of the data it holds. A typical NAS deployment integrates the NAS appliance with a user database, such as Active Directory, so file permissions can be assigned based on established users and groups. With Active Directory integration, most Windows New Technology File System (NTFS) permissions can be set on the files contained on a NAS device.

 

NEW QUESTION 65
The Chief Information Security Officer (CISO) is asking for ways to protect against zero-day exploits. The CISO is concerned that an unrecognized threat could compromise corporate data and result in regulatory fines as well as poor corporate publicity. The network is mostly flat, with split staff/guest wireless functionality.
Which of the following equipment MUST be deployed to guard against unknown threats?

  • A. Cloud-based antivirus solution, running as local admin, with push technology for definition updates.
  • B. Implementation of an offsite data center hosting all company data, as well as deployment of VDI for all client computing needs.
  • C. Host based heuristic IPS, segregated on a management VLAN, with direct control of the perimeter firewall ACLs.
  • D. Behavior based IPS with a communication link to a cloud based vulnerability and threat feed.

Answer: D

Explanation:
Explanation
Good preventive security practices are a must. These include installing and keeping firewall policies carefully matched to business and application needs, keeping antivirus software updated, blocking potentially harmful file attachments and keeping all systems patched against known vulnerabilities. Vulnerability scans are a good means of measuring the effectiveness of preventive procedures. Real-time protection: Deploy inline intrusion-prevention systems (IPS) that offer comprehensive protection. When considering an IPS, seek the following capabilities: network-level protection, application integrity checking, application protocol Request for Comment (RFC) validation, content validation and forensics capability. In this case it would be behavior-based IPS with a communication link to a cloud-based vulnerability and threat feed.

 

NEW QUESTION 66
Legal authorities notify a company that its network has been compromised for the second time in two years. The investigation shows the attackers were able to use the same vulnerability on different systems in both attacks. Which of the following would have allowed the security team to use historical information to protect against the second attack?

  • A. Recovery point objectives
  • B. Tabletop exercise
  • C. Lessons learned
  • D. Key risk indicators

Answer: D

 

NEW QUESTION 67
A small retail company recently deployed a new point of sale (POS) system to all 67 stores. The core of the POS is an extranet site, accessible only from retail stores and the corporate office over a split-tunnel VPN. An additional split-tunnel VPN provides bi-directional connectivity back to the main office, which provides voice connectivity for store VoIP phones. Each store offers guest wireless functionality, as well as employee wireless. Only the staff wireless network has access to the POS VPN. Recently, stores are reporting poor response times when accessing the POS application from store computers as well as degraded voice quality when making phone calls. Upon investigation, it is determined that three store PCs are hosting malware, which is generating excessive network traffic. After malware removal, the information security department is asked to review the configuration and suggest changes to prevent this from happening again. Which of the following denotes the BEST way to mitigate future malware risk?

  • A. Deploy a proxy server with content filtering at the corporate office and route all traffic through it.
  • B. Deploy new perimeter firewalls at all stores with UTM functionality.
  • C. Move to a VDI solution that runs offsite from the same data center that hosts the new POS solution.
  • D. Change antivirus vendors at the store and the corporate office.

Answer: B

Explanation:
Explanation
A perimeter firewall is located between the local network and the Internet where it can screen network traffic flowing in and out of the organization. A firewall with unified threat management (UTM) functionalities includes anti-malware capabilities.

 

NEW QUESTION 68
A security administrator receives reports that several workstations are unable to access resources within one network segment. A packet capture shows the segment is flooded with ICMPv6 traffic from the source fe80::21ae;4571:42ab:1fdd and for the destination ff02::1. Which of the following should the security administrator integrate into the network to help prevent this from occurring?

  • A. Deploy ARP spoofing prevention on routers and switches.
  • B. Raise the dead peer detection interval to prevent the additional network chatter
  • C. Ensure routers will use route advertisement guards.
  • D. Deploy honeypots on the network segment to identify the sending machine.

Answer: A

 

NEW QUESTION 69
A breach was caused by an insider threat in which customer PII was compromised.
Following the breach, a lead security analyst is asked to determine which vulnerabilities the attacker used to access company resources. Which of the following should the analyst use to remediate the vulnerabilities?

  • A. Data leak prevention
  • B. Protocol analyzer
  • C. Root cause analyzer
  • D. Behavioral analytics

Answer: A

 

NEW QUESTION 70
The Chief Information Security Officer (CISO) has asked the security team to determine whether the organization is susceptible to a zero-day exploit utilized in the banking industry and whether attribution is possible. The CISO has asked what process would be utilized to gather the information, and then wants to apply signatureless controls to stop these kinds of attacks in the future.
Which of the following are the MOST appropriate ordered steps to take to meet the CISO's request?

  • A. 1. Obtain the latest IOCs from the open source repositories
    2. Perform a sweep across the network to identify positive matches
    3. Sandbox any suspicious files
    4. Notify the CERT team to apply a future proof threat model
  • B. 1. Perform the ongoing research of the best practices
    2. Determine current vulnerabilities and threats
    3. Apply Big Data techniques
    4. Use antivirus control
  • C. 1. Apply artificial intelligence algorithms for detection
    2. Inform the CERT team
    3. Research threat intelligence and potential adversaries
    4. Utilize threat intelligence to apply Big Data techniques
  • D. 1. Analyze the current threat intelligence
    2. Utilize information sharing to obtain the latest industry IOCs
    3. Perform a sweep across the network to identify positive matches
    4. Apply machine learning algorithms

Answer: D

 

NEW QUESTION 71
A protect manager Ts working with a team that is tasked to develop software applications in a structured environment and host them in a vendor's cloud-based Infrastructure.
The organization will maintain responsibility for the software but wit not manage the underlying server applications.
Which of the following does the organization plan to leverage?

  • A. Hybrid cloud
  • B. SaaS
  • C. IaaS
  • D. Network virtualization
  • E. PaaS

Answer: E

Explanation:
The company is responsible for the software. The provider is providing the platform, so PaaS is correct.

 

NEW QUESTION 72
A recent overview of the network's security and storage applications reveals a large amount of data that
needs to be isolated for security reasons. Below are the critical applications and devices configured on the
network:
Firewall

Core switches

RM server

Virtual environment

NAC solution

The security manager also wants data from all critical applications to be aggregated to correlate events
from multiple sources. Which of the following must be configured in certain applications to help ensure data
aggregation and data isolation are implemented on the critical applications and devices? (Select TWO).

  • A. Data remanants
  • B. Port aggregation
  • C. Routing tables
  • D. Log forwarding
  • E. NIC teaming
  • F. Zones

Answer: A,F

 

NEW QUESTION 73
A new internal network segmentation solution will be implemented into the enterprise that consists of 200 internal firewalls. As part of running a pilot exercise, it was determined that it takes three changes to deploy a new application onto the network before it is operational. Security now has a significant effect on overall availability. Which of the following would be the FIRST process to perform as a result of these findings?

  • A. Lower the SLA to a more tolerable level and perform a risk assessment to see if the solution could be met by another solution. Reuse the firewall infrastructure on other projects.
  • B. Perform a cost benefit analysis and implement the solution as it stands as long as the risks are understood by the business owners around the availability issues. Decrease the current SLA expectations to match the new solution.
  • C. Review to determine if control effectiveness is in line with the complexity of the solution. Determine if the requirements can be met with a simpler solution.
  • D. Engage internal auditors to perform a review of the project to determine why and how the project did not meet the security requirements. As part of the review ask them to review the control effectiveness.

Answer: C

Explanation:
Checking whether control effectiveness complies with the complexity of the solution and then determining if there is not an alternative simpler solution would be the first procedure to follow in the light of the findings.
Incorrect Answers:
A: The SLA is in essence a contracted level of guaranteed service between thee cloud provider and the customer, of a certain level of protection, SLA's also define targets for hardware and software, thus lowering the SLA is not an option.
B: A cost benefit analysis focus on calculating the costs, the benefits and then compare the results in order to see if the proposed solution is viable and whether the benefits outweigh the risks/costs. However, it is not good practice to lower the SLA.
C: Performing reviews are only done after implementation.
References:
Gregg, Michael, and Billy Haines, CASP CompTIA Advanced Security Practitioner Study Guide, John Wiley & Sons, Indianapolis, 2012, pp. 199, 297-299

 

NEW QUESTION 74
A financial services company has proprietary trading algorithms, which were created and are maintained by a team of developers on their private source code repository. If the details of this operation became known to competitors, the company's ability to profit from its trading would disappear immediately. Which of the following would the company MOST likely use to protect its trading algorithms?

  • A. Virtual desktop infrastructure
  • B. Managed security service providers
  • C. Cloud security broker
  • D. Single-tenancy cloud

Answer: D

 

NEW QUESTION 75
A security administrator is concerned about employees connecting their personal devices to the company network. Doing so is against company policy. The network does not have a NAC solution. The company uses a GPO that disables the firewall on all company-owned devices while they are connected to the internal network Additionally, all company-owned devices implement a standard naming convention that uses the device's serial number. The security administrator wants to identify active personal devices and write a custom script to disconnect them from the network Which of the following should the script use to BEST accomplish this task?

  • A. RADIUS logs
  • B. AD authentication logs
  • C. DHCP logs
  • D. Switch and router ARP tables
  • E. Recursive DNS logs

Answer: D

 

NEW QUESTION 76
......

Pass Your CompTIA Exam with CAS-003 Exam Dumps: https://www.actual4exams.com/CAS-003-valid-dump.html

CAS-003 Exam Dumps PDF Updated Dump: https://drive.google.com/open?id=1qAgRuDbLkzKm8oCgeVdi83qgvmUQmbLR 

Related Articles

more
CompTIA CAS-003 Certification Practice Exam

Take our exam training material as your study reference, and pass your exam with the help of our actual exam dumps. When you choose our latest exam torrent, you will get your IT certification with more confident and more ease.

Latest Actual Exam Dump

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2024 Actual4Exams NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy