CAS-003 Exam Questions
947 real CAS-003 exam questions with expert-verified answers and explanations. Page 1 of 19.
- Question #1Enterprise Security Operations
A security consultant is attempting to discover if the company is utilizing databases on client machines to store the customer data. The consultant reviews the following informatio...
netstatnetwork reconnaissanceopen portsdatabase discovery - Question #2Technical Integration of Enterprise Security
A security administrator wants to allow external organizations to cryptographically validate the company's domain name in email messages sent by employees. Which of the following s...
DKIMemail authenticationemail securitycryptographic signing - Question #3Enterprise Security Operations
A large enterprise with thousands of users is experiencing a relatively high frequency of malicious activity from the insider threats. Much of the activity appears to involve inter...
insider threatprivilege escalationgroup policysecurity awareness training - Question #4Technical Integration of Enterprise Security
A team is at the beginning stages of designing a new enterprise-wide application. The new application will have a large database and require a capital investment in hardware. The C...
cloud service modelsPaaSdatabase hostingsingle-tenancy - Question #6Enterprise Security Operations
Legal authorities notify a company that its network has been compromised for the second time in two years. The investigation shows the attackers were able to use the same vulnerabi...
lessons learnedincident responsevulnerability managementhistorical threat data - Question #7Enterprise Security Architecture
A security engineer has implemented an internal user access review tool so service teams can baseline user accounts and group memberships. The tool is functional and popular among...
availabilitylatencyrecoverabilitysystem resilience requirements - Question #8Risk Management
After investigating virus outbreaks that have cost the company $1,000 per incident, the company's Chief Information Security Officer (CISO) has been researching new antivirus softw...
cost-benefit analysisantivirus selectionsecurity investmentvendor evaluation - Question #9Technical Integration of Enterprise Security
A newly hired systems administrator is trying to connect a new and fully updated, but very customized, Android device to access corporate resources. However, the MDM enrollment pro...
MDM enrollmentmobile securityrooted devicedevice compliance - Question #10Enterprise Security Operations
A security administrator was informed that a server unexpectedly rebooted. The administrator received an export of syslog entries for analysis: Which of the following does the log...
log analysisprivilege escalationbuffer overflowkernel panic - Question #11Risk Management
The risk subcommittee of a corporate board typically maintains a master register of the most prominent risks to the company. A centralized holistic view of risk is particularly imp...
risk registerenterprise risk managementinterconnected risksCISO responsibilities - Question #12Risk Management
A hospital's security team recently determined its network was breached and patient data was accessed by an external entity. The Chief Information Security Officer (CISO) of the ho...
breach notificationregulatory complianceHIPAAincident response - Question #13Enterprise Security Operations
A penetration tester is conducting an assessment on Comptia.org and runs the following command from a coffee shop while connected to the public Internet: Which of the following sho...
DNS split-horizonDNS misconfigurationpenetration testingpublic vs private views - Question #14Research, Development and Collaboration
An organization has employed the services of an auditing firm to perform a gap assessment in preparation for an upcoming audit. As part of the gap assessment, the auditor supportin...
threat intelligenceinformation sharingindustry collaborationexploit frameworks - Question #15Risk Management
A business is growing and starting to branch out into other locations. In anticipation of opening an office in a different country, the Chief Information Security Officer (CISO) an...
data sovereigntydata retentionencryption standardsinternational compliance - Question #16Risk Management
An engineer is evaluating the control profile to assign to a system containing PII, financial, and proprietary data. Based on the data classification table above, which of the foll...
data classificationPIIconfidentiality levelsavailability requirements - Question #17Enterprise Security Architecture
An engineer is assisting with the design of a new virtualized environment that will house critical company services and reduce the datacenter's physical footprint. The company has...
virtualization securityVM isolationnetwork segmentationdatacenter design - Question #18Technical Integration of Enterprise Security
The code snippet below controls all electronic door locks to a secure facility in which the doors should only fail open in an emergency. In the code, "criticalValue" indicates if a...
fail-secure designexception handlingsecure codingphysical access control - Question #19Enterprise Security Operations
A security controls assessor intends to perform a holistic configuration compliance test of networked assets. The assessor has been handed a package of definitions provided in XML...
SCAPOVALconfiguration compliancesecurity benchmarks - Question #20Risk Management
Two competing companies experienced similar attacks on their networks from various threat actors. To improve response times, the companies wish to share some threat intelligence ab...
interconnection security agreementthreat intelligence sharingbusiness agreementsinformation exchange - Question #21Technical Integration of Enterprise Security
An engineer maintains a corporate-owned mobility infrastructure, and the organization requires that all web browsing using corporate-owned resources be monitored. Which of the foll...
MDMalways-on VPNmobile monitoringcorporate mobility - Question #22Technical Integration of Enterprise Security
A security analyst is reviewing the corporate MDM settings and notices some disabled settings, which consequently permit users to download programs from untrusted developers and ma...
side loadingMDM profilesapplication controlcontainerization - Question #23Enterprise Security Operations
A recent assessment identified that several users' mobile devices are running outdated versions of endpoint security software that do not meet the company's security policy. Which...
patch managementendpoint securityMDM compliancemobile device policy - Question #24Enterprise Security Operations
A software development team is conducting functional and user acceptance testing of internally developed web applications using a COTS solution. For automated testing, the solution...
credential managementhard-coded credentialsnetwork share ACLrisk mitigation - Question #25Enterprise Security Operations
The Chief Information Security Officer (CISO) for an organization wants to develop custom IDS rulesets faster, prior to new rules being released by IDS vendors. Which of the follow...
IDS rulesthreat intelligenceopen-source intelligencecustom signatures - Question #26Risk Management
Management is reviewing the results of a recent risk assessment of the organization's policies and procedures. During the risk assessment it is determined that procedures associate...
risk transferbackground checksthird-party vendorrisk management strategies - Question #27Enterprise Security Operations
A penetration tester has been contracted to conduct a physical assessment of a site. Which of the following is the MOST plausible method of social engineering to be conducted durin...
social engineeringphysical penetration testingpretextingimpersonation - Question #29Risk Management
A Chief Information Security Officer (CISO) is reviewing the results of a gap analysis with an outside cybersecurity consultant. The gap analysis reviewed all procedural and techni...
gap analysiscost-benefit analysisALErisk prioritization - Question #30Enterprise Security Operations
The Chief Information Security Officer (CISO) has asked the security team to determine whether the organization is susceptible to a zero-day exploit utilized in the banking industr...
zero-day exploitthreat intelligenceIOCssignatureless detection - Question #31Technical Integration of Enterprise Security
A company wants to extend its help desk availability beyond business hours. The Chief Information Officer (CIO) decides to augment the help desk with a third-party service that wil...
LDAPdirectory servicesthird-party accessremote assistance - Question #32Enterprise Security Architecture
A financial consulting firm recently recovered from some damaging incidents that were associated with malware installed via rootkit. Post-incident analysis is ongoing, and the inci...
rootkit preventionUEFITPMmeasured boot - Question #33Risk Management
Two new technical SMB security settings have been enforced and have also become policies that increase secure communications. Network Client: Digitally sign communication Network S...
SMB signinglegacy systemsrisk acceptancepolicy exception - Question #34Enterprise Security Operations
A recent penetration test identified that a web server has a major vulnerability. The web server hosts a critical shipping application for the company and requires 99.99% availabil...
compensating controlsvulnerability managementweb application securityavailability - Question #35Enterprise Security Architecture
An architect was recently hired by a power utility to increase the security posture of the company's power generation and distribution sites. Upon review, the architect identifies...
ICS/SCADA securitynetwork segmentationNTP securityOT security - Question #36Risk Management
An organization is preparing to develop a business continuity plan. The organization is required to meet regulatory requirements relating to confidentiality and availability, which...
business continuitygap assessmentregulatory complianceBCP planning - Question #37Enterprise Security Operations
A Chief Information Officer (CIO) publicly announces the implementation of a new financial system. As part of a security assessment that includes a social engineering task, which o...
social engineeringOSINTpretextingsecurity assessment - Question #38Research, Development and Collaboration
A software development team has spent the last 18 months developing a new web-based front- end that will allow clients to check the status of their orders as they proceed through m...
SDLCSRTMsecure developmentsecurity requirements - Question #39Enterprise Security Architecture
During a security assessment, an organization is advised of inadequate control over network segmentation. The assessor explains that the organization's reliance on VLANs to segment...
network segmentationVLANACLregulatory compliance - Question #40Technical Integration of Enterprise Security
A company has entered into a business agreement with a business partner for managed human resources services. The Chief Information Security Officer (CISO) has been asked to provid...
ISAB2B VPNinterconnection security agreementbusiness partnerships - Question #41Technical Integration of Enterprise Security
After multiple service interruptions caused by an older datacenter design, a company decided to migrate away from its datacenter. The company has successfully completed the migrati...
CASBcloud availabilitycloud migrationapplication security - Question #42Technical Integration of Enterprise Security
A company is developing requirements for a customized OS build that will be used in an embedded environment. The company procured hardware that is capable of reducing the likelihoo...
NX/XN bitbuffer overflow preventionembedded systemshardware security - Question #44Risk Management
An organization is currently working with a client to migrate data between a legacy ERP system and a cloud-based ERP tool using a global PaaS provider. As part of the engagement, t...
data sovereigntydata sanitizationregulatory compliancecloud migration - Question #45Enterprise Security Operations
A user workstation was infected with a new malware variant as a result of a drive-by download. The security administrator reviews key controls on the infected workstation and disco...
endpoint protectionHIPSEDRmalware prevention - Question #46Enterprise Security Operations
A company monitors the performance of all web servers using WMI. A network administrator informs the security engineer that web servers hosting the company's client- facing portal...
SNMP hardeningreconnaissance preventionHIPSnetwork monitoring - Question #47Enterprise Security Operations
An internal penetration tester was assessing a recruiting page for potential issues before it was pushed to the production website. The penetration tester discovers an issue that m...
CSRFweb application attackspenetration testingattack vectors - Question #48Risk Management
A company has hired an external security consultant to conduct a thorough review of all aspects of corporate security. The company is particularly concerned about unauthorized acce...
physical securitysocial engineeringpenetration testingrisk assessment - Question #49Risk Management
An agency has implemented a data retention policy that requires tagging data according to type before storing it in the data repository. The policy requires all business emails be...
data retentionemail policydata classificationpolicy enforcement - Question #50Enterprise Security Operations
An advanced threat emulation engineer is conducting testing against a client's network. The engineer conducts the testing in as realistic a manner as possible. Consequently, the en...
threat emulationblack box testingpivotingvulnerability assessment - Question #51Technical Integration of Enterprise Security
An insurance company has two million customers and is researching the top transactions on its customer portal. It identifies that the top transaction is currently password reset. D...
authenticationmobile securitypasswordlessPKI certificates - Question #52Technical Integration of Enterprise Security
A security architect is implementing security measures in response to an external audit that found vulnerabilities in the corporate collaboration tool suite. The report identified...
S/MIMEemail encryptionPKIdigital certificates - Question #53Enterprise Security Operations
The Chief Executive Officer (CEO) of an Internet service provider (ISP) has decided to limit the company's contribution to worldwide Distributed Denial of Service (DDoS) attacks. W...
DDoS mitigationBCP38ingress filteringISP security