CAS-003 Practice Questions

An incident responder wants to capture volatile memory comprehensively from a running machine for forensic purposes. The machine is running a very recent release of the Linux OS. W...

A request has been approved for a vendor to access a new internal server using only HTTPS and SSH to manage the back-end system for the portal. Internal users just need HTTP and HT...

A firewall specialist has been newly assigned to participate in red team exercises and needs to ensure the skills represent real-world threats. Which of the following would be the...

A company's Chief Operating Officer (COO) is concerned about the potential for competitors to infer proprietary information gathered from employees' social media accounts. Which of...

An organization is implementing a virtualized thin-client solution for normal user computing and access. During a review of the architecture, concerns were raised that an attacker...

An online bank has contracted with a consultant to perform a security assessment of the bank's web portal. The consultant notices the login page is linked from the main page with H...

A security administrator wants to implement controls to harden company-owned mobile devices. Company policy specifies the following requirements: - Mandatory access control must be...

While conducting online research about a company to prepare for an upcoming penetration test, a security analyst discovers detailed financial information on an investor website the...

An organization wants to allow its employees to receive corporate email on their own smartphones. A security analyst is reviewing the following information contained within the fil...

An infrastructure team within an energy organization is at the end of a procurement process and has selected a vendor's SaaS platform to deliver services. As part of the legal nego...

A developer emails the following output to a security administrator for review: Which of the following tools might the security administrator use to perform further security assess...

A software development company lost customers recently because of a large number of software issues. These issues were related to integrity and availability defects, including buff...

An enterprise is trying to secure a specific web-based application by forcing the use of multifactor authentication. Currently, the enterprise cannot change the application's sign-...

After significant vulnerabilities and misconfigurations were found in numerous production web applications, a security manager identified the need to implement better development c...

An organization wants to arm its cybersecurity defensive suite automatically with intelligence on zero-day threats shortly after they emerge. Acquiring tools and services that supp...

A financial institution's information security officer is working with the risk management officer to determine what to do with the institution's residual risk after all security c...

A large, public university has recently been experiencing an increase in ransomware attacks against computers connected to its network. Security engineers have discovered various s...

A security architect is reviewing the code for a company's financial website. The architect suggests adding the following HTML element, along with a server-side function, to genera...

Following a recent and very large corporate merger, the number of log files an SOC needs to review has approximately tripled. The Chief Information Security Officer (CISO) has not...

An organization is deploying IoT locks, sensors, and cameras, which operate over 802.11, to replace legacy building access control systems. These devices are capable of triggering...

A security administrator is updating corporate policies to respond to an incident involving collusion between two systems administrators that went undetected for more than six mont...

A core router was manipulated by a credentialed bypass to send all network traffic through a secondary router under the control of an unauthorized user connected to the network by...

An infrastructure team is at the end of a procurement process and has selected a vendor. As part of the final negotiation, there are a number of outstanding issues, including: 1. I...

A security analyst works for a defense contractor that produces classified research on drones. The contractor faces nearly constant attacks from sophisticated nation-state actors a...

A company recently implemented a variety of security services to detect various types of traffic that pose a threat to the company. The following services were enabled within the n...

An external red team member conducts a penetration test, attempting to gain physical access to a large organization's server room in a branch office. During reconnaissance, the red...

A company relies on an ICS to perform equipment monitoring functions that are federally mandated for operation of the facility. Fines for non-compliance could be costly. The ICS ha...

During a sprint, developers are responsible for ensuring the expected outcome of a change is thoroughly evaluated for any security impacts. Any impacts must be reported to the team...

An organization is currently working with a client to migrate data between a legacy ERP system and a cloud-based ERP tool using a global PaaS provider. As part of the engagement, t...

Which of the following is a feature of virtualization that can potentially create a single point of failure?

A cybersecurity analyst has received an alert that well-known "call home" messages are continuously observed by network sensors at the network boundary. The proxy firewall successf...

A cybersecurity analyst is hired to review the security the posture of a company. The cybersecurity analyst notice a very high network bandwidth consumption due to SYN floods from...

During a routine network scan, a security administrator discovered an unidentified service running on a new embedded and unmanaged HVAC controller, which is used to monitor the com...

There have been several exploits to critical devices within the network. However, there is currently no process to perform vulnerability analysis. Which the following should the se...

Which of the following systems would be at the GREATEST risk of compromise if found to have an open vulnerability associated with perfect forward secrecy?

An organization is attempting to harden its web servers and reduce the information that might be disclosed by potential attackers. A security analyst is reviewing vulnerability sca...

A technician receives the following security alert from the firewall's automated system: Evidence: host repeatedly visited a dynamic DNS domain (17 time) After reviewing the alert,...

A security analyst is reviewing logs and discovers that a company-owned computer issued to an employee is generating many alerts and warnings. The analyst continues to review the l...

A pharmacy gives its clients online access to their records and the ability to review bills and make payments. A new SSL vulnerability on a special platform was discovered, allowin...

The security configuration management policy states that all patches must undergo testing procedures before being moved into production. The security analyst notices a single web a...

A malware infection spread to numerous workstations within the marketing department. The workstations were quarantined and replaced with machines. Which of the following represents...

A pharmacy gives its clients online access to their records and the ability to review bills and make payments. A new SSL vulnerability on a specific platform was discovered, allowi...

An analyst has noticed unusual activities in the SIEM to a .cn domain name. Which of the following should the analyst use to identify the content of the traffic?

The Chief Executive Officer (CEO) instructed the new Chief Information Security Officer (CISO) to provide a list of enhancements to the company's cybersecurity operation. As a resu...

A cybersecurity analyst is conducting packet analysis on the following: Which of the following is occurring in the given packet capture?

An investigation showed a worm was introduced from an engineer's laptop. It was determined the company does not provide engineers with company-owned laptops, which would be subject...

A company recently implemented a new cloud storage solution and installed the required synchronization client on all company devices. A few months later, a breach of sensitive data...

A vendor develops a mobile application for global customers. The mobile application supports advanced encryption of data between the source (the mobile device) and the destination...

A security engineer is working to secure an organization's VMs. While reviewing the workflow for creating VMs on demand, the engineer raises a concern about the integrity of the se...

When implementing a penetration testing program, the Chief Information Security Officer (CISO) designates different organizational groups within the organization as having differen...