CAS-003 Exam Questions
947 real CAS-003 exam questions with expert-verified answers and explanations. Page 2 of 19.
- Question #54Research, Development and Collaboration
The latest independent research shows that cyber attacks involving SCADA systems grew an average of 15% per year in each of the last four years, but that this year's growth has slo...
security trend analysisSCADA securityresource allocationthreat intelligence - Question #55Technical Integration of Enterprise Security
A small company is developing a new Internet-facing web application. The security requirements are: Users of the web application must be uniquely identified and authenticated. User...
OpenIDfederated identityweb application authenticationthird-party auth - Question #56Technical Integration of Enterprise Security
A security administrator has been asked to select a cryptographic algorithm to meet the criteria of a new application. The application utilizes streaming video that can be viewed b...
symmetric encryptionAES counter modeRC4transport encryption - Question #57Enterprise Security Operations
A security administrator is assessing a new application. The application uses an API that is supposed to encrypt text strings that are stored in memory. How might the administrator...
memory forensicscore dumpAPI encryption testingapplication security - Question #58Enterprise Security Operations
The Chief Information Security Officer (CISO) at a large organization has been reviewing some security-related incidents at the organization and comparing them to current industry...
USB policy enforcementgroup policy objectsDLPtechnical controls - Question #59Enterprise Security Architecture
An organization is concerned with potential data loss in the event of a disaster, and created a backup datacenter as a mitigation strategy. The current storage method is a single N...
SAN replicationdisaster recoverydata availabilitystorage redundancy - Question #60Enterprise Security Architecture
An organization has decided to reduce labor costs by outsourcing back office processing of credit applications to a provider located in another country. Data sovereignty and privac...
third-party riskremote desktop securitysession securitydata exfiltration prevention - Question #61Enterprise Security Architecture
The risk manager has requested a security solution that is centrally managed, can easily be updated, and protects end users' workstations from both known and unknown malicious atta...
HIPSendpoint protectioncentralized managementhost-based security - Question #62Enterprise Security Operations
An external penetration tester compromised one of the client organization's authentication servers and retrieved the password database. Which of the following methods allows the pe...
pass the hashcredential exploitationpenetration testingauthentication - Question #63Enterprise Security Operations
Which of the following would be used in forensic analysis of a compromised Linux system? (Select THREE).
Linux forensicslog analysisMD5 integrity verificationfile timestamps - Question #64Risk Management
The technology steering committee is struggling with increased requirements stemming from an increase in telecommuting. The organization has not addressed telecommuting in the past...
remote access policytelecommutingsecurity governanceSSL-VPN - Question #65Risk Management
A security manager is looking into the following vendor proposal for a cloud-based SIEM solution. The intention is that the cost of the SIEM solution will be justified by having re...
ROI calculationSIEMcost-benefit analysissecurity investment - Question #66Enterprise Security Architecture
A senior network security engineer has been tasked to decrease the attack surface of the corporate network. Which of the following actions would protect the external network interf...
attack surface reductionIP fragmentationnetwork scanningexternal interfaces - Question #67Enterprise Security Operations
A new piece of ransomware got installed on a company's backup server which encrypted the hard drives containing the OS and backup application configuration but did not affect the d...
ransomwarebackup recoveryincident responsedata deduplication - Question #68Technical Integration of Enterprise Security
An enterprise must ensure that all devices that connect to its networks have been previously approved. The solution must support dual factor mutual authentication with strong ident...
802.1xEAP-TTLSmutual authenticationnetwork access control - Question #70Technical Integration of Enterprise Security
A security administrator is performing VDI traffic data collection on a virtual server which migrates from one host to another. While reviewing the data collected by the protocol a...
VM live migrationVDI securityVLAN isolationvirtualization confidentiality - Question #71Enterprise Security Operations
An assessor identifies automated methods for identifying security control compliance through validating sensors at the endpoint and at Tier 2. Which of the following practices sati...
continuous monitoringongoing authorizationsecurity controls complianceautomated assessment - Question #72Enterprise Security Operations
During an incident involving the company main database, a team of forensics experts is hired to respond to the breach. The team is in charge of collecting forensics evidence from t...
forensics order of operationschain of custodyvolatile data collectionincident response - Question #73Research, Development and Collaboration
A company has received the contract to begin developing a new suite of software tools to replace an aging collaboration solution. The original collaboration solution has been in pl...
SDLCwaterfall modelsoftware development methodologyrisk analysis phases - Question #74Technical Integration of Enterprise Security
The finance department for an online shopping website has discovered that a number of customers were able to purchase goods and services without any payments. Further analysis cond...
integer overflowsecure codingapplication vulnerabilityweb application security - Question #75Risk Management
The risk manager at a small bank wants to use quantitative analysis to determine the ALE of running a business system at a location which is subject to fires during the year. A ris...
ALE calculationSLEAROquantitative risk analysis - Question #76Technical Integration of Enterprise Security
A developer has implemented a piece of client-side JavaScript code to sanitize a user's provided input to a web page login screen. The code ensures that only the upper case and low...
SQL injectionclient-side validation bypassinput sanitizationweb application security - Question #77Enterprise Security Operations
Ann, a systems engineer, is working to identify an unknown node on the corporate network. To begin her investigative work, she runs the following nmap command string: user@hostname...
OS fingerprintingnmapnetwork reconnaissanceport analysis - Question #78Enterprise Security Operations
An administrator believes that the web servers are being flooded with excessive traffic from time to time. The administrator suspects that these traffic floods correspond to when a...
data analyticstraffic correlationDDoS investigationsecurity event analysis - Question #79Enterprise Security Architecture
Executive management is asking for a new manufacturing control and workflow automation solution. This application will facilitate management of proprietary information and closely...
cloud SaaS integrationthird-party riskdata classificationtrade secret protection - Question #80Enterprise Security Operations
An application present on the majority of an organization's 1,000 systems is vulnerable to a buffer overflow attack. Which of the following is the MOST comprehensive way to resolve...
patch managementbuffer overflow remediationvulnerability managementHIPS - Question #81Enterprise Security Operations
A security administrator has noticed that an increased number of employees' workstations are becoming infected with malware. The company deploys an enterprise antivirus system as w...
malware preventiontechnical controlscloud storage blockingendpoint security - Question #82Enterprise Security Operations
Ann is testing the robustness of a marketing website through an intercepting proxy. She has intercepted the following HTTP request: POST /login.aspx HTTP/1.1 Host: comptia.org Cont...
authentication bypassweb application securityintercepting proxyHTTP parameter manipulation - Question #83Risk Management
A security administrator wants to calculate the ROI of a security design which includes the purchase of new equipment. The equipment costs $50,000 and it will take 50 hours to inst...
ROI calculationsecurity investmentcost-benefit analysisfinancial metrics - Question #84Enterprise Security Operations
The helpdesk is receiving multiple calls about slow and intermittent Internet access from the finance department. The following information is compiled: Caller 1, IP 172.16.35.217,...
ARP analysispacket capturenetwork attack identificationDoS - Question #85Enterprise Security Architecture
Since the implementation of IPv6 on the company network, the security administrator has been unable to identify the users associated with certain devices utilizing IPv6 addresses,...
IPv6 privacy extensionsEUI-64NDPaddress tracking - Question #87Technical Integration of Enterprise Security
After the install process, a software application executed an online activation process. After a few months, the system experienced a hardware failure. A backup image of the system...
software licensinghardware attestationTPMsystem restore - Question #88Enterprise Security Operations
Company XYZ has purchased and is now deploying a new HTML5 application. The company wants to hire a penetration tester to evaluate the security of the client and server components...
penetration testingblack box testingweb application securityfuzzing - Question #89Technical Integration of Enterprise Security
A user has a laptop configured with multiple operating system installations. The operating systems are all installed on a single SSD, but each has its own partition and logical vol...
disk encryptionpartition encryptionFDEdata confidentiality - Question #90Enterprise Security Operations
A completely new class of web-based vulnerabilities has been discovered. Claims have been made that all common web-based development frameworks are susceptible to attack. Proof-of-...
vulnerability managementthreat assessmentrisk evaluationzero-day response - Question #91Research, Development and Collaboration
A human resources manager at a software development company has been tasked with recruiting personnel for a new cyber defense division in the company. This division will require pe...
professional developmentindustry knowledgecybersecurity workforcerecruitment - Question #92Risk Management
The Chief Information Security Officer (CISO) at a company knows that many users store business documents on public cloud-based storage, and realizes this is a risk to the company....
risk mitigationcloud storagesecurity awareness trainingrisk strategies - Question #93Enterprise Security Operations
During a new desktop refresh, all hosts are hardened at the OS level before deployment to comply with policy. Six months later, the company is audited for compliance to regulations...
configuration managementcompliance driftdesktop hardeningconfiguration baseline - Question #94Risk Management
ABC Company must achieve compliance for PCI and SOX. Which of the following would BEST allow the organization to achieve compliance and ensure security? (Select THREE).
PCI DSSSOX compliancenetwork segmentationregulatory compliance - Question #95Enterprise Security Architecture
The Chief Information Security Officer (CISO) is asking for ways to protect against zero-day exploits. The CISO is concerned that an unrecognized threat could compromise corporate...
zero-day protectionbehavior-based IPSthreat intelligenceheuristic detection - Question #96Enterprise Security Architecture
A company provides on-demand cloud computing resources for a sensitive project. The company implements a fully virtualized datacenter and terminal server access with two- factor au...
cloud securityVM isolationvirtualization breachdata confidentiality - Question #97Technical Integration of Enterprise Security
An organization is selecting a SaaS provider to replace its legacy, in house Customer Resource Management (CRM) application. Which of the following ensures the organization mitigat...
federationSSOdirectory servicesidentity management - Question #98Technical Integration of Enterprise Security
A developer is determining the best way to improve security within the code being developed. The developer is focusing on input fields where customers enter their credit card detai...
input validationregexcredit card securityinjection prevention - Question #99Enterprise Security Operations
A large organization has recently suffered a massive credit card breach. During the months of Incident Response, there were multiple attempts to assign blame for whose fault it was...
incident responselessons learnedpost-incident reviewIR phases - Question #100Technical Integration of Enterprise Security
A bank is in the process of developing a new mobile application. The mobile client renders content and communicates back to the company servers via REST/JSON calls. The bank wants...
stateless authenticationREST APImobile securitytoken-based auth - Question #101Enterprise Security Operations
A company has noticed recently that its corporate information has ended up on an online forum. An investigation has identified that internal employees are sharing confidential corp...
DLPinsider threatsecurity awareness trainingdata exfiltration - Question #102Enterprise Security Operations
An intruder was recently discovered inside the data center, a highly sensitive area. To gain access, the intruder circumvented numerous layers of physical and electronic security m...
physical securitydata center access controlsecurity governancelayered security - Question #103Enterprise Security Operations
An attacker attempts to create a DoS event against the VoIP system of a company. The attacker uses a tool to flood the network with a large number of SIP INVITE traffic. Which of t...
VoIP securitySIP floodDoS mitigationVLAN segmentation - Question #104Technical Integration of Enterprise Security
Using SSL, an administrator wishes to secure public facing server farms in three subdomains: dc1.east.company.com, dc2.central.company.com, and dc3.west.company.com. Which of the f...
wildcard SSL certificatesPKIsubdomain securityTLS - Question #105Technical Integration of Enterprise Security
The following has been discovered in an internally developed application: Error - Memory allocated but not freed: char *myBuffer = malloc(BUFFER_SIZE); if (myBuffer != NULL) { *myB...
static code analysismemory leakmanual code reviewapplication security