CAS-003 Exam Questions
947 real CAS-003 exam questions with expert-verified answers and explanations. Page 3 of 19.
- Question #106Technical Integration of Enterprise Security
After being notified of an issue with the online shopping cart, where customers are able to arbitrarily change the price of listed items, a programmer analyzes the following piece...
TOCTOUrace conditionweb application securityfile handling - Question #107Enterprise Security Architecture
The senior security administrator wants to redesign the company DMZ to minimize the risks associated with both external and internal threats. The DMZ design must support security i...
DMZ architecturedefense in depthdual firewallincident reconstruction - Question #108Technical Integration of Enterprise Security
A security architect is designing a new infrastructure using both type 1 and type 2 virtual machines. In addition to the normal complement of security controls (e.g. antivirus, hos...
vTPMvirtualization securitycryptographic key storagetype 1 hypervisor - Question #109Technical Integration of Enterprise Security
The helpdesk manager wants to find a solution that will enable the helpdesk staff to better serve company employees who call with computer-related problems. The helpdesk staff is c...
remote supportdesktop sharingtelecommuter helpdeskcollaboration tools - Question #110Technical Integration of Enterprise Security
Which of the following technologies prevents an unauthorized HBA from viewing iSCSI target information?
LUN maskingiSCSI securitystorage access controlHBA authorization - Question #111Enterprise Security Operations
A security officer is leading a lessons learned meeting. Which of the following should be components of that meeting? (Select TWO).
lessons learnedincident responsepost-incident reviewfollow-up tracking - Question #112Enterprise Security Operations
An investigator wants to collect the most volatile data first in an incident to preserve the data that runs the highest risk of being lost. After memory, which of the following BES...
order of volatilitydigital forensicsevidence collectionincident investigation - Question #113Risk Management
An analyst connects to a company web conference hosted on allowed to join, without providing identifying information. The topics covered during the web conference are considered pr...
unauthenticated accessinformation confidentialityweb conferencing riskaccess control - Question #114Risk Management
A security engineer is a new member to a configuration board at the request of management. The company has two new major IT projects starting this year and wants to plan security i...
security control baselinefederal authorizationSDLC securityassessment timing - Question #115Risk Management
The Information Security Officer (ISO) is reviewing a summary of the findings from the last COOP tabletop exercise. The Chief Information Officer (CIO) wants to determine which add...
COOP tabletop exercisebusiness continuityVoIP availabilitytelecom resilience - Question #116Risk Management
The Chief Executive Officer (CEO) of a company that allows telecommuting has challenged the Chief Security Officer's (CSO) request to harden the corporate network's perimeter. The...
network perimeter hardeningrisk aggregationtelecommuting riskdefense in depth - Question #117Risk Management
A large company is preparing to merge with a smaller company. The smaller company has been very profitable, but the smaller company's main applications were created in-house. Which...
merger acquisition securitythird-party risksecurity assessmentapplication integration - Question #118Research, Development and Collaboration
A security engineer is responsible for monitoring company applications for known vulnerabilities. Which of the following is a way to stay current on exploits and information securi...
security mailing liststhreat intelligencevulnerability monitoringsecurity news - Question #119Enterprise Security Architecture
A new internal network segmentation solution will be implemented into the enterprise that consists of 200 internal firewalls. As part of running a pilot exercise, it was determined...
network segmentationcontrol effectivenesschange managementsecurity complexity - Question #120Technical Integration of Enterprise Security
A new web based application has been developed and deployed in production. A security engineer decides to use an HTTP interceptor for testing the application. Which of the followin...
HTTP interceptorclient-side validationweb application testinginput validation bypass - Question #121Enterprise Security Operations
An insurance company has an online quoting system for insurance premiums. It allows potential customers to fill in certain details about their car and obtain a quote. During an inv...
resource exhaustionWAFbot mitigationSIEM integration - Question #122Risk Management
An accountant at a small business is trying to understand the value of a server to determine if the business can afford to buy another server for DR. The risk manager only provided...
SLEasset valuationquantitative riskALE - Question #123Enterprise Security Operations
During a recent audit of servers, a company discovered that a network administrator, who required remote access, had deployed an unauthorized remote access application that communi...
SSL VPNSAML federationremote accessunauthorized software - Question #124Research, Development and Collaboration
A security engineer is working on a large software development project. As part of the design of the project, various stakeholder requirements were gathered and decomposed to an im...
SRTMsecurity requirementsrequirements traceabilitysoftware assurance - Question #125Enterprise Security Architecture
A small retail company recently deployed a new point of sale (POS) system to all 67 stores. The core of the POS is an extranet site, accessible only from retail stores and the corp...
network architectureUTMPOS securitysplit-tunnel VPN - Question #126Enterprise Security Operations
Due to compliance regulations, a company requires a yearly penetration test. The Chief Information Security Officer (CISO) has asked that it be done under a black box methodology....
black box testingpenetration testingattacker simulationcompliance - Question #127Risk Management
The Chief Executive Officer (CEO) of a large prestigious enterprise has decided to reduce business costs by outsourcing to a third party company in another country. Functions to be...
outsourcing riskthird-party riskintellectual propertydata handling - Question #128Risk Management
The helpdesk department desires to roll out a remote support application for internal use on all company computers. This tool should allow remote desktop sharing, system log gather...
vendor risk managementremote supportaccountabilityaudit logging - Question #129Risk Management
A software project manager has been provided with a requirement from the customer to place limits on the types of transactions a given user can initiate without external interactio...
separation of dutiesaccess controltransaction limitsprivilege management - Question #130Research, Development and Collaboration
A firm's Chief Executive Officer (CEO) is concerned that IT staff lacks the knowledge to identify complex vulnerabilities that may exist in a payment system being internally develo...
gray box testingNDAcode confidentialitysecurity testing - Question #131Enterprise Security Operations
The network administrator at an enterprise reported a large data leak. One compromised server was used to aggregate data from several critical application servers and send it out t...
network forensicsflow analysisbaseline profilingdata exfiltration - Question #132Technical Integration of Enterprise Security
Which of the following represents important technical controls for securing a SAN storage infrastructure? (Select TWO).
SAN securityLUN maskingport mappingstorage security - Question #133Technical Integration of Enterprise Security
A vulnerability scanner report shows that a client-server host monitoring solution operating in the credit card corporate environment is managing SSL sessions with a weak algorithm...
SSL/TLScipher suite negotiationhandshake configurationPCI compliance - Question #134Risk Management
Which of the following provides the BEST risk calculation methodology?
risk calculationquantitative riskcontrol failure probabilityrisk methodology - Question #135Technical Integration of Enterprise Security
Company XYZ finds itself using more cloud-based business tools, and password management is becoming onerous. Security is important to the company; as a result, password replication...
SAMLfederationcloud authenticationSSO - Question #136Risk Management
A government agency considers confidentiality to be of utmost importance and availability issues to be of least importance. Knowing this, which of the following correctly orders va...
vulnerability prioritizationCIA triadconfidentialityrisk ranking - Question #137Research, Development and Collaboration
Joe, a hacker, has discovered he can specifically craft a webpage that when viewed in a browser crashes the browser and then allows him to gain remote code execution in the context...
use-after-freeheap exploitationmemory vulnerabilitiesbrowser security - Question #138Enterprise Security Operations
A large enterprise acquires another company which uses antivirus from a different vendor. The CISO has requested that data feeds from the two different antivirus platforms be combi...
GRCsecurity metricsantivirus managementvendor consolidation - Question #139Risk Management
A risk manager has decided to use likelihood and consequence to determine the risk of an event occurring to a company asset. Which of the following is a limitation of this approach...
qualitative risk assessmentlikelihood-consequencerisk methodologysubjectivity - Question #140Enterprise Security Operations
Joe, a penetration tester, is tasked with testing the security robustness of the protocol between a mobile web application and a RESTful application server. Which of the following...
mobile securityREST API testingHTTP interceptionvulnerability scanning - Question #141Risk Management
A security manager for a service provider has approved two vendors for connections to the service provider backbone. One vendor will be providing authentication services for its pa...
interconnection security agreementvendor managementthird-party agreementsbusiness agreements - Question #142Risk Management
A well-known retailer has experienced a massive credit card breach. The retailer had gone through an audit and had been presented with a potential problem on their network. Vendors...
quantitative risk analysisresidual riskdata breachrisk assessment - Question #143Enterprise Security Operations
The security administrator finds unauthorized tables and records, which were not present before, on a Linux database server. The database server communicates only with one web serv...
privilege escalationSQL injectionweb application attackslog analysis - Question #144Risk Management
A multi-national company has a highly mobile workforce and minimal IT infrastructure. The company utilizes a BYOD and social media policy to integrate presence technology into glob...
presence technologyBYODphysical securityinternational travel risk - Question #145Enterprise Security Architecture
An administrator wants to enable policy based flexible mandatory access controls on an open source OS to prevent abnormal application modifications or executions. Which of the foll...
SELinuxmandatory access controlOS hardeningLinux security - Question #146Enterprise Security Operations
News outlets are beginning to report on a number of retail establishments that are experiencing payment card data breaches. The data exfiltration is enabled by malware on a comprom...
application whitelistingmalware preventionendpoint securityPOS security - Question #147Technical Integration of Enterprise Security
Company ABC's SAN is nearing capacity, and will cause costly downtimes if servers run out disk space. Which of the following is a more cost effective alternative to buying a new SA...
SANdeduplicationstorage optimizationcapacity management - Question #148Enterprise Security Operations
Wireless users are reporting issues with the company's video conferencing and VoIP systems. The security administrator notices internal DoS attacks from infected PCs on the network...
VoIP securitySIPDoS attacksQoS 802.11e - Question #149Risk Management
A large hospital has implemented BYOD to allow doctors and specialists the ability to access patient medical records on their tablets. The doctors and specialists access patient re...
BYODhealthcare securitypatient privacydata loss prevention - Question #150Enterprise Security Operations
A security administrator notices the following line in a server's security log: <input name='credentials' type='TEXT' value='" + ='document.cooki e</script>') + "'; The administrat...
XSSWAFweb application securityinput validation - Question #151Enterprise Security Operations
Company policy requires that all company laptops meet the following baseline requirements: Software requirements: Antivirus Anti-malware Anti-spyware Log monitoring Full-disk encry...
endpoint hardeningbootkitlocal admin privilegesUSB security - Question #152Enterprise Security Operations
A security analyst, Ann, states that she believes Internet facing file transfer servers are being attacked. Which of the following is evidence that would aid Ann in making a case t...
security monitoringbaseline analysisincident evidencethreat reporting - Question #153Enterprise Security Operations
The security engineer receives an incident ticket from the helpdesk stating that DNS lookup requests are no longer working from the office. The network team has ensured that Layer...
DNSport scanningNMAPnetwork troubleshooting - Question #154Risk Management
A security auditor suspects two employees of having devised a scheme to steal money from the company. While one employee submits purchase orders for personal items, the other emplo...
job rotationfraud detectioninsider threatseparation of duties - Question #155Enterprise Security Architecture
A company that must comply with regulations is searching for a laptop encryption product to use for its 40,000 end points. The product must meet regulations but also be flexible en...
full disk encryptionendpoint securitykey managementcompliance