CAS-003 Exam Questions
947 real CAS-003 exam questions with expert-verified answers and explanations. Page 4 of 19.
- Question #156Risk Management
A security analyst has been asked to develop a quantitative risk analysis and risk assessment for the company's online shopping application. Based on heuristic information from the...
quantitative risk analysisALEROI security controlscost-benefit analysis - Question #157Technical Integration of Enterprise Security
At 9:00 am each morning, all of the virtual desktops in a VDI implementation become extremely slow and/or unresponsive. The outage lasts for around 10 minutes, after which everythi...
VDIstorage I/Othin clientsinfrastructure performance - Question #158Technical Integration of Enterprise Security
The administrator is troubleshooting availability issues on an FCoE-based storage array that uses deduplication. The single controller in the storage array has failed, so the admin...
FCoESANdeduplicationstorage compatibility - Question #159Enterprise Security Operations
select id, firstname, lastname from authors User input= firstname= Hack;man lastname=Johnson Which of the following types of attacks is the user attempting?
SQL injectionweb application attacksinput validationattack identification - Question #160Enterprise Security Architecture
A web services company is planning a one-time high-profile event to be hosted on the corporate website. An outage, due to an attack, would be publicly embarrassing, so Joe, the Chi...
DDoS mitigationscrubbing servicesweb availabilityhigh availability - Question #161Risk Management
A company is in the process of outsourcing its customer relationship management system to a cloud provider. It will host the entire organization's customer database. The database w...
cloud outsourcingdue diligencevendor risk managementcontract security clauses - Question #162Research, Development and Collaboration
An organization has implemented an Agile development process for front end web application development. A new security architect has just joined the company and wants to integrate...
SDLC securityAgile developmentstatic analysispenetration testing - Question #163Enterprise Security Operations
An administrator has enabled salting for users' passwords on a UNIX box. A penetration tester must attempt to retrieve password hashes. Which of the following files must the penetr...
password hashingsaltingUnix security/etc/shadow - Question #164Enterprise Security Architecture
Joe is a security architect who is tasked with choosing a new NIPS platform that has the ability to perform SSL inspection, analyze up to 10Gbps of traffic, can be centrally manage...
NIPSSSL inspectionnetwork security architectureRFP process - Question #165Risk Management
A company decides to purchase commercially available software packages. This can introduce new security risks to the network. Which of the following is the BEST description of why...
commercial software riskknown vulnerabilitiessoftware supply chainpatch exposure - Question #166Enterprise Security Operations
The IT Security Analyst for a small organization is working on a customer's system and identifies a possible intrusion in a database that contains PII. Since PII is involved, the a...
incident responsePII breachdatabase intrusionescalation process - Question #167Enterprise Security Operations
A security manager looked at various logs while investigating a recent security breach in the data center from an external source. Each log below was collected from various securit...
log analysisbuffer overflowattack identificationSIEM - Question #168Enterprise Security Operations
A member of the software development team has requested advice from the security team to implement a new secure lab for testing malware. Which of the following is the NEXT step tha...
secure labmalware analysisproject governancemanagement approval - Question #169Research, Development and Collaboration
A mature organization with legacy information systems has incorporated numerous new processes and dependencies to manage security as its networks and infrastructure are modernized....
Agile methodologySDLCsoftware requirementsiterative development - Question #170Enterprise Security Operations
A security administrator is shown the following log excerpt from a Unix system: 2013 Oct 10 07:14:57 web14 sshd[1632]: Failed password for root from 198.51.100.23 port 37914 ssh2 2...
SSH brute forcelog analysisdictionary attackincident response - Question #171Technical Integration of Enterprise Security
A popular commercial virtualization platform allows for the creation of virtual hardware. To virtual machines, this virtual hardware is indistinguishable from real hardware. By imp...
TPMchain of trustvirtualizationtrusted computing - Question #172Enterprise Security Operations
There have been some failures of the company's internal facing website. A security engineer has found the WAF to be the root cause of the failures. System logs show that the WAF ha...
MTTRWAF availabilityuptime calculationSLA metrics - Question #173Enterprise Security Operations
A security consultant is conducting a network assessment and wishes to discover any legacy backup Internet connections the network may have. Where would the consultant find this in...
network assessmentBGP routing tableslegacy connectionsnetwork reconnaissance - Question #174Risk Management
A Chief Information Security Officer (CISO) has requested that a SIEM solution be implemented. The CISO wants to know upfront what the projected TCO would be before looking further...
SIEMTCO analysisoutsourcingvendor comparison - Question #175Enterprise Security Operations
A pentester must attempt to crack passwords on a windows domain that enforces strong complex passwords. Which of the following would crack the MOST passwords in the shortest time p...
password crackingrainbow tablesWindows domainhash attacks - Question #176Enterprise Security Architecture
A security engineer on a large enterprise network needs to schedule maintenance within a fixed window of time. A total outage period of four hours is permitted for servers. Worksta...
maintenance windowOLAMOUservice agreements - Question #177Enterprise Security Operations
The source workstation image for new accounting PCs has begun blue-screening. A technician notices that the date/time stamp of the image source appears to have changed. The desktop...
file integrityhash verificationforensic analysissystem image - Question #178Enterprise Security Operations
Which of the following activities is commonly deemed "OUT OF SCOPE" when undertaking a penetration test?
penetration testingscope definitiondenial of servicerules of engagement - Question #179Risk Management
The Information Security Officer (ISO) is reviewing new policies that have been recently made effective and now apply to the company. Upon review, the ISO identifies a new requirem...
policy exceptionrisk acceptancecompensating controlstwo-factor authentication - Question #180Technical Integration of Enterprise Security
A security administrator was doing a packet capture and noticed a system communicating with an unauthorized address within the 2001::/32 prefix. The network administrator confirms...
IPv6 tunnelingTeredounauthorized trafficfirewall rules - Question #181Enterprise Security Operations
An organization uses IP address block 203.0.113.0/24 on its internal network. At the border router, the network administrator sets up rules to deny packets with a source address in...
IP spoofingingress filteringegress filteringACL - Question #182Enterprise Security Operations
The Information Security Officer (ISO) believes that the company has been targeted by cybercriminals and it is under a cyber attack. Internal services that are normally available t...
DDoSFraggle attacknetwork analyzerIPS response - Question #183Technical Integration of Enterprise Security
A storage as a service company implements both encryption at rest as well as encryption in transit of customers' data. The security administrator is concerned with the overall secu...
key derivationpassword hashingcryptographic strengthoffline attack resistance - Question #184Risk Management
A Chief Financial Officer (CFO) has raised concerns with the Chief Information Security Officer (CISO) because money has been spent on IT security infrastructure, but corporate ass...
security controls effectivenesspatch managementaudit findingsrisk communication - Question #185Risk Management
A system worth $100,000 has an exposure factor of eight percent and an ARO of four. Which of the following figures is the system's SLE?
SLEexposure factorquantitative riskrisk calculation - Question #186Enterprise Security Operations
Company policy requires that all unsupported operating systems be removed from the network. The security administrator is using a combination of network based tools to identify suc...
OS fingerprintingpassive banner grabbingNmapTTL analysis - Question #187Risk Management
A user is suspected of engaging in potentially illegal activities. Law enforcement has requested that the user continue to operate on the network as normal. However, they would lik...
legal holde-discoverychain of custodydigital forensics - Question #188Research, Development and Collaboration
A company is in the process of implementing a new front end user interface for its customers, the goal is to provide them with more self-service functionality. The application has...
SDLgrey box testingstatic code analysissecurity testing - Question #189Technical Integration of Enterprise Security
A network engineer wants to deploy user-based authentication across the company's wired and wireless infrastructure at layer 2 of the OSI model. Company policies require that users...
802.1xRADIUSLDAPnetwork access control - Question #190Risk Management
A company is facing penalties for failing to effectively comply with e-discovery requests. Which of the following could reduce the overall risk to the company from this issue?
e-discovery compliancekey escrowPKIencryption policy - Question #191Enterprise Security Operations
A network administrator with a company's NSP has received a CERT alert for targeted adversarial behavior at the company. In addition to the company's physical security, which of th...
HIDSprotocol analyzerinsider threat detectionnetwork monitoring - Question #192Enterprise Security Operations
An administrator attempts to install the package "named.9.3.6-12-x86_64.rpm" on a server. Even though the package was downloaded from the official repository, the server states the...
GPGpackage signingintegrity verificationpublic key import - Question #193Research, Development and Collaboration
The Chief Information Security Officer (CISO) at a software development company is concerned about the lack of introspection during a testing cycle of the company's flagship produc...
white box testingcode coverageSDLC securitysecurity testing - Question #194Technical Integration of Enterprise Security
A bank provides single sign on services between its internally hosted applications and externally hosted CRM. The following sequence of events occurs: 1. The banker accesses the CR...
SAML 2.0SSOidentity federationservice provider initiated - Question #195Risk Management
A company has implemented data retention policies and storage quotas in response to their legal department's requests and the SAN administrator's recommendation. The retention poli...
e-discoverylegal holddata retentioncompliance conflict - Question #196Enterprise Security Architecture
The security administrator of a large enterprise is tasked with installing and configuring a solution that will allow the company to inspect HTTPS traffic for signs of hidden malwa...
SSL inspectiontransparent proxyHTTPS interceptioncertificate authority - Question #197Technical Integration of Enterprise Security
Three companies want to allow their employees to seamlessly connect to each other's wireless corporate networks while keeping one consistent wireless client configuration. Each com...
802.1xRADIUS federationEAP-PEAP-MSCHAPv2wireless authentication - Question #198Technical Integration of Enterprise Security
Which of the following BEST explains SAML?
SAMLXMLSSOfederated identity - Question #199Enterprise Security Architecture
An Association is preparing to upgrade their firewalls at five locations around the United States. Each of the three vendor's RFP responses is in-line with the security and other r...
firewall evaluationvendor selectionlab testingRFP analysis - Question #200Technical Integration of Enterprise Security
When generating a new key pair, a security application asks the user to move the mouse and type random characters on the keyboard. Which of the following BEST describes why this is...
entropykey pair generationcryptographyrandom number generation - Question #201Technical Integration of Enterprise Security
Ann, a software developer, wants to publish her newly developed software to an online store. Ann wants to ensure that the software will not be modified by a third party or end user...
remote attestationsoftware integritymobile securitycode signing - Question #202Enterprise Security Operations
A large bank deployed a DLP solution to detect and block customer and credit card data from leaving the organization via email. A disgruntled employee was able to successfully exfi...
DLP bypassdata exfiltrationembedded objectsemail security - Question #203Risk Management
A large international business has completed the acquisition of a small business and it is now in the process of integrating the small business' IT department. Both parties have ag...
mergers and acquisitionsregulatory complianceIT integrationoperational procedures - Question #204Enterprise Security Architecture
Company XYZ has just purchased Company ABC through a new acquisition. A business decision has been made to integrate the two company's networks, application, and several basic serv...
network integrationfirewall placementtrust zonesaccess control - Question #205Risk Management
The Universal Research Association has just been acquired by the Association of Medical Business Researchers. The new conglomerate has funds to upgrade or replace hardware as part...
mergers and acquisitionsregulatory complianceconflicting standardsIT integration