CAS-003 Exam Questions
947 real CAS-003 exam questions with expert-verified answers and explanations. Page 7 of 19.
- Question #311Enterprise Security Operations
A security analyst has requested network engineers integrate sFlow into the SOC's overall monitoring picture. For this to be a useful addition to the monitoring capabilities, which...
sFlownetwork monitoringSOC integrationtraffic analysis - Question #312Enterprise Security Operations
Ann, a member of the finance department at a large corporation, has submitted a suspicious email she received to the information security team. The team was not expecting an email...
phishing analysismalware analysissocial engineeringair-gapped systems - Question #313Enterprise Security Operations
A new cluster of virtual servers has been set up in a lab environment and must be audited before being allowed on the production network. The security manager needs to ensure unnec...
SCAP scanningserver hardening auditSIEMvulnerability management - Question #314Research, Development and Collaboration
A security engineer is embedded with a development team to ensure security is built into products being developed. The security engineer wants to ensure developers are not blocked...
DevSecOpsSDLC securitysecurity requirementsagile development - Question #315Research, Development and Collaboration
A security engineer is working with a software development team. The engineer is tasked with ensuring all security requirements are adhered to by the developers. Which of the follo...
security testing methodologySDLCunit-level controlsdeveloper security - Question #316Enterprise Security Operations
A security technician is incorporating the following requirements in an RFP for a new SIEM: - New security notifications must be dynamically implemented by the SIEM engine - The SI...
SIEM capabilitiesmachine learningbig data analyticsthreat detection - Question #317Technical Integration of Enterprise Security
An organization enables BYOD but wants to allow users to access the corporate email, calendar, and contacts from their devices. The data associated with the user's accounts is sens...
BYODMDMmobile device managementdata containerization - Question #318Enterprise Security Operations
Given the following information about a company's internal network: User IP space: 192.168.1.0/24 Server IP space: 192.168.192.0/25 A security engineer has been told that there are...
rogue server detectionnetwork scanningprotocol analysisuser subnet monitoring - Question #319Technical Integration of Enterprise Security
The Chief Information Officer (CIO) wants to increase security and accessibility among the organization's cloud SaaS applications. The applications are configured to use passwords,...
SSOSAMLTOTPidentity federation - Question #320Enterprise Security Operations
During a security assessment, activities were divided into two phases; internal and external exploitation. The security assessment team set a hard time limit on external activities...
penetration testinglateral movementpivotingpost-exploitation - Question #321Enterprise Security Architecture
An organization's network engineering team recently deployed a new software encryption solution to ensure the confidentiality of data at rest, which was found to add 300ms of laten...
full disk encryptionhardware FDEdata at reststorage performance - Question #322Technical Integration of Enterprise Security
While attending a meeting with the human resources department, an organization's information security officer sees an employee using a username and password written on a memo pad t...
SSOpassword fatigueidentity managementauthentication - Question #323Risk Management
Which of the following is the GREATEST security concern with respect to BYOD?
BYODdata exfiltrationuncontrolled data flowmobile security risk - Question #324Technical Integration of Enterprise Security
Given the following code snippet: Which of the following failure modes would the code exhibit?
failure modessecure codingexception handlingerror handling - Question #325Enterprise Security Architecture
A medical facility wants to purchase mobile devices for doctors and nurses. To ensure accountability, each individual will be assigned a separate mobile device. Additionally, to pr...
mobile device securityeFuseGPS trackinghealthcare data protection - Question #326Technical Integration of Enterprise Security
A security administrator wants to implement two-factor authentication for network switches and routers. The solution should integrate with the company's RADIUS server, which is use...
RADIUSHOTPmulti-factor authenticationnetwork authentication - Question #327Enterprise Security Architecture
Following a merger, the number of remote sites for a company has doubled to 52. The company has decided to secure each remote site with an NGFW to provide web filtering, NIDS/NIPS,...
NGFWfirewall sizingnetwork security designcapacity planning - Question #328Enterprise Security Operations
Given the following output from a security tool in Kali:
fuzzingsecurity toolsKali Linuxpenetration testing - Question #329Enterprise Security Operations
Due to a recent breach, the Chief Executive Officer (CEO) has requested the following activities be conducted during incident response planning: - Involve business owners and stake...
incident responsetabletop exerciseIR planningbusiness continuity - Question #330Risk Management
A government organization operates and maintains several ICS environments. The categorization of one of the ICS environments led to a moderate baseline. The organization has compli...
ICS securityNIST controlssecurity overlayscontrol baseline - Question #331Risk Management
A security researches is gathering information about a recent spoke in the number of targeted attacks against multinational banks. The spike is on top of already sustained attacks...
threat intelligencethreat actorsthreat profilingfinancial sector attacks - Question #332Technical Integration of Enterprise Security
A security analyst is inspecting pseudocode of the following multithreaded application: 1. perform daily ETL of data 1.1 validate that yesterday's data model file exists 1.2 valida...
TOCTOUrace conditionsecure codingmultithreading - Question #333Enterprise Security Architecture
An organization is considering the use of a thin client architecture as it moves to a cloud-hosted environment. A security analyst is asked to provide thoughts on the security adva...
thin clientsvirtual workstationscloud securitydata protection - Question #334Enterprise Security Operations
A security analyst is attempting to break into a client's secure network. The analyst was not given prior information about the client, except for a block of public IP addresses th...
penetration testingnetwork enumerationsecurity assessment methodologygray-box testing - Question #335Technical Integration of Enterprise Security
A security architect is determining the best solution for a new project. The project is developing a new intranet with advanced authentication capabilities, SSO for users, and auto...
identity managementSSOKerberosSPML provisioning - Question #336Risk Management
Which of the following is an external pressure that causes companies to hire security assessors and penetration testers?
regulatory complianceindependent security reviewpenetration testing drivers - Question #337Risk Management
Engineers at a company believe a certain type of data should be protected from competitors, but the data owner insists the information is not sensitive. An information security eng...
data classificationdata ownershipinformation governancesensitivity labeling - Question #338Enterprise Security Operations
A security engineer is performing an assessment again for a company. The security engineer examines the following output from the review: Which of the following tools is the engine...
SCAPcompliance scanningsecurity assessment toolsconfiguration auditing - Question #339Risk Management
The marketing department has developed a new marketing campaign involving significant social media outreach. The campaign includes allowing employees and customers to submit blog p...
OPSECsocial media securityacceptable use policyNDA - Question #340Risk Management
A database administrator is required to adhere to and implement privacy principles when executing daily tasks. A manager directs the administrator to reduce the number of unique in...
data minimizationPIIprivacy principlesdata protection - Question #341Risk Management
A newly hired security analyst has joined an established SOC team. Not long after going through corporate orientation, a new attack method on web-based applications was publicly re...
risk acceptancethreat modelingSOC operationsweb application security - Question #342Enterprise Security Operations
A systems administrator has installed a disk wiping utility on all computers across the organization and configured it to perform a seven-pass wipe and an additional pass to overwr...
data sanitizationdisk wipingmedia sanitizationbad sectors - Question #343Enterprise Security Operations
The Chief Information Officer (CISO) is concerned that certain systems administrators will privileged access may be reading other user's emails. Review of a tool's output shows the...
log analysisprivileged access monitoringinsider threataudit logs - Question #344Technical Integration of Enterprise Security
A security analyst is troubleshooting a scenario in which an operator should only be allowed to reboot remote hosts but not perform other activities. The analyst inspects the follo...
SSH configurationsudoLinux access controlpty session - Question #345Technical Integration of Enterprise Security
The director of sales asked the development team for some small changes to increase the usability of an application used by the sales team. Prior security reviews of the code showe...
SDLCregression testingsecure development lifecyclesoftware testing - Question #346Risk Management
An organization is engaged in international business operations and is required to comply with various legal frameworks. In addition to changes in legal frameworks, which of the fo...
compliance managementregulatory requirementslegal frameworkspolicy governance - Question #347Enterprise Security Operations
Company.org has requested a black-box security assessment be performed on key cyber terrain. On area of concern is the company's SMTP services. The security assessor wants to run r...
DNS reconnaissanceSMTP enumerationblack-box testingdnsrecon - Question #348Technical Integration of Enterprise Security
A medical device company is implementing a new COTS antivirus solution in its manufacturing plant. All validated machines and instruments must be retested for interoperability with...
COTS integrationmedical devicesuser acceptance testingvalidation testing - Question #349Enterprise Security Operations
A company has gone through a round of phishing attacks. More than 200 users have had their workstation infected because they clicked on a link in an email. An incident analysis has...
phishing preventionsecurity awareness trainingendpoint protectionsocial engineering - Question #350Technical Integration of Enterprise Security
An internal staff member logs into an ERP platform and clicks on a record. The browser URL changes to: Which of the following is the MOST likely vulnerability in this ERP platform?
insecure direct object referenceIDORweb application securityERP security - Question #351Technical Integration of Enterprise Security
Providers at a healthcare system with many geographically dispersed clinics have been fined five times this year after an auditor received notice of the following SMS messages: Whi...
HIPAA compliancesecure messagingPHI protectionmobile security - Question #352Enterprise Security Architecture
An information security manager is concerned that connectivity used to configure and troubleshoot critical network devices could be attacked. The manager has tasked a network secur...
out-of-band managementSSHmanagement planenetwork device security - Question #353Technical Integration of Enterprise Security
A penetration tester noticed special characters in a database table. The penetration tester configured the browser to use an HTTP interceptor to verify that the front-end user regi...
input validationweb application securitySQL injection preventionsecure coding - Question #354Enterprise Security Architecture
A managed service provider is designing a log aggregation service for customers who no longer want to manage an internal SIEM infrastructure. The provider expects that customers wi...
multi-tenancySIEMlog managementcloud security architecture - Question #355Enterprise Security Operations
At a meeting, the systems administrator states the security controls a company wishes to implement seem excessive, since all of the information on the company's web servers can be...
incident responseweb defacementSQL injectionIR procedures - Question #356Risk Management
Click on the exhibit buttons to view the four messages. A security architect is working with a project team to deliver an important service that stores and processes customer banki...
risk communicationencryption at restbusiness impactexecutive reporting - Question #357Enterprise Security Architecture
As a result of an acquisition, a new development team is being integrated into the company. The development team has BYOD laptops with IDEs installed, build servers, and code repos...
BYODnetwork access controlSSL VPNrights management - Question #358Enterprise Security Architecture
A security architect is designing a system to satisfy user demand for reduced transaction time, increased security and message integrity, and improved cryptographic security. The r...
PKIdigital signaturestransaction integritycryptographic architecture - Question #359Enterprise Security Architecture
A user asks a security practitioner for recommendations on securing a home network. The user recently purchased a connected home assistant and multiple IoT devices in an effort to...
IoT securitynetwork segmentationhome networkprivacy controls - Question #360Enterprise Security Architecture
An enterprise with global sites processes and exchanges highly sensitive information that is protected under several countries' arms trafficking laws. There is new information that...
VPN securitycryptographic resiliencenation-state threatsdefense in depth