This page was exported from Actual Test Materials [ http://blog.actualtests4sure.com ] Export date:Fri Nov 15 20:46:38 2024 / +0000 GMT ___________________________________________________ Title: Get Aug-2022 updated Exam CAS-003 Dumps with New Questions [Q87-Q111] --------------------------------------------------- Get Aug-2022 updated Exam CAS-003 Dumps with New Questions 100% Pass Guarantee for CAS-003 Exam Dumps with Actual Exam Questions Q87. An organization is in the process of integrating its operational technology and information technology areas. As part of the integration, some of the cultural aspects it would like to see include more efficient use of resources during change windows, better protection of critical infrastructure, and the ability to respond to incidents. The following observations have been identified:* The ICS supplier has specified that any software installed will result in lack of support.* There is no documented trust boundary defined between the SCADA and corporate networks.* Operational technology staff have to manage the SCADA equipment via the engineering workstation.* There is a lack of understanding of what is within the SCADA network.Which of the following capabilities would BEST improve the security position?  VNC, router, and HIPS  SIEM, VPN, and firewall  Proxy, VPN, and WAF  IDS, NAC, and log monitoring Q88. A new web based application has been developed and deployed in production. A security engineer decides to use an HTTP interceptor for testing the application. Which of the following problems would MOST likely be uncovered by this tool?  The tool could show that input validation was only enabled on the client side  The tool could enumerate backend SQL database table and column names  The tool could force HTTP methods such as DELETE that the server has denied  The tool could fuzz the application to determine where memory leaks occur ExplanationA HTTP Interceptor is a program that is used to assess and analyze web traffic thus it can be used to indicate that input validation was only enabled on the client side.Q89. An information security manager conducted a gap analysis, which revealed a 75% implementation of security controls for high-risk vulnerabilities, 90% for medium vulnerabilities, and 10% for low-risk vulnerabilities. To create a road map to close the identified gaps, the assurance team reviewed the likelihood of exploitation of each vulnerability and the business impact of each associated control. To determine which controls to implement, which of the following is the MOST important to consider?  KPI  KRI  GRC  BIA Q90. A company provides guest WiFi access to the internet and physically separates the guest network from the company’s internal WIFI. Due to a recent incident in which an attacker gained access to the compay’s intend WIFI, the company plans to configure WPA2 Enterprise in an EAP- TLS configuration. Which of the following must be installed on authorized hosts for this new configuration to work properly?  Active Directory GPOs  PKI certificates  Host-based firewall  NAC persistent agent https://aventistech.com/kb/deploy-wireless-network-with-group-policy/https://docs.microsoft.com/en-us/troubleshoot/windows-server/networking/certificate-requirements-eap-tls-peapQ91. An information security officer is responsible for one secure network and one office network. Recent intelligence suggests there is an opportunity for attackers to gain access to the secure network due to similar login credentials across networks. To determine the users who should change their information, the information security officer uses a tool to scan a file with hashed values on both networks and receives the following data:Which of the following tools was used to gather this information from the hashed values in the file?  Vulnerability scanner  Fuzzer  MD5 generator  Password cracker  Protocol analyzer Q92. An asset manager is struggling with the best way to reduce the time required to perform asset location activities in a large warehouse.A project manager indicated that RFID might be a valid solution if the asset manager’s requirements were supported by current RFID capabilities.Which of the following requirements would be MOST difficult for the asset manager to implement?  The ability to encrypt RFID data in transmission  The ability to integrate environmental sensors into the RFID tag  The ability to track assets in real time as they move throughout the facility  The ability to assign RFID tags a unique identifier Q93. An accountant at a small business is trying to understand the value of a server to determine if the business can afford to buy another server for DR. The risk manager only provided the accountant with the SLE of $24,000, ARO of 20% and the exposure factor of 25%. Which of the following is the correct asset value calculated by the accountant?  $4,800  $24,000  $96,000  $120,000 The annualized loss expectancy (ALE) is the product of the annual rate of occurrence (ARO) and the single loss expectancy (SLE). It is mathematically expressed as: ALE = ARO x SLE Single Loss Expectancy (SLE) is mathematically expressed as: Asset value (AV) x Exposure Factor (EF) Thus if SLE = $ 24,000 and EF = 25% then the Asset value is SLE/EF = $ 96,000 References:http://www.financeformulas.net/Return_on_Investment.htmlhttps://en.wikipedia.org/wiki/Risk_assessmentQ94. During a recent audit of servers, a company discovered that a network administrator, who required remote access, had deployed an unauthorized remote access application that communicated over common ports already allowed through the firewall. A network scan showed that this remote access application had already been installed on one third of the servers in the company. Which of the following is the MOST appropriate action that the company should take to provide a more appropriate solution?  Implement an IPS to block the application on the network  Implement the remote application out to the rest of the servers  Implement SSL VPN with SAML standards for federation  Implement an ACL on the firewall with NAT for remote access A Secure Sockets Layer (SSL) virtual private network (VPN) would provide the network administrator who requires remote access a secure and reliable method of accessing the system over the Internet. Security Assertion Markup Language (SAML) standards for federation will provide cross-web service authentication and authorization.Q95. An accountant at a small business is trying to understand the value of a server to determine if the business can afford to buy another server for DR. The risk manager only provided the accountant with the SLE of $24,000, ARO of 20% and the exposure factor of 25%. Which of the following is the correct asset value calculated by the accountant?  $4,800  $24,000  $96,000  $120,000 The annualized loss expectancy (ALE) is the product of the annual rate of occurrence (ARO) and the single loss expectancy (SLE). It is mathematically expressed as: ALE = ARO x SLESingle Loss Expectancy (SLE) is mathematically expressed as: Asset value (AV) x Exposure Factor (EF)Thus if SLE = $ 24,000 and EF = 25% then the Asset value is SLE/EF = $ 96,000References:http://www.financeformulas.net/Return_on_Investment.htmlhttps://en.wikipedia.org/wiki/Risk_assessmentQ96. Legal authorities notify a company that its network has been compromised for the second time in two years. The investigation shows the attackers were able to use the same vulnerability on different systems in both attacks.Which of the following would have allowed the security team to use historical information to protect against the second attack?  Key risk indicators  Lessons learned  Recovery point objectives  Tabletop exercise Q97. A security officer is reviewing the following evidence associated with a recent penetration test:The lest results show this host is vulnerable. The security officer investigates further and determines device was connected to the network by a user without permission. Which of the following is the MOST appropriate recommendation for the security officer to make?  Force the use of the Spanning Tree Protocol and the BGP on al perimeter devices.  Increase the frequency of security awareness testing  Configure WAPs lo enable rogue AP detection.  Monitor MAC addresses that are on the router.  implement NAC using 802.1X. Q98. A company is not familiar with the risks associated with IPv6. The systems administrator wants to isolateIPv4 from IPv6 traffic between two different network segments. Which of the following should the companyimplement? (Select TWO)  Use an internal firewall to block UDP port 3544.  Disable network discovery protocol on all company routers.  Block IP protocol 41 using Layer 3 switches.  Disable the DHCPv6 service from all routers.  Drop traffic for ::/0 at the edge firewall.  Implement a 6in4 proxy server. Q99. During a security assessment, an organization is advised of inadequate control over network segmentation. The assessor explains that the organization’s reliance on VLANs to segment traffic is insufficient to provide segmentation based on regulatory standards.Which of the following should the organization consider implementing along with VLANs to provide a greater level of segmentation?  Air gaps  Access control lists  Spanning tree protocol  Network virtualization  Elastic load balancing Q100. A small company is developing a new Internet-facing web application.The security requirements are:* Users of the web application must be uniquely identified andauthenticated.* Users of the web application will not be added to the company’sdirectory services.* Passwords must not be stored in the code.Which of the following meets these requirements?  Use OpenID and allow a third party to authenticate users.  Use TLS with a shared client certificate for all users.  Use SAML with federated directory services.  Use Kerberos and browsers that support SAML. Users create accounts by selecting an OpenID identity provider, and then use those accounts to sign onto any website which accepts OpenID authentication. OpenID is an open standard and decentralized protocol by the non-profit OpenID Foundation that allows users to be authenticated by certain co-operating sites (known as Relying Parties or RP) using a third party service. This eliminates the need for webmasters to provide their own ad hoc systems and allowing users to consolidate their digital identities. In other words, users can log into multiple unrelated websites without having to register with their information over and over again. Several large organizations either issue or accept OpenIDs on their websites according to the OpenID Foundation: AOL, Blogger, Flickr, France Telecom, Google, Hyves, LiveJournal, Microsoft (provider name Microsoft account), Mixi, Myspace, Novell, Orange, Sears, Sun, Telecom Italia, Universal Music Group, VeriSign, WordPress, and Yahoo!. Other providers include BBC, IBM, PayPal, and Steam.Q101. An infrastructure team within an energy organization is at the end of a procurement process and has selected a vendor’s SaaS platform to deliver services. As part of the legal negotiation, there are a number of outstanding risks, including:1. There are clauses that confirm a data retention period in line with what is in the energy organization’s security policy.2. The data will be hosted and managed outside of the energy organization’s geographical location.The number of users accessing the system will be small, and no sensitive data will be hosted in the SaaS platform. Which of the following should the project’s security consultant recommend as the NEXT step?  Develop a security exemption, as the solution does not meet the security policies of the energy organization.  Require a solution owner within the energy organization to accept the identified risks and consequences.  Mititgate the risks by asking the vendor to accept the in-country privacy principles and modify the retention period.  Review the procurement process to determine the lessons learned in relation to discovering risks toward the end of the process. Q102. A security administrator is troubleshooting RADIUS authentication issues from a newly implemented controller-based wireless deployment. The RADIUS server contains the following information in its logs:Based on this information, the administrator reconfigures the RADIUS server, which results in the following log data:To correct this error message, the administrator makes an additional change to the RADIUS server. Which of the following did the administrator reconfigure on the RADIUS server? (Select TWO)  Added the controller address as an authorized client  Registered the RADIUS server to the wireless controller  Corrected a mismatched shared secret  Renewed the expired client certificate  Reassigned the RADIUS policy to the controller  Modified the client authentication method Q103. An organization, which handles large volumes of PII, allows mobile devices that can process, store, and transmit PII and other sensitive data to be issued to employees. Security assessors can demonstrate recovery and decryption of remnant sensitive data from device storage after MDM issues a successful wipe command.Assuming availability of the controls, which of the following would BEST protect against the loss of sensitive data in the future?  Implement a container that wraps PII data and stores keying material directly in the container’s encrypted application space.  Use encryption keys for sensitive data stored in an eF use-backed memory space that is blown during remote wipe.  Issue devices that employ a stronger algorithm for the authentication of sensitive data stored on them.  Procure devices that remove the bootloader binaries upon receipt of an MDM-issued remote wipe command. Q104. select id, firstname, lastname from authorsUser input= firstname= Hack;manlastname=JohnsonWhich of the following types of attacks is the user attempting?  XML injection  Command injection  Cross-site scripting  SQL injection The code in the question is SQL code. The attack is a SQL injection attack.SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). SQL injection must exploit a security vulnerability in an application’s software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.Q105. An organization based in the United States is planning to expand its operations into the European market later in the year Legal counsel is exploring the additional requirements that must be established as a result of the expansion. The BEST course of action would be to  revise the employee provisioning and deprovisioning procedures  complete a quantitative risk assessment  draft a memorandum of understanding  complete a security questionnaire focused on data privacy. Q106. A large bank deployed a DLP solution to detect and block customer and credit card data from leaving the organization via email.A disgruntled employee was able to successfully exfiltrate data through the corporate email gateway by embedding a word processing document containing sensitive data as an object in a CAD file.Which of the following BEST explains why it was not detected and blocked by the DLP solution?(Select TWO).  The product does not understand how to decode embedded objects.  The embedding of objects in other documents enables document encryption by default.  The process of embedding an object obfuscates the data.  The mail client used to send the email is not compatible with the DLP product.  The DLP product cannot scan multiple email attachments at the same time. Q107. After several industry comnpetitors suffered data loss as a result of cyebrattacks, the Chief Operating Officer (COO) of a company reached out to the information security manager to review the organization’s security stance. As a result of the discussion, the COO wants the organization to meet the following criteria:– Blocking of suspicious websites– Prevention of attacks based on threat intelligence– Reduction in spam– Identity-based reporting to meet regulatory compliance– Prevention of viruses based on signature– Project applications from web-based threatsWhich of the following would be the BEST recommendation the information security manager could make?  Reconfigure existing IPS resources  Implement a WAF  Deploy a SIEM solution  Deploy a UTM solution  Implement an EDR platform Q108. Click on the exhibit buttons to view the four messages.A security architect is working with a project team to deliver an important service that stores and processes customer banking details. The project, internally known as ProjectX, is due to launch its first set of features publicly within a week, but the team has not been able to implement encryption-at-rest of the customer records. The security architect is drafting an escalation email to senior leadership.Which of the following BEST conveys the business impact for senior leadership?  Message 1  Message 2  Message 3  Message 4 Q109. An organization wants to allow its employees to receive corporate email on their own smartphones. A security analyst is reviewing the following information contained within the file system of an employee’s smartphone:FamilyPix.jpgTaxreturn.taxpaystub.pdfemployeesinfo.xlsSoccerSchedule.docRecruitmentPlan.xlsBased on the above findings, which of the following should the organization implement to prevent further exposure? (Choose two.)  Remote wiping  Side loading  VPN  Containerization  Rooting  Geofencing  Jailbreaking Q110. To prepare for an upcoming audit, the Chief Information Security Officer (CISO) asks for all 1200vulnerabilities on production servers to be remediated. The security engineer must determine whichvulnerabilities represent real threats that can be exploited so resources can be prioritized to migrate themost dangerous risks. The CISO wants the security engineer to act in the same manner as would anexternal threat, while using vulnerability scan results to prioritize any actions. Which of the followingapproaches is described?  Blue team  Red team  Black box  White team Explanation/Reference:Reference: http://resources.infosecinstitute.com/the-types-of-penetration-testing/#grefQ111. Company policy requires that all unsupported operating systems be removed from the network. The security administrator is using a combination of network based tools to identify such systems for the purpose of disconnecting them from the network. Which of the following tools, or outputs from the tools in use, can be used to help the security administrator make an approximate determination of the operating system in use on the local company network? (Select THREE).  Passive banner grabbing  Password cracker  http://www.company.org/documents_private/index.php?search=string#&topic=windows&tcp=packet%20capture&cookie=wokdjwalkjcnie61lkasdf2aliser4  443/tcp open http  dig host.company.com  09:18:16.262743 IP (tos 0x0, ttl 64, id 9870, offset 0, flags [none], proto TCP (6), length 40)192.168.1.3.1051 > 10.46.3.7.80: Flags [none], cksum 0x1800 (correct), win 512, length 0  Nmap Banner grabbing and operating system identification can also be defined as fingerprinting the TCP/IP stack. Banner grabbing is the process of opening a connection and reading the banner or response sent by the application.The output displayed in option F includes information commonly examined to fingerprint the OS.Nmap provides features that include host discovery, as well as service and operating system detection.Incorrect Answers:B: A password cracker is used to recover passwords from data that have been stored in or transmitted by a computer system.C: This answer is invalid as port 443 is used for HTTPS, not HTTP.D: This web address link will not identify unsupported operating systems for the purpose of disconnecting them from the network.E: The dig (domain information groper) command is a network administration command-line tool for querying Domain Name System (DNS) name servers.References:https://en.wikipedia.org/wiki/Dig_(command)https://en.wikipedia.org/wiki/Password_crackinghttps://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbershttp://luizfirmino.blogspot.co.za/2011/07/understand-banner-grabbing-using-os.html?view=classicGregg, Michael, and Billy Haines, CASP CompTIA Advanced Security Practitioner Study Guide, John Wiley & Sons, Indianapolis, 2012, pp. 174, 175 Loading … Career Opportunities The CompTIA CASP+ certification is considered an industry-standard in risk management and enterprise security. Earning it will open up various career opportunities with decent annual salaries, that include: Security Architect $122kTechnical Lead Analyst $92kSecurity Engineer $92kApplication Security Engineer $98k What You Have to Learn for the Test? For clearing CAS-003 exam easily, you need to know the objectives mentioned below: Working on recovery as well as incident response and providing various security assessments.Backing the IT governance in the organization by giving importance to managing risk, handling strategies for risk mitigation.Applying security controls for mobile, host, and other devices as well as perform integration of security and network components.Using virtualization, cloud, and on-premise technologies to integrate different hosts, networks, storage into a protected infrastructure.Utilizing research and investigation techniques to select the most up-to-date and appropriate tools and methods to protect the organization. In addition, the applicants have to learn how to enforce cryptographic practices, analyze risks by interpreting trend data, and more. The benefit in Obtaining the CAS-003 Exam Certification Many colleges and universities are giving college credit for students who get CompTIA certifications.There are many Companies like Microsoft, Cisco, Novell, HP etc. in their own certification tracks are require a CompTIA certification like Network+.There are many companies and organizations have made CompTIA certifications compulsory for certain positions and several job advertisements list the certification as primary requirements. Certified professionals earn more than non-certified IT professionals in the same job roles.The big advantage of CompTIA certifications is especially for those candidates who are new to the IT field and they want to increase their own personal confidence. After getting a certification they gain proof that will give them more credibility and determination to advance their career.   CAS-003 exam dumps with real CompTIA questions and answers: https://www.actualtests4sure.com/CAS-003-test-questions.html --------------------------------------------------- Images: https://blog.actualtests4sure.com/wp-content/plugins/watu/loading.gif https://blog.actualtests4sure.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2022-08-19 12:53:57 Post date GMT: 2022-08-19 12:53:57 Post modified date: 2022-08-19 12:53:57 Post modified date GMT: 2022-08-19 12:53:57