• Home
  • Articles
  • [Sep-2021] CAS-003 Free PDF from PracticeVCE [Q271-Q291]

[Sep-2021] CAS-003 Free PDF from PracticeVCE [Q271-Q291]

Share

Sep-2021 Latest PracticeVCE CAS-003 Exam Dumps with PDF and Exam Engine Free Updated Today!

Following are some new CAS-003 Real Exam Questions!

NEW QUESTION 271
A security engineer is analyzing an application during a security assessment to ensure it is configured to protect against common threats. Given the output below:

Which of the following tools did the security engineer MOST likely use to generate this output?

  • A. Fuzzer
  • B. Vulnerabilityscanner
  • C. HTTPinterceptor
  • D. Applicationfingerprinter

Answer: C

 

NEW QUESTION 272
A network engineer wants to deploy user-based authentication across the company's wired and wireless infrastructure at layer 2 of the OSI model. Company policies require that users be centrally managed and authenticated and that each user's network access be controlled based on the user's role within the company.
Additionally, the central authentication system must support hierarchical trust and the ability to natively authenticate mobile devices and workstations. Which of the following are needed to implement these requirements? (Select TWO).

  • A. PKI
  • B. WAYF
  • C. LDAP
  • D. RADIUS
  • E. SAML
  • F. Shibboleth

Answer: C,D

Explanation:
Explanation
RADIUS is commonly used for the authentication of WiFi connections. We can use LDAP and RADIUS for the authentication of users and devices.
LDAP and RADIUS have something in common. They're both mainly protocols (more than a database) which uses attributes to carry information back and forth. They're clearly defined in RFC documents so you can expect products from different vendors to be able to function properly together.
RADIUS is NOT a database. It's a protocol for asking intelligent questions to a user database. LDAP is just a database. In recent offerings it contains a bit of intelligence (like Roles, Class of Service and so on) but it still is mainly just a rather stupid database. RADIUS (actually RADIUS servers like FreeRADIUS) provide the administrator the tools to not only perform user authentication but also to authorize users based on extremely complex checks and logic. For instance you can allow access on a specific NAS only if the user belongs to a certain category, is a member of a specific group and an outside script allows access. There's no way to perform any type of such complex decisions in a user database.

 

NEW QUESTION 273
A cybersecurity analyst is conducting packet analysis on the following:

Which of the following is occurring in the given packet capture?

  • A. Smurf attack
  • B. Broadcast storm
  • C. Zero-day exploit
  • D. ARP spoofing
  • E. Network enurneration

Answer: D

 

NEW QUESTION 274
A security administrator notices a recent increase in workstations becoming compromised by malware. Often, the malware is delivered via drive-by downloads, from malware hosting websites, and is not being detected by the corporate antivirus. Which of the following solutions would provide the BEST protection for the company?

  • A. Deploy a cloud-based content filter and enable the appropriate category to prevent further infections.
  • B. Deploy a WAF to inspect and block all web traffic which may contain malware and exploits.
  • C. Increase the frequency of antivirus downloads and install updates to all workstations.
  • D. Deploy a web based gateway antivirus server to intercept viruses before they enter the network.

Answer: A

Explanation:
The undetected malware gets delivered to the company via drive-by and malware hosing websites. Display filters and Capture filters when deployed on the cloud-based content should provide the protection required.

 

NEW QUESTION 275
A mature organization with legacy information systems has incorporated numerous new processes and dependencies to manage security as its networks and infrastructure are modernized. The Chief Information Office has become increasingly frustrated with frequent releases, stating that the organization needs everything to work completely, and the vendor should already have those desires built into the software product. The vendor has been in constant communication with personnel and groups within the organization to understand its business process and capture new software requirements from users. Which of the following methods of software development is this organization's configuration management process using?

  • A. SDL
  • B. Waterfall
  • C. Joint application development
  • D. Agile

Answer: D

Explanation:
In agile software development, teams of programmers and business experts work closely together, using an iterative approach.
Incorrect Answers:
B: The Microsoft developed security development life cycle (SDL) is designed to minimize the security-related design and coding bugs in software. An organization that implements SDL has a central security team that performs security functions.
C: The waterfall model is a sequential software development processes, in which progress is seen as flowing steadily downwards through the phases of conception, initiation, analysis, design, construction, testing, production/implementation and maintenance.
D: The vendor is still responsible for developing the solution, Therefore this is not an example of joint application development.
References:
BOOK pp. 371, 374
https://en.wikipedia.org/wiki/Waterfall_model

 

NEW QUESTION 276
A Chief Information Security Officer (CISO) is reviewing technical documentation from various regional offices and notices some key differences between these groups. The CISO has not discovered any governance documentation. The CISO creates the following chart to visualize the differences among the networking used:

Which of the following would be the CISO's MOST immediate concern?

  • A. The network has competing standards in use.
  • B. There are open standards in use on the network.
  • C. Network engineers have ignored defacto standards.
  • D. Network engineers are not following SOPs.

Answer: A

 

NEW QUESTION 277
An educational institution would like to make computer labs available to remote students. The labs are used for various IT networking, security, and programming courses. The requirements are:
* Each lab must be on a separate network segment.
* Labs must have access to the Internet, but not other lab networks.
* Student devices must have network access, not simple access to hosts
on the lab networks.
* Students must have a private certificate installed before gaining
access.
* Servers must have a private certificate installed locally to provide
assurance to the students.
* All students must use the same VPN connection profile.
Which of the following components should be used to achieve the design in conjunction with directory services?

  • A. SSL VPN for remote connectivity, directory services groups for each lab group, ACLs on routing equipment
  • B. L2TP VPN over TLS for remote connectivity, SAML for federated authentication, firewalls between each lab segment
  • C. IPSec VPN with mutual authentication for remote connectivity, RADIUS for authentication, ACLs on network equipment
  • D. Cloud service remote access tool for remote connectivity, OAuth for authentication, ACL on routing equipment

Answer: C

Explanation:
IPSec VPN with mutual authentication meets the certificates requirements.
RADIUS can be used with the directory service for the user authentication. ACLs (access control lists) are the best solution for restricting access to network hosts.

 

NEW QUESTION 278
A security analyst is reviewing the following pseudo-output snippet after running the command less /tmp/ file.tmp.

The information above was obtained from a public-facing website and used to identify military assets. Which of the following should be implemented to reduce the risk of a similar compromise?

  • A. Enforce proper input validation on mission-critical software
  • B. Install software to wipe data remnants on servers
  • C. Deploy a solution to sanitize geotagging information
  • D. Implement a digital watermarking solution

Answer: C

Explanation:
Explanation/Reference:

 

NEW QUESTION 279
An organization is in the process ofintegrating its operational technology and information technology areas. As part of the integration, some of the cultural aspects it would like to see include more efficient use of resources during change windows, better protection of critical infrastructure, and the ability to respond to incidents. The following observations have been identified:
* The ICS supplier has specified that any software installed will result in lack of support.
* There is no documented trust boundary defined between the SCADA and corporate networks.
* Operational technology staff have to manage the SCADA equipment via the engineering workstation.
* There is a lack of understanding of what is within the SCADA network.
Which of the following capabilities would BEST improve the security position?

  • A. VNC, router, and HIPS
  • B. SIEM, VPN, and firewall
  • C. IDS, NAC, and log monitoring
  • D. Proxy, VPN, and WAF

Answer: A

 

NEW QUESTION 280
A security consultant is considering authentication options for a financial institution. The following authentication options are available. Drag and drop the security mechanism to the appropriate use case. Options may be used once.

Answer:

Explanation:

 

NEW QUESTION 281
A user workstation was infected with a new malware variant as a result of a drive-by download. The security administrator reviews key controls on the infected workstation and discovers the following:

Which of the following would BEST prevent the problem from reoccurring in the future? (Choose two.)

  • A. Improve patch management processes
  • B. Install HIPS
  • C. Enable application blacklisting
  • D. Install EDR
  • E. Install HIDS
  • F. Enable DLP

Answer: C,F

 

NEW QUESTION 282
Which of the following BEST represents a risk associated with merging two enterprises during an acquisition?

  • A. The consolidation of two different IT enterprises increases the likelihood of the data loss because there are now two backup systems
  • B. Merging two enterprise networks could result in an expanded attack surface and could cause outages if trust and permission issues are not handled carefully
  • C. Integrating two different IT systems might result in a successful data breach if threat intelligence is not shared between the two enterprises
  • D. Expanding the set of data owners requires an in-depth review of all data classification decisions, impacting availability during the review

Answer: B

 

NEW QUESTION 283
The Chief Information Security Officer (CISO) has asked the security team to determine whether the organization is susceptible to a zero-day exploit utilized in the banking industry and whether attribution is possible. The CISO has asked what process would be utilized to gather the information, and then wants to apply signatureless controls to stop these kinds of attacks in the future. Which of the following are the MOST appropriate ordered steps to take to meet the CISO's request?

  • A. 1. Analyze the current threat intelligence2. Utilize information sharing to obtain the latest industry IOCs3. Perform a sweep across the network to identify positive matches4. Apply machine learning algorithms
  • B. 1. Perform the ongoing research of the best practices2. Determine current vulnerabilities and threats3. Apply Big Data techniques4. Use antivirus control
  • C. 1. Apply artificial intelligence algorithms for detection2. Inform the CERT team3.
    Research threat intelligence and potential adversaries4. Utilize threat intelligence to apply Big Data techniques
  • D. 1. Obtain the latest IOCs from the open source repositories2. Perform a sweep across the network to identify positive matches3. Sandbox any suspicious files4. Notify the CERT team to apply a future proof threat model

Answer: D

 

NEW QUESTION 284
A popular commercial virtualization platform allows for the creation of virtual hardware. To virtual machines, this virtual hardware is indistinguishable from real hardware. By implementing virtualized TPMs, which of the following trusted system concepts can be implemented?

  • A. Chain of trust with a hardware root of trust
  • B. Software-based root of trust
  • C. Continuous chain of trust
  • D. Software-based trust anchor with no root of trust

Answer: A

Explanation:
A Trusted Platform Module (TPM) is a microchip designed to provide basic security-related functions, primarily involving encryption keys. The TPM is usually installed on the motherboard of a computer, and it communicates with the remainder of the system by using a hardware bus.
A vTPM is a virtual Trusted Platform Module; a virtual instance of the TPM. IBM extended the current TPM V1.2 command set with virtual TPM management commands that allow us to create and delete instances of TPMs. Each created instance of a TPM holds an association with a virtual machine (VM) throughout its lifetime on the platform.
The TPM is the hardware root of trust.
Chain of trust means to extend the trust boundary from the root(s) of trust, in order to extend the collection of trustworthy functions. Implies/entails transitive trust. Therefore a virtual TPM is a chain of trust from the hardware TPM (root of trust).

 

NEW QUESTION 285
A company has issued a new mobile device policy permitting BYOD and company-issued devices. The company-issued device has a managed middleware client that restricts the applications allowed on company devices and provides those that are approved. The middleware client provides configuration standardization for both company owned and BYOD to secure data and communication to the device according to industry best practices. The policy states that, "BYOD clients must meet the company's infrastructure requirements to permit a connection." The company also issues a memorandum separate from the policy, which provides instructions for the purchase, installation, and use of the middleware client on BYOD. Which of the following is being described?

  • A. Asset management
  • B. Change management
  • C. Transference of risk
  • D. IT governance

Answer: D

Explanation:
It governance is aimed at managing information security risks. It entails educating users about risk and implementing policies and procedures to reduce risk.

 

NEW QUESTION 286
A security analyst is reviewing the corporate MDM settings and notices some disabled settings, which consequently permit users to download programs from untrusted developers and manually install them.
After some conversations, it is confirmed that these settings were disabled to support the internal development of mobile applications. The security analyst is now recommending that developers and testers have a separate device profile allowing this, and that the rest of the organization's users do not have the ability to manually download and install untrusted applications. Which of the following settings should be toggled to achieve the goal? (Choose two.)

  • A. Signed applications
  • B. Containerization
  • C. Remote wiping
  • D. OTA updates
  • E. Side loading
  • F. Sandboxing

Answer: A,B

 

NEW QUESTION 287
A security administrator wants to calculate the ROI of a security design which includes the purchase of new equipment. The equipment costs $50,000 and it will take 50 hours to install and configure the equipment. The administrator plans to hire a contractor at a rate of $100/hour to do the installation. Given that the new design and equipment will allow the company to increase revenue and make an additional $100,000 on the first year, which of the following is the ROI expressed as a percentage for the first year?

  • A. -45 percent
  • B. 5.5 percent
  • C. 82 percent
  • D. 45 percent

Answer: C

Explanation:
Explanation
Return on investment = Net profit / Investment
where:Net profit = gross profit - expenses
investment = stock + market outstanding[when defined as?] + claims
or
Return on investment = (gain from investment - cost of investment) / cost of investment Thus (100 000 - 55 000)/50 000 = 0,82 = 82 % References:
Gregg, Michael, and Billy Haines, CASP CompTIA Advanced Security Practitioner Study Guide, John Wiley
& Sons, Indianapolis, 2012, p. 337
http://www.financeformulas.net/Return_on_Investment.html

 

NEW QUESTION 288
Which of the following risks does expanding business into a foreign country carry?

  • A. Export controls might decrease software costs
  • B. Some security tools might be monitored by legal authorities
  • C. Data sovereignty laws could result in unexpected liability
  • D. Data ownership might revert to the regulatory entities in the new country

Answer: C

 

NEW QUESTION 289
A security architect is designing a new infrastructure using both type 1 and type 2 virtual machines. In addition to the normal complement of security controls (e.g. antivirus, host hardening, HIPS/NIDS) the security architect needs to implement a mechanism to securely store cryptographic keys used to sign code and code modules on the VMs.
Which of the following will meet this goal without requiring any hardware pass-through implementations?

  • A. HSM
  • B. INE
  • C. vTPM
  • D. TPM

Answer: C

Explanation:
A Trusted Platform Module (TPM) is a microchip designed to provide basic security-related functions, primarily involving encryption keys. The TPM is usually installed on the motherboard of a computer, and it communicates with the remainder of the system by using a hardware bus.
A vTPM is a virtual Trusted Platform Module.
IBM extended the current TPM V1.2 command set with virtual TPM management commands that allow us to create and delete instances of TPMs. Each created instance of a TPM holds an association with a virtual machine (VM) throughout its lifetime on the platform.

 

NEW QUESTION 290
A medical facility wants to purchase mobile devices for doctors and nurses. To ensure accountability, each
individual will be assigned a separate mobile device. Additionally, to protect patients' health information,
management has identified the following requirements:
Data must be encrypted at rest.

The device must be disabled if it leaves the facility.

The device must be disabled when tampered with.

Which of the following technologies would BEST support these requirements? (Select two.)

  • A. NFC
  • B. MicroSD
  • C. Biometric
  • D. GPS
  • E. USB 4.1
  • F. eFuse

Answer: C,D

 

NEW QUESTION 291
......

Resources From:

  1. 2021 Latest PracticeVCE CAS-003 Exam Dumps (PDF & Exam Engine) Free Share: https://www.practicevce.com/CompTIA/CAS-003-practice-exam-dumps.html
  2. 2021 Latest PracticeVCE CAS-003 PDF and CAS-003 Exam Dumps Free Share: https://drive.google.com/open?id=1lk1TS5lfO5zgi18ep2Wd5HcGorbcVqwC

Free Resources from PracticeVCE, We Devoted to Helping You 100% Pass All Exams!

Related Articles

more
CompTIA CAS-003 Certification Practice Exam