CAS-003 exam

A security administrator wants to implement two-factor authentication for network switches and routers. The solution should integrate with the company’s RADIUS server, which is used for authentication to the network infrastructure devices. The security administrator implements the following: ✑ An HOTP service is installed on the RADIUS server. ✑ ....

A technician uses an old SSL server due to budget constraints and discovers performance degrades dramatically after enabling PFS. The technician cannot determine why performance degraded so dramatically A newer version of the SSL server does not suffer the same performance degradation. Performance rather than security is the main priority...

A Chief Information Security Officer (CISO) is running a test to evaluate the security of the corporate network and attached devices . Which of the following components should be executed by an outside vendor?A . Penetration testsB . Vulnerability assessmentC . Tabletop exercisesD . Blue-team operationsView AnswerAnswer: A

During a criminal investigation, the prosecutor submitted the original hard drive from the suspect’s computer as evidence. The defense objected during the trial proceedings, and the evidence was rejected . Which of the following practices should the prosecutor’s forensics team have used to ensure the suspect’s data would be admissible...

A security technician is incorporating the following requirements in an RFP for a new SIEM: ✑ New security notifications must be dynamically implemented by the SIEM engine ✑ . The SIEM must be able to identify traffic baseline anomalies ✑ Anonymous attack data from all customers must augment attack detection...

A software company is releasing a new mobile application to a broad set of external customers. Because the software company is rapidly releasing new features, it has built in an over-the-air software update process that can automatically update the application at launch time . Which of the following security controls...

An organization is struggling to differentiate threats from normal traffic and access to systems. A security engineer has been asked to recommend a system that will aggregate data and provide metrics that will assist in identifying malicious actors or other anomalous activity throughout the environment . Which of the following...

An information security officer reviews a report and notices a steady increase in outbound network traffic over the past ten months. There is no clear explanation for the increase. The security officer interviews several business units and discovers an unsanctioned cloud storage provider was used to share marketing materials with...

An administrator wants to ensure hard drives cannot be removed from hosts and men installed into and read by unauthorized hosts. Which of the following techniques would BEST support this?A . Access control listsB . TACACS+ server for AAAC . File-level encryptionD . TPM with sealed storageView AnswerAnswer: A

A security engineer is working to secure an organization’s VMs. While reviewing the workflow for creating VMs on demand, the engineer raises a concern about the integrity of the secure boot process of the VM guest. Which of the following would BEST address this concern?A . Configure file integrity monitoring...