CAS-003 exam

A software development team has spent the last 18 months developing a new web-based front-end that will allow clients to check the status of their orders as they proceed through manufacturing. The marketing team schedules a launch party to present the new application to the client base in two weeks....

Ann, a terminated employee, left personal photos on a company-issued laptop and no longer has access to them. Ann emails her previous manager and asks to get her personal photos back . Which of the following BEST describes how the manager should respond?A . Determine if the data still exists...

An organization is evaluating options related to moving organizational assets to a cloud-based environment using an IaaS provider. One engineer has suggested connecting a second cloud environment within the organization’s existing facilities to capitalize on available datacenter space and resources. Other project team members are concerned about such a commitment...

A company recently implemented a variety of security services to detect various types of traffic that pose a threat to the company. The following services were enabled within the network: • Scan of specific subsets for vulnerabilities • Categorizing and logging of website traffic • Enabling specific ACLs based on...

A penetration testing manager is contributing to an RFP for the purchase of a new platform. The manager has provided the following requirements: ✑ Must be able to MITM web-based protocols ✑ Must be able to find common misconfigurations and security holes Which of the following types of testing should...

A server (10.0.0.2) on the corporate network is experiencing a DoS from a number of marketing desktops that have been compromised and are connected to a separate network segment. The security engineer implements the following configuration on the management router: Which of the following is the engineer implementing?A . Remotely...

A company is implementing a new secure identity application, given the following requirements • The cryptographic secrets used in the application must never be exposed to users or the OS • The application must work on mobile devices. • The application must work with the company's badge reader system Which...

Click on the exhibit buttons to view the four messages. A security architect is working with a project team to deliver an important service that stores and processes customer banking details. The project, internally known as ProjectX, is due to launch its first set of features publicly within a week,...

The Chief Information Security Officer (CISO) of a company that has highly sensitive corporate locations wants its security engineers to find a solution to growing concerns regarding mobile devices. The CISO mandates the following requirements: • The devices must be owned by the company for legal purposes. • The device...

A security analyst receives an email from a peer that includes a sample of code from a piece of malware found in an application running in the organization’s staging environment. During the incident response process, it is determined the code was introduced into the environment as a result of a...