CAS-003 exam

A SaaS-based email service provider often receives reports from legitimate customers that their IP netblocks are on blacklists and they cannot send email. The SaaS has confirmed that affected customers typically have IP addresses within broader network ranges and some abusive customers within the same IP ranges may have performed...

A security administrator wants to allow external organizations to cryptographically validate the company’s domain name in email messages sent by employees . Which of the following should the security administrator implement?A . SPFB . S/MIMEC . TLSD . DKIMView AnswerAnswer: D

A newly hired security analyst has joined an established SOC team. Not long after going through corporate orientation, a new attack method on web-based applications was publicly revealed. The security analyst immediately brings this new information to the team lead, but the team lead is not concerned about it. Which...

A pharmacy gives its clients online access to their records and the ability to review bills and make payments. A new SSL vulnerability on a special platform was discovered, allowing an attacker to capture the data between the end user and the web server providing these services. After invest the...

A company that uses AD is migrating services from LDAP to secure LDAP. During the pilot phase, services are not connecting properly to secure LDAP. Block is an except of output from the troubleshooting session: Which of the following BEST explains why secure LDAP is not working? (Select TWO.)A ....

A system administrator recently conducted a vulnerability scan of the internet. Subsequently, the organization was successfully attacked by an adversary . Which of the following in the MOST likely explanation for why the organization network was compromised?A . There was a false positive since the network was fully patched.B ....

Which of the following system would be at the GREATEST risk of compromise if found to have an open vulnerability associated with perfect ... secrecy?A . EndpointsB . VPN concentratorsC . Virtual hostsD . SIEME . Layer 2 switchesView AnswerAnswer: B

A security analyst is comparing two virtual servers that were bum from the same image and patched at the same regular intervals Server A is used to host a public-facing website, and Server B runs accounting software inside the firewalled accounting network. The analyst runs the same command and obtains...

The Chief Information Security Officer (CISO) for an organization wants to develop custom IDS rulesets faster, prior to new rules being released by IDS vendors . Which of the following BEST meets this objective?A . Identify a third-party source for IDS rules and change the configuration on the applicable IDSs...

The Chief Information Officer (CIO) wants to increase security and accessibility among the organization’s cloud SaaS applications. The applications are configured to use passwords, and two-factor authentication is not provided natively . Which of the following would BEST address the CIO’s concerns?A . Procure a password manager for the employees...