CAS-003 exam

Following the merger of two large companies the newly combined security team is overwhelmed by the volume of logs flowing from the IT systems. The company's data retention schedule complicates the issue by requiring detailed logs to be collected and available for months . Which of the following designs BEST...

A company’s claims processed department has a mobile workforce that receives a large number of email submissions from personal email addresses. An employees recently received an email that approved to be claim form, but it installed malicious software on the employee’s laptop when was opened.A . Impalement application whitelisting and...

A penetration test is being scoped for a set of web services with API endpoints. The APIs will be hosted on existing web application servers. Some of the new APIs will be available to unauthenticated users, but some will only be available to authenticated users . Which of the following...

An internal penetration tester was assessing a recruiting page for potential issues before it was pushed to the production website. The penetration tester discovers an issue that must be corrected before the page goes live. The web host administrator collects the log files below and gives them to the development...

A school contracts with a vendor to devise a solution that will enable the school library to lend out tablet computers to students while on site. The tablets must adhere to string security and privacy practices. The school’s key requirements are to: ✑ Maintain privacy of students in case of...

A security analyst has requested network engineers integrate sFlow into the SOC’s overall monitoring picture. For this to be a useful addition to the monitoring capabilities, which of the following must be considered by the engineering team?A . Effective deployment of network tapsB . Overall bandwidth available at Internet PoPC...

A developer needs to provide feedback on a peer’s work during the SDLC. While reviewing the code changes, the developers session ID tokens for a web application will be transmitted over an unsecure connection . Which of the following code snippets should the developer recommend implement to correct the vulnerability?...

A systems administrator receives an advisory email that a recently discovered exploit is being used in another country and the financial institutions have ceased operations while they find a way to respond to the attack . Which of the following BEST describes where the administrator should look to find information...

CORRECT TEXT You are a security analyst tasked with interpreting an Nmap scan output from Company A's privileged network. The company's hardening guidelines indicate the following: • There should be one primary server or service per device. • Only default ports should be used. • Non-secure protocols should be disabled....

An analyst is investigating behavior on a corporate-owned, corporate-managed mobile device with application whitelisting enabled, based on a name string. The employee to whom the device is assigned reports the approved email client is displaying warning messages that can launch browser windows and is adding unrecognized email addresses to the...