CAS-003 exam

An architect was recently hired by a power utility to increase the security posture of the company’s power generation and distribution sites. Upon review, the architect identifies legacy hardware with highly vulnerable and unsupported software driving critical operations. These systems must exchange data with each other, be highly synchronized, and...

DRAG DROP A security administrator must configure the database server shown below to comply with the four requirements listed. Drag and drop the appropriate ACL that should be configured on the database server to its corresponding requirement. Answer options may be used once or not at all. View AnswerAnswer:

A forensics analyst suspects that a breach has occurred. Security logs show the company’s OS patch system may be compromised, and it is serving patches that contain a zero-day exploit and backdoor. The analyst extracts an executable file from a packet capture of communication between a client computer and the...

A systems administrator at a medical imaging company discovers protected health information (PHI) on a general-purpose file server. Which of the following steps should the administrator take NEXT?A . Isolate all of the PHI on its own VLAN and keep it segregated at Layer 2B . Immediately encrypt all PHI...

The board of a financial services company has requested that the senior security analyst acts as a cybersecurity advisor in order to comply with recent federal legislation. The analyst is required to give a report on current cybersecurity and threat trends in the financial services industry at the next board...

A server (10.0.0.2) on the corporate network is experiencing a DoS from a number of marketing desktops that have been compromised and are connected to a separate network segment. The security engineer implements the following configuration on the management router: Which of the following is the engineer implementing?A . Remotely...

A business is growing and starting to branch out into other locations. In anticipation of opening an office in a different country, the Chief Information Security Officer (CISO) and legal team agree they need to meet the following criteria regarding data to open the new office: - Store taxation-related documents...

A security consultant is attempting to discover if the company is utilizing databases on client machines to store the customer data. The consultant reviews the following information: Which of the following commands would have provided this output?A . arp -sB . netstat -aC . ifconfig -arpD . sqlmap -wView AnswerAnswer:...

A penetration tester is conducting an assessment on Comptia.org and runs the following command from a coffee shop while connected to the public Internet: Which of the following should the penetration tester conclude about the command output?A . The public/private views on the Comptia.org DNS servers are misconfiguredB . Comptia.org...

A security engineer has implemented an internal user access review tool so service teams can baseline user accounts and group memberships. The tool is functional and popular among its initial set of onboarded teams. However, the tool has not been built to cater to a broader set of internal teams...