CAS-003テスト問題練習試そう!2022年に更新された590問あります [Q341-Q361]

Share

CAS-003テスト問題練習試そう!2022年に更新された590問あります

更新された2022年01月プレミアムCAS-003試験エンジンPDFで今すぐダウンロード!無料更新された590問あります


CompTIA CAS-003 認定試験の出題範囲:

トピック出題範囲
トピック 1
  • Given Software Vulnerability Scenarios, Select Appropriate Security Controls
トピック 2
  • Analyze A Scenario To Integrate Security Controls For Mobile And Small Form Factor Devices To Meet Security Requirements
トピック 3
  • Analyze A Scenario And Integrate Network And Security Components, Concepts And Architectures To Meet Security Requirements
トピック 4
  • Given A Scenario, Conduct A Security Assessment Using The Appropriate Methods
トピック 5
  • Given A Scenario, Implement Cryptographic Techniques
トピック 6
  • Given A Scenario, Integrate Cloud And Virtualization Technologies Into A Secure Enterprise Architecture
トピック 7
  • Given A Scenario, Implement Security Activities Across The Technology Life Cycle
トピック 8
  • Given A Scenario, Implement Incident Response And Recovery Procedures
トピック 9
  • Analyze A Scenario To Integrate Security Controls For Host Devices To Meet Security Requirements
トピック 10
  • Summarize Business And Industry Influences And Associated Security Risks
トピック 11
  • Given A Scenario, Apply Research Methods To Determine Industry Trends And Their Impact To The Enterprise

 

質問 341
A company recently implemented a new cloud storage solution and installed the required synchronization client on all company devices. A few months later, a breach of sensitive data was discovered. Root cause analysis shows the data breach happened from a lost personal mobile device.
Which of the following controls can the organization implement to reduce the risk of similar breaches?

  • A. Application containerization
  • B. Cloud storage encryption
  • C. Biometric authentication
  • D. Hardware anti-tamper

正解: C

 

質問 342
A company that must comply with regulations is searching for a laptop encryption product to use for its 40,000 end points. The product must meet regulations but also be flexible enough to minimize overhead and support in regards to password resets and lockouts. Which of the following implementations would BEST meet the needs?

  • A. A file-based encryption product using profiles to target areas on the file system to encrypt
  • B. A partition-based software encryption product with a low-level boot protection and authentication
  • C. A full-disk hardware-based encryption product with a low-level boot protection and authentication
  • D. A container-based encryption product that allows the end users to select which files to encrypt

正解: A

解説:
The question is asking for a solution that will minimize overhead and support in regards to password resets and lockouts.
File based encryption products operate under the context of the computer user's user account.
This means that the user does not need to remember a separate password for the encryption software. If the user forgets his user account password or is locked out due to failed login attempts, the support department can reset his password from a central database of user accounts (such as Active Directory) without the need to visit the user's computer.
Profiles can be used to determine areas on the file system to encrypt such as Document folders.

 

質問 343
A company. The development team has BYOD laptops with IDEs installed, build servers, and code repositories that utilize SaaS. To have the team up and running effectively, a separate Internet connection has been procured. A stand up has identified the following additional requirements:
1. Reuse of the existing network infrastructure
2. Acceptable use policies to be enforced
3. Protection of sensitive files
4. Access to the corporate applications
Which of the following solution components should be deployed to BEST meet the requirements? (Select three.)

  • A. Load balancer
  • B. Wireless controller
  • C. Rights management
  • D. IPSec VPN
  • E. HIDS
  • F. WAF
  • G. SSL VPN
  • H. NAC

正解: C,G,H

 

質問 344
A company's security policy states any remote connections must be validated using two forms of network- based authentication. It also states local administrative accounts should not be used for any remote access.
PKI currently is not configured within the network. RSA tokens have been provided to all employees, as well as a mobile application that can be used for 2FA authentication. A new NGFW has been installed within the network to provide security for external connections, and the company has decided to use it for VPN connections as well. Which of the following should be configured? (Choose two.)

  • A. Certificate-based authentication
  • B. LDAP
  • C. 802.1X
  • D. TACACS+
  • E. RADIUS
  • F. Local user database

正解: B,E

 

質問 345
A secure facility has a server room that currently is controlled by a simple lock and key. and several administrators have copies of the key. To maintain regulatory compliance, a second lock, which is controlled by an application on the administrators' smartphones, is purchased and installed. The application has various authentication methods that can be used. The criteria for choosing the most appropriate method are:
* It cannot be invasive to the end user
* It must be utilized as a second factor.
* Information sharing must be avoided
* It must have a low false acceptance rate
Which of the following BEST meets the criteria?

  • A. Complex passcode
  • B. Fingerprint scanning
  • C. Token card
  • D. Swipe pattern
  • E. Facial recognition

正解: B

 

質問 346
A security analyst has received the following requirements for the implementation of enterprise credential management software.
* The software must have traceability back to an individual
* Credentials must remain unknown to the vendor at all times
* There must be forced credential changes upon ID checkout
* Complexity requirements must be enforced.
* The software must be quickly and easily scalable with max mum availability Which of the following vendor configurations would BEST meet these requirements?

  • A. Credentials encrypted in transit and stored in a vendor's cloud, where the enterprise retains the keys
  • B. Credentials encrypted in transit and stored on an internal network server with backups that are taken on a weekly basis
  • C. Credentials stored, hashed, and salted on each local machine
  • D. Credentials encrypted in transit and then stored, hashed and salted in a vendor's cloud, where the vendor handles key management

正解: C

 

質問 347
An educational institution would like to make computer labs available to remote students. The labs are used for various IT networking, security, and programming courses. The requirements are:
Each lab must be on a separate network segment.
Labs must have access to the Internet, but not other lab networks.
Student devices must have network access, not simple access to hosts on the lab networks.
Students must have a private certificate installed before gaining access.
Servers must have a private certificate installed locally to provide assurance to the students.
All students must use the same VPN connection profile.
Which of the following components should be used to achieve the design in conjunction with directory services?

  • A. Cloud service remote access tool for remote connectivity, OAuth for authentication, ACL on routing equipment
  • B. IPSec VPN with mutual authentication for remote connectivity, RADIUS for authentication, ACLs on network equipment
  • C. L2TP VPN over TLS for remote connectivity, SAML for federated authentication, firewalls between each lab segment
  • D. SSL VPN for remote connectivity, directory services groups for each lab group, ACLs on routing equipment

正解: B

解説:
Explanation
IPSec VPN with mutual authentication meets the certificates requirements.
RADIUS can be used with the directory service for the user authentication.
ACLs (access control lists) are the best solution for restricting access to network hosts.

 

質問 348
A well-known retailer has experienced a massive credit card breach. The retailer had gone through an audit and had been presented with a potential problem on their network.
Vendors were authenticating directly to the retailer's AD servers, and an improper firewall rule allowed pivoting from the AD server to the DMZ where credit card servers were kept.
The firewall rule was needed for an internal application that was developed, which presents risk. The retailer determined that because the vendors were required to have site to site VPN's no other security action was taken.
To prove to the retailer the monetary value of this risk, which of the following type of calculations is needed?

  • A. A cost/benefit analysis
  • B. Residual Risk calculation
  • C. Qualitative Risk Analysis
  • D. Quantitative Risk Analysis

正解: D

解説:
Performing quantitative risk analysis focuses on assessing the probability of risk with a metric measurement which is usually a numerical value based on money or time.

 

質問 349
A developer is determining the best way to improve security within the code being developed. The developer is focusing on input fields where customers enter their credit card details. Which of the following techniques, if implemented in the code, would be the MOST effective in protecting the fields from malformed input?

  • A. Client side input validation
  • B. Stored procedure
  • C. Encrypting credit card details
  • D. Regular expression matching

正解: D

解説:
Explanation
Regular expression matching is a technique for reading and validating input, particularly in web software. This question is asking about securing input fields where customers enter their credit card details. In this case, the expected input into the credit card number field would be a sequence of numbers of a certain length. We can use regular expression matching to verify that the input is indeed a sequence of numbers. Anything that is not a sequence of numbers could be malicious code.

 

質問 350
The results of an external penetration test for a software development company show a small number of applications account for the largest number of findings. While analyzing the content and purpose of the applications, the following matrix is created.

The findings are then categorized according to the following chart:

Which of the following would BEST reduce the amount of immediate risk incurred by the organization from a compliance and legal standpoint? (Select TWO)

  • A. Move Application 3 to a secure VLAN and require employees to use a jump server for access.
  • B. Install a FIM on the server hosting Application 4
  • C. Place a WAF in line with Application 2
  • D. Use network segmentation and ACLs to control access to Application 5.
  • E. Implement an IDS/IPS on the same network segment as Application 3
  • F. Apply the missing OS and software patches to the server hosting Application 4

正解: D,E

 

質問 351
The source workstation image for new accounting PCs has begun blue-screening. A technician notices that the date/time stamp of the image source appears to have changed. The desktop support director has asked the Information Security department to determine if any changes were made to the source image. Which of the following methods would BEST help with this process? (Select TWO).

  • A. Check key system files to see if date/time stamp is in the past six months.
  • B. Retrieve source system image from backup and run file comparison analysis on the two images.
  • C. Parse all images to determine if extra data is hidden using steganography.
  • D. Ask desktop support if any changes to the images were made.
  • E. Calculate a new hash and compare it with the previously captured image hash.

正解: B,E

解説:
Running a file comparison analysis on the two images will determine whether files have been changed, as well as what files were changed.
Hashing can be used to meet the goals of integrity and non-repudiation. One of its advantages of hashing is its ability to verify that information has remained unchanged. If the hash values are the same, then the images are the same. If the hash values differ, there is a difference between the two images.
Incorrect Answers:
B: Steganography is a type of data exfiltration. Data exfiltration is the unauthorized transfer of data from a computer.
D: According to the scenario, the desktop support director has asked the Information Security department to determine if any changes were made to the source image. Asking the desktop support if any changes to the images were made would therefore be redundant.
E: The question requires the Information Security department to determine if any changes were made to the source image, not when the date/time stamp manipulation occurred.
References:
Gregg, Michael, and Billy Haines, CASP CompTIA Advanced Security Practitioner Study Guide, John Wiley & Sons, Indianapolis, 2012, pp. 18, 134

 

質問 352
A company is in the process of outsourcing its customer relationship management system to a cloud provider. It will host the entire organization's customer database. The database will be accessed by both the company's users and its customers. The procurement department has asked what security activities must be performed for the deal to proceed. Which of the following are the MOST appropriate security activities to be performed as part of due diligence? (Select TWO).

  • A. Review of the organizations security policies, procedures and relevant hosting certifications.
  • B. Physical penetration test of the datacenter to ensure there are appropriate controls.
  • C. Security clauses are implemented into the contract such as the right to audit.
  • D. Penetration testing of the solution to ensure that the customer data is well protected.
  • E. Code review of the solution to ensure that there are no back doors located in the software.

正解: A,C

解説:
Due diligence refers to an investigation of a business or person prior to signing a contract. Due diligence verifies information supplied by vendors with regards to processes, financials, experience, and performance. Due diligence should verify the data supplied in the RFP and concentrate on the following:
Company profile, strategy, mission, and reputation
Financial status, including reviews of audited financial statements
Customer references, preferably from companies that have outsourced similar processes Management qualifications, including criminal background checks Process expertise, methodology, and effectiveness Quality initiatives and certifications Technology, infrastructure stability, and applications Security and audit controls Legal and regulatory compliance, including any outstanding complaints or litigation Use of subcontractors Insurance Disaster recovery and business continuity policies C and D form part of Security and audit controls.
Incorrect Answers:
A: A Physical Penetration Test recognizes the security weaknesses and strengths of the physical security. It will, therefore, not form part of due diligence because due diligence verifies information supplied by vendors with regards to processes, financials, experience, and performance.
B: A penetration test is a software attack on a computer system that looks for security weaknesses. It will, therefore, not form part of due diligence because due diligence verifies information supplied by vendors with regards to processes, financials, experience, and performance.
E: A security code review is an examination of an application that is designed to identify and assess threats to an organization. It will, therefore, not form part of due diligence because due diligence verifies information supplied by vendors with regards to processes, financials, experience, and performance.
References:
https://en.wikipedia.org/wiki/Due_diligence
http://www.ftpress.com/articles/article.aspx?p=465313&seqNum=5
http://seclists.org/pen-test/2004/Dec/11
Gregg, Michael, and Billy Haines, CASP CompTIA Advanced Security Practitioner Study Guide, John Wiley & Sons, Indianapolis, 2012, p. 169

 

質問 353
A security engineer is employed by a hospital that was recently purchased by a corporation.
Throughout the acquisition process, all data on the virtualized file servers must be shared by departments within both organizations. The security engineer considers data ownership to determine:

  • A. the amount of data to be moved.
  • B. the frequency of data backups.
  • C. which users will have access to which data
  • D. when the file server will be decommissioned

正解: C

 

質問 354
The Information Security Officer (ISO) is reviewing new policies that have been recently made effective and now apply to the company. Upon review, the ISO identifies a new requirement to implement two-factor authentication on the company's wireless system. Due to budget constraints, the company will be unable to implement the requirement for the next two years. The ISO is required to submit a policy exception form to the Chief Information Officer (CIO). Which of the following are MOST important to include when submitting the exception form? (Select THREE).

  • A. All sections of the policy that may justify non-implementation of the requirements.
  • B. Industry best practices with respect to the technical implementation of the current controls.
  • C. Business or technical justification for not implementing the requirements.
  • D. A revised DRP and COOP plan to the exception form.
  • E. Risks associated with the inability to implement the requirements.
  • F. Internal procedures that may justify a budget submission to implement the new requirement.
  • G. Current and planned controls to mitigate the risks.

正解: C,E,G

解説:
Explanation
The Exception Request must include:
A description of the non-compliance.
The anticipated length of non-compliance (2-year maximum).
The proposed assessment of risk associated with non-compliance.
The proposed plan for managing the risk associated with non-compliance.
The proposed metrics for evaluating the success of risk management (if risk is significant).
The proposed review date to evaluate progress toward compliance.
An endorsement of the request by the appropriate Information Trustee (VP or Dean).

 

質問 355
A newly hired Chief Information Security Officer (CISO) is reviewing the organization's security budget from the previous year. The CISO notices $100,000 worth of fines were paid for not properly encrypting outbound email messages. The CISO expects next year's costs associated with fines to double and the volume of messages to increase by 100%. The organization sent out approximately 25,000 messages per year over the last three years. Given the table below:

Which of the following would be BEST for the CISO to include in this year's budget?

  • A. A budget line for DLP Vendor D
  • B. A budget line for DLP Vendor B
  • C. A budget line for DLP Vendor A
  • D. A budget line for DLP Vendor C
  • E. A budget line for paying future fines

正解: C

 

質問 356
A security analyst sees some suspicious entries in a log file from a web server website, which has a form that allows customers to leave feedback on the company's products. The analyst believes a malicious actor is scanning the web form. To know which security controls to put in place, the analyst first needs to determine the type of activity occurring to design a control. Given the log below:

Which of the following is the MOST likely type of activity occurring?

  • A. Brute forcing
  • B. SQLinjection
  • C. XSS scanning
  • D. Fuzzing

正解: B

 

質問 357
Within the past six months, a company has experienced a series of attacks directed at various collaboration tools. Additionally, sensitive information was compromised during a recent security breach of a remote access session from an unsecure site. As a result, the company is requiring all collaboration tools to comply with the following:
* Secure messaging between internal users using digital signatures
* Secure sites for video-conferencing sessions
* Presence information for all office employees
* Restriction of certain types of messages to be allowed into the network.
Which of the following applications must be configured to meet the new requirements? (Choose two.)

  • A. Remote assistance
  • B. Remote desktop
  • C. Instant messaging
  • D. Social media websites
  • E. VoIP
  • F. Email

正解: B,F

解説:
Explanation/Reference:

 

質問 358
A security architect is implementing security measures in response to an external audit that found vulnerabilities in the corporate collaboration tool suite. The report identified the lack of any mechanism to provide confidentiality for electronic correspondence between users and between users and group mailboxes. Which of the following controls would BEST mitigate the identified vulnerability?

  • A. Provide digital certificates to all systems, and eliminate the user group or shared mailboxes
  • B. Federate with an existing PKI provider, and reject all non-signed emails
  • C. Implement two-factor email authentication, and require users to hash all email messages upon receipt
  • D. Issue digital certificates to all users, including owners of group mailboxes, and enable S/MIME

正解: D

解説:
Section: (none)

 

質問 359
A hospital uses a legacy electronic medical record system that requires multicast for traffic between the application servers and databases on virtual hosts that support segments of the application. Following a switch upgrade, the electronic medical record is unavailable despite physical connectivity between the hypervisor and the storage being in place. The network team must enable multicast traffic to restore access to the electronic medical record. The ISM states that the network team must reduce the footprint of multicast traffic on the network.

Using the above information, on which VLANs should multicast be enabled?

  • A. VLAN201, VLAN202, VLAN700
  • B. VLAN201, VLAN202, VLAN400
  • C. VLAN201, VLAN202, VLAN400, VLAN680, VLAN700
  • D. VLAN400, VLAN680, VLAN700

正解: D

 

質問 360
A newly hired systems administrator is trying to connect a new and fully updated, but very customized, Android device to access corporate resources. However, the MDM enrollment process continually fails.
The administrator asks a security team member to look into the issue. Which of the following is the MOST likely reason the MDM is not allowing enrollment?

  • A. The OEM is prohibited
  • B. The OS version is not compatible
  • C. The device does not support FDE
  • D. The device is rooted

正解: D

解説:
Section: (none)

 

質問 361
......

正真正銘のCAS-003問題集には100%合格率練習テスト問題集:https://jp.fast2test.com/CAS-003-premium-file.html


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어