CAS-003 Real Exam Dumps Questions and answers 121-130

Get Full Version of the Exam

Question No.121

An investigation showed a worm was introduced from an engineer#39;s laptop. It was determined the company does not provide engineers with company-owned laptops, which would be subject to a company policy and technical controls. Which of the following would be the MOST secure control implement?

  1. Deploy HIDS on all engineer-provided laptops, and put a new router in the management network.

  2. Implement role-based group policies onthe management network for client access.

  3. Utilize a jump box that is only allowed to connect to client from the management network.

  4. Deploy a company-wide approved engineering workstation for management access.

Correct Answer: A

Question No.122

A security architect is determining thebest solution for a new project. The project is developing a new intranet with advanced authentication capabilities, SSO for users, and automated provisioning to streamline Day 1 access to systems. The security architect has identified the following requirements:

  1. Information should be sourced from the trusted master data source.

  2. There must be future requirements for identity proofing of devices and users.

  3. A generic identity connector that can be reused must be developed.

  4. The current project scope is for internally hosted applications only.

Which of the following solution building blocks should the security architect use to BEST meet the requirements?

  1. LDAP, multifactor authentication, oAuth, XACML

  2. AD, certificate-based authentication, Kerberos, SPML

  3. SAML, context-aware authentication, oAuth, WAYF

  4. NAC, radius, 802.1x, centralized active directory

Correct Answer: A

Question No.123

A network engineer is upgrading the network perimeter and installing a new firewall, IDS, and external edge router. The IDS is reporting elevated UDP traffic, and the internal routers are reporting high utilization. Which of the following is the BEST solution?

  1. Reconfigure the firewall to block external UDP traffic.

  2. Establish a security baseline on the IDS.

  3. Block echo reply traffic at the firewall.

  4. Modify the edge router to not forward broadcast traffic.

Correct Answer: B

Question No.124

A security researches is gathering information about a recent spoke in the number of targeted attacks against multinational banks. The spike is on top of already sustained attacks against the banks. Some of the previous attacks have resulted in the loss of sensitive data, but as of yet the attackers have not successfully stolen any funds. Based on the information available to the

researcher, which of the following is the MOST likely threat profile?

  1. Nation-state-sponsored attackers conducting espionage for strategic gain.

  2. Insiders seeking to gain access to funds for illicit purposes.

  3. Opportunists seeking notoriety and fame for personal gain.

  4. Hackvisits seeking tomake a political statement because of socio-economic factors.

Correct Answer: D

Question No.125

A security administrator wants to allow external organizations to cryptographically validate the company#39;s domain name in email messages sent by employees. Which of the following should the security administrator implement?

  1. SPF

  2. S/MIME

  3. TLS

  4. DKIM

Correct Answer: D

Question No.126



Correct Answer: Please see the explanation below


Step 1: Verify that the certificate is valid or not. In case of any warning message, cancel the download.

Step 2: If certificate issue is not there then, download the file in your system. Step 3: Calculate the hash value of the downloaded file.

Step 4: Match the hash value of the downloaded file with the one which you selected on the website.

Step 5: Install the file if the hash value matches.

Question No.127

An insurance company has two million customers and is researching the top transactions on its customer portal. Itidentifies that the top transaction is currently password reset. Due to users not remembering their secret questions, a large number of calls are consequently routed to the contact center for manual password resets. The business wants to develop a mobile application to improve customer engagement in the future, continue with a single factor of authentication, minimize management overhead of the solution, remove passwords, and eliminate to the contact center. Which of the following techniques would BEST meet the requirements? (Choose two.)

  1. Magic link sent to an email address

  2. Customer ID sent via push notification

  3. SMS with OTP sent to a mobile number

  4. Third-party social login

  5. Certificate sent to be installed on a device

  6. Hardware tokens sent to customers

Correct Answer: CE

Question No.128

The Chief Information Officer (CISO) isconcerned that certain systems administrators will privileged access may be reading other user#39;s emails. Review of a tool#39;s output shows the administrators have used web mail to log into other users#39; inboxes. Which of the following tools would show this type of output?

  1. Log analysis tool

  2. Password cracker

  3. Command-line tool

  4. File integrity monitoring tool

Correct Answer: A

Question No.129

A newly hired security analyst has joined anestablished SOC team. Not long after going through corporate orientation, a new attack method on web-based applications was publicly revealed. The security analyst immediately brings this new information to the team lead, but the team lead is not concernedabout it. Which of the following is the MOST likely reason for the team lead#39;s position?

  1. The organization has accepted the risks associated with web-based threats.

  2. The attack type does not meet the organization#39;s threat model.

  3. Web-based applications are on isolated network segments.

  4. Corporate policy states that NIPS signatures must be updated every hour.

Correct Answer: A

Question No.130

To prepare foran upcoming audit, the Chief Information Security Officer (CISO) asks for all 1200 vulnerabilities on production servers to be remediated. The security engineer must determine which vulnerabilities represent real threats that can be exploited so resourcescan be prioritized to migrate the most dangerous risks. The CISO wants the security engineer to act in the same manner as would an external threat, while using vulnerability scan results to prioritize any actions. Which of the following approaches is described?

  1. Blue team

  2. Red team

  3. Black box

  4. White team

Correct Answer: C

Get Full Version of CAS-003 Dumps