CAS-003 Real Exam Dumps Questions and answers 61-70

Get Full Version of the Exam

Question No.61

A security analyst has requested network engineers integrate sFlow into the SOC#39;s overall monitoring picture. For this to be a useful addition to the monitoring capabilities, which of the following must be considered by the engineering team?

  1. Effective deployment of network taps

  2. Overall bandwidth available at Internet PoP

  3. Optimal placement of log aggregators

  4. Availability of application layer visualizers

Correct Answer: D

Question No.62

An administrator is working with management to develop policies related to the use of the cloud-

based resources that contain corporate data. Management plans to require some control over organizational data stored on personal devices, such as tablets. Which of the following controls would BEST support management#39;s policy?

  1. MDM

  2. Sandboxing

  3. Mobile tokenization

  4. FDE

  5. MFA

Correct Answer: A

Question No.63

A software development team is conducting functional and user acceptance testing of internally developed web applications using a COTS solution. For automated testing, the solution uses valid user credentials from the enterprise directory to authenticate to each application. The solution stores the username in plain text and the corresponding password as an encoded string in a script within a file, located on a globally accessible network share. The account credentials used belong to the development team lead. To reduce the risks associated with this scenario

while minimizing disruption to ongoing testing, which of the following are the BEST actions to take? (Choose two.)

  1. Restrict access to the network share by adding a group only for developers to the share#39;s ACL

  2. Implement a new COTS solution that does not use hard-coded credentials and integrates with directory services

  3. Obfuscate the username within the script file with encoding to prevent easy identification and the account used

  4. Provision a new user account within the enterprise directory and enable its use for authentication to the target applications. Share the username and password with all developers for use in their individual scripts

  5. Redesign the web applications to accept single-use, local account credentials for authentication

Correct Answer: AB

Question No.64

Two competing companies experienced similar attacks on their networks from various threat actors. To improve response times, the companieswish to share some threat intelligence about the sources and methods of attack. Which of the following business documents would be BEST to document this engagement?

  1. Business partnership agreement

  2. Memorandum of understanding

  3. Service-level agreement

  4. Interconnection security agreement

Correct Answer: D

Question No.65

A software development manager is running a project using agile development methods. The company cybersecurity engineer has noticed a high number of vulnerabilities have been making it into production code on the project. Which of the following methods could be used in addition to an integrated development environment to reduce the severity of the issue?

  1. Conduct a penetration test on each function as it is developed

  2. Develop a set of basic checks for common coding errors

  3. Adopt a waterfall method of software development

  4. Implement unit tests that incorporate static code analyzers

Correct Answer: D

Question No.66

Following a merger, the number of remote sites for a company hasdoubled to 52. The company has decided to secure each remote site with an NGFW to provide web filtering, NIDS/NIPS, and network antivirus. The Chief Information Officer (CIO) has requested that the security engineer provide recommendations on sizing for the firewall with the requirements that it be easy to manage and provide capacity for growth.

The tables below provide information on a subset of remote sites and the firewall options:


Which of the following would be the BEST option to recommend to theCIO?

  1. Vendor C for small remote sites, and Vendor B for large sites.

  2. Vendor B for all remote sites

  3. Vendor C for all remote sites

  4. Vendor A for all remote sites

  5. Vendor D for all remote sites

Correct Answer: D

Question No.67

A threat advisory alert was just emailed to the ITsecurity staff. The alert references specific types of host operating systems that can allow an unauthorized person to access files on a system remotely. A fix was recently published, but it requires a recent endpoint protection engine to be installed prior to running the fix. Which of the following MOST likely need to be configured to ensure the system are mitigated accordingly? (Select two.)

  1. Antivirus

  2. HIPS

  3. Application whitelisting

  4. Patch management

  5. Group policy implementation

  6. Firmware updates

Correct Answer: DF

Question No.68

To meet a SLA, which of the following document should be drafted, defining the company#39;s internalinterdependent unit responsibilities and delivery timelines.

  1. BPA

  2. OLA

  3. MSA

  4. MOU

Correct Answer: B


OLA is an agreement between the internal support groups of an institution that supports SLA. According to the Operational Level Agreement, eachinternal support group has certain responsibilities to the other group. The OLA clearly depicts the performance and relationship of the internal service groups. The main objective of OLA is to ensure that all the support groups provide the intended ServiceLevelAgreement.

Question No.69

In the past, the risk committee at Company A has shown an aversion to even minimal amounts of risk acceptance. A security engineer is preparing recommendations regarding the risk of a proposed introducing legacy ICS equipment. The project will introduce a minor vulnerability into the enterprise. This vulnerability does not significantly expose the enterprise to risk and would be expensive against. Which of the following strategies should the engineer recommended be approved FIRST?

  1. Avoid

  2. Mitigate

  3. Transfer

  4. Accept

Correct Answer: B

Question No.70

A new cluster of virtual servers has been set up in a lab environment and must be audited before being allowed on the production network. The security manager needs to ensure unnecessary services are disabled and all system accounts are using strong credentials. Which of the following tools should be used? (Choose two.)

  1. Fuzzer

  2. SCAP scanner

  3. Packet analyzer

  4. Password cracker

  5. Network enumerator

  6. SIEM

Correct Answer: BF

Get Full Version of CAS-003 Dumps