CAS-003 Real Exam Dumps Questions and answers 91-100

Get Full Version of the Exam

Question No.91

After a large organization has completed the acquisition of a smaller company, the smaller company must implement new host-based security controls to connect its employees#39; devices to the network. Given that the network requires 802.1X EAP-PEAP to identify and authenticate devices, which of the following should the security administrator do to integrate the new employees#39; devices into the network securely?

  1. Distribute a NAC client and use the client to push the company#39;s private key to all the new devices.

  2. Distribute the device connection policy and a unique public/private key pair to each new employee#39;s device.

  3. Install a self-signed SSL certificate on the company#39;s RADIUS server and distribute the certificate#39;s public key to all new client devices.

  4. Install an 802.1X supplicant on all new devices and let each device generate aself-signed certificate to use for network access.

Correct Answer: D

Question No.92

A financial consulting firm recently recovered from some damagingincidents that were associated with malware installed via rootkit. Post-incident analysis is ongoing, and the incident responders and systems administrators are working to determine a strategy to reduce the risk of recurrence. The firm#39;s systems are running modern operating systems and feature UEFI and TPMs. Which of the following technical options would provide the MOST preventive value?

  1. Update and deploy GPOs

  2. Configure and use measured boot

  3. Strengthen the password complexity requirements

  4. Update the antivirus software and definitions

Correct Answer: D

Question No.93

Legal authorities notify a company that its network has been compromised for the second time in two years. The investigation shows the attackers were able to use the same vulnerability on different systems inboth attacks. Which of the following would have allowed the security team to use historical information to protect against the second attack?

  1. Key risk indicators

  2. Lessons learned

  3. Recovery point objectives

  4. Tabletop exercise

Correct Answer: A

Question No.94

A cybersecurity analyst is conducting packet analysis on the following:


Which of the following is occurring in the given packet capture?

  1. ARP spoofing

  2. Broadcast storm

  3. Smurf attack

  4. Network enurneration

  5. Zero-day exploit

Correct Answer: A

Question No.95

A security engineer is embedded with a development team to ensure security is built into products beingdeveloped. The security engineer wants to ensure developers are not blocked by a large number of security requirements applied at specific schedule points. Which of the following solutions BEST meets the engineer#39;s goal?

  1. Schedule weekly reviews of al unit test results with the entire development team and follow up between meetings with surprise code inspections.

  2. Develop and implement a set of automated security tests to be installed on each development team leader#39;s workstation.

  3. Enforce code quality and reuse standards into the requirements definition phase of the waterfall development process.

  4. Deploy an integrated software tool that builds and tests each portion of code committed by developers and provides feedback.

Correct Answer: C

Question No.96

Given the following output from a security tool in Kali:


  1. Log reduction

  2. Network enumerator

  3. Fuzzer

  4. SCAP scanner

Correct Answer: D

Question No.97

A malware infection spread to numerous workstations within the marketing department. The workstations were quarantined and replaced with machines. Which of the following represents a FINAL step in the prediction ofthe malware?

  1. The workstations should be isolated from the network.

  2. The workstations should be donated for refuse.

  3. The workstations should be reimaged

  4. The workstations should be patched and scanned.

Correct Answer: C

Question No.98

An advanced threat emulation engineer is conducting testing against a client#39;s network. The engineer conducts the testing in as realistic a manner as possible. Consequently, the engineer has been gradually ramping up the volume of attacks over a long period of time. Which of the following combinations of techniques would the engineer MOST likely use in this testing? (Choose three.)

  1. Black box testing

  2. Gray box testing

  3. Code review

  4. Social engineering

  5. Vulnerability assessment

  6. Pivoting

  7. Self-assessment

  8. White teaming

  9. External auditing

Correct Answer: AEF

Question No.99

A user workstation was infected with a new malware variant as a result of a drive-by download. The security administrator reviews key controls on the infected workstation and discovers the following:


Whichof the following would BEST prevent the problem from reoccurring in the future? (Choose two.)

  1. Install HIPS

  2. Enable DLP

  3. Install EDR

  4. Install HIDS

  5. Enable application blacklisting

  6. Improve patch management processes

Correct Answer: BE

Question No.100

During the decommissioning phase of a hardware project, a security administrator is tasked with ensuring no sensitive data is released inadvertently. All paper records are scheduled to be shredded in a crosscut shredded, and the waste will be burned. The system drives and removable media have been removed prior to e-cycling the hardware. Which of the following would ensure no data is recovered from the system droves once they are disposed of?

  1. Overwriting all HDD blocks with analternating series of data.

  2. Physically disabling the HDDs by removing the dive head.

  3. Demagnetizing the hard drive using a degausser.

  4. Deleting the UEFI boot loaders from each HDD.

Correct Answer: C

Get Full Version of CAS-003 Dumps