CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. CAS-003

Free CAS-003 Exam Braindumps (page: 11)

Page 11 of 137
PDF with 683 Questions

A security engineer has implemented an internal user access review tool so service teams can baseline user accounts and group memberships. The tool is functional and popular among its initial set of onboarded teams. However, the tool has not been built to cater to a broader set of internal teams yet. The engineer has sought feedback from internal stakeholders, and a list of summarized requirements is as follows:

-The tool needs to be responsive so service teams can query it, and then perform an automated response action.
-The tool needs to be resilient to outages so service teams can perform the user access review at any point in time and meet their own SLAs.
-The tool will become the system-of-record for approval, reapproval, and removal life cycles of group memberships and must allow for data retrieval after failure.

Which of the following need specific attention to meet the requirements listed above? (Choose three.)

  1. Scalability
  2. Latency
  3. Availability
  4. Usability
  5. Recoverability
  6. Maintainability

Answer(s): B,C,E



The board of a financial services company has requested that the senior security analyst acts as a cybersecurity advisor in order to comply with recent federal legislation. The analyst is required to give a report on current cybersecurity and threat trends in the financial services industry at the next board meeting. Which of the following would be the BEST methods to prepare this report? (Choose two.)

  1. Review the CVE database for critical exploits over the past year
  2. Use social media to contact industry analysts
  3. Use intelligence gathered from the Internet relay chat channels
  4. Request information from security vendors and government agencies
  5. Perform a penetration test of the competitor’s network and share the results with the board

Answer(s): A,D



The Chief Information Security Officer (CISO) has asked the security team to determine whether the organization is susceptible to a zero-day exploit utilized in the banking industry and whether attribution is possible. The CISO has asked what process would be utilized to gather the information, and then wants to apply signatureless controls to stop these kinds of attacks in the future. Which of the following are the MOST appropriate ordered steps to take to meet the CISO’s request?


  1. 1. Perform the ongoing research of the best practices
    2. Determine current vulnerabilities and threats
    3. Apply Big Data techniques
    4. Use antivirus control

  2. 1. Apply artificial intelligence algorithms for detection
    2. Inform the CERT team
    3. Research threat intelligence and potential adversaries
    4. Utilize threat intelligence to apply Big Data techniques

  3. 1. Obtain the latest IOCs from the open source repositories
    2. Perform a sweep across the network to identify positive matches
    3. Sandbox any suspicious files
    4. Notify the CERT team to apply a future proof threat model

  4. 1. Analyze the current threat intelligence
    2. Utilize information sharing to obtain the latest industry IOCs
    3. Perform a sweep across the network to identify positive matches
    4. Apply machine learning algorithms

Answer(s): C



A software development team is conducting functional and user acceptance testing of internally developed web applications using a COTS solution. For automated testing, the solution uses valid user credentials from the enterprise directory to authenticate to each application. The solution stores the username in plain text and the corresponding password as an encoded string in a script within a file, located on a globally accessible network share. The account credentials used belong to the development team lead. To reduce the risks associated with this scenario while minimizing disruption to ongoing testing, which of the following are the BEST actions to take? (Choose two.)

  1. Restrict access to the network share by adding a group only for developers to the share’s ACL
  2. Implement a new COTS solution that does not use hard-coded credentials and integrates with directory services
  3. Obfuscate the username within the script file with encoding to prevent easy identification and the account used
  4. Provision a new user account within the enterprise directory and enable its use for authentication to the target applications. Share the username and password with all developers for use in their individual scripts
  5. Redesign the web applications to accept single-use, local account credentials for authentication

Answer(s): A,B



Page 11 of 137



Post your Comments and Discuss CompTIA CAS-003 exam with other Community members:

Nathan commented on April 20, 2020
I appreicate that you provide the Xengine software for free. But are you planning to keep it free! I really hope so!
GERMANY
upvote