CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. CAS-003

Free CAS-003 Exam Braindumps (page: 62)

Page 62 of 137
PDF with 683 Questions

An external red team is brought into an organization to perform a penetration test of a new network-based application. The organization deploying the network application wants the red team to act like remote, external attackers, and instructs the team to use a black-box approach. Which of the following is the BEST methodology for the red team to follow?

  1. Run a protocol analyzer to determine what traffic is flowing in and out of the server, and look for ways to alter the data stream that will result in information leakage or a system failure.
  2. Send out spear-phishing emails against users who are known to have access to the network-based application, so the red team can go on-site with valid credentials and use the software.
  3. Examine the application using a port scanner, then run a vulnerability scanner against open ports looking for known, exploitable weaknesses the application and related services may have.
  4. Ask for more details regarding the engagement using social engineering tactics in an attempt to get the organization to disclose more information about the network application to make attacks easier.

Answer(s): C



First responders, who are part of a core incident response team, have been working to contain an outbreak of ransomware that also led to data loss. In a rush to isolate the three hosts that were calling out to the NAS to encrypt whole directories, the hosts were shut down immediately without investigation and then isolated. Which of the following were missed? (Choose two.)

  1. CPU, process state tables, and main memory dumps
  2. Essential information needed to perform data restoration to a known clean state
  3. Temporary file system and swap space
  4. Indicators of compromise to determine ransomware encryption
  5. Chain of custody information needed for investigation

Answer(s): D,E



A regional business is expecting a severe winter storm next week. The IT staff has been reviewing corporate policies on how to handle various situations and found some are missing or incomplete. After reporting this gap in documentation to the information security manager, a document is immediately drafted to move various personnel to other locations to avoid downtime in operations. This is an example of:

  1. a disaster recovery plan
  2. an incident response plan
  3. a business continuity plan
  4. a risk avoidance plan

Answer(s): C



A security engineer successfully exploits an application during a penetration test. As proof of the exploit, the security engineer takes screenshots of how data was compromised in the application. Given the information below from the screenshot.


Which of the following tools was MOST likely used to exploit the application?

  1. The engineer captured the data with a protocol analyzer, and then utilized Python to edit the data
  2. The engineer queried the server and edited the data using an HTTP proxy interceptor
  3. The engineer used a cross-site script sent via curl to edit the data
  4. The engineer captured the HTTP headers, and then replaced the JSON data with a banner-grabbing tool

Answer(s): B



Page 62 of 137



Post your Comments and Discuss CompTIA CAS-003 exam with other Community members:

Nathan commented on April 20, 2020
I appreicate that you provide the Xengine software for free. But are you planning to keep it free! I really hope so!
GERMANY
upvote