comptia cas-003 practice test

Question 1

A security engineer is assessing the controls that are in place to secure the corporate-Internet-facing DNS server. The
engineer notices that security ACLs exist but are not being used properly. The DNS server should respond to any source but
only provide information about domains it has authority over. Additionally, the DNS administrator have identified some
problematic IP addresses that should not be able to make DNS requests. Given the ACLs below:

Which of the following should the security administrator configure to meet the DNS security needs?

• A. Option A
• B. Option B
• C. Option C
• D. Option D

Answer:

D

Question 2

Ann, a corporate executive, has been the recent target of increasing attempts to obtain corporate secrets by competitors
through advanced, well-funded means. Ann frequently leaves her laptop unattended and physically unsecure in hotel rooms
during travel. A security engineer must find a practical solution for Ann that minimizes the need for user training. Which of the
following is the BEST solution in this scenario?

• A. Full disk encryption
• B. Biometric authentication
• C. An eFuse-based solution
• D. Two-factor authentication

Answer:

A

Question 3

Legal counsel has notified the information security manager of a legal matter that will require the preservation of electronic
records for 2000 sales force employees. Source records will be email, PC, network shares, and applications.
After all restrictions have been lifted, which of the following should the information manager review?

• A. Data retention policy
• B. Legal hold
• C. Chain of custody
• D. Scope statement

Answer:

A

Question 4

An organizations Chief Financial Officer (CFO) was the target of several different social engineering attacks recently. The
CFO has subsequently worked closely with the Chief Information Security Officer (CISO) to increase awareness of what
attacks may look like. An unexpected email arrives in the CFOs inbox from a familiar name with an attachment. Which of the
following should the CISO task a security analyst with to determine whether or not the attachment is safe?

• A. Place it in a malware sandbox.
• B. Perform a code review of the attachment.
• C. Conduct a memory dump of the CFO’s PC.
• D. Run a vulnerability scan on the email server.

Answer:

A

Question 5

A company has decided to replace all the T-1 uplinks at each regional office and move away from using the existing MPLS
network. All regional sites will use high-speed connections and VPNs to connect back to the main campus. Which of the
following devices would MOST likely be added at each location?

• A. SIEM
• B. IDS/IPS
• C. Proxy server
• D. Firewall
• E. Router

Answer:

D

Question 6

A firewall specialist has been newly assigned to participate in red team exercises and needs to ensure the skills represent
real-world threats.
Which of the following would be the BEST choice to help the new team member learn bleeding-edge techniques?

• A. Attend hacking conventions.
• B. Research methods while using Tor.
• C. Interview current red team members.
• D. Attend web-based training.

Answer:

A

Question 7

An engineer is assisting with the design of a new virtualized environment that will house critical company services and
reduce the datacenters physical footprint. The company has expressed concern about the integrity of operating systems and
wants to ensure a vulnerability exploited in one datacenter segment would not lead to the compromise of all others. Which of
the following design objectives should the engineer complete to BEST mitigate the companys concerns? (Choose two.)

• A. Deploy virtual desktop infrastructure with an OOB management network
• B. Employ the use of vTPM with boot attestation
• C. Leverage separate physical hardware for sensitive services and data
• D. Use a community CSP with independently managed security services
• E. Deploy to a private cloud with hosted hypervisors on each physical machine

Answer:

A C

Question 8

Ann, a member of the finance department at a large corporation, has submitted a suspicious email she received to the
information security team. The team was not expecting an email from Ann, and it contains a PDF file inside a ZIP
compressed archive. The information security team is not sure which files were opened. A security team member uses an
air-gapped PC to open the ZIP and PDF, and it appears to be a social engineering attempt to deliver an exploit.
Which of the following would provide greater insight on the potential impact of this attempted attack?

• A. Run an antivirus scan on the finance PC.
• B. Use a protocol analyzer on the air-gapped PC.
• C. Perform reverse engineering on the document.
• D. Analyze network logs for unusual traffic.
• E. Run a baseline analyzer against the user’s computer.

Answer:

C

Question 9

An application developer has been informed of a web application that is susceptible to a clickjacking vulnerability. Which of
the following code snippets would be MOST applicable to resolve this vulnerability?

• A. Option A
• B. Option B
• C. Option C
• D. Option D

Answer:

A

Explanation:
Content-Security-Policy: frame-ancestors 'none';
This prevents any domain from framing the content. This setting is recommended unless a specific need has been identified
for framing.
Reference: https://cheatsheetseries.owasp.org/cheatsheets/Clickjacking_Defense_Cheat_Sheet.html

Question 10

A software development manager is running a project using agile development methods. The company cybersecurity
engineer has noticed a high number of vulnerabilities have been making it into production code on the project.
Which of the following methods could be used in addition to an integrated development environment to reduce the severity of
the issue?

• A. Conduct a penetration test on each function as it is developed
• B. Develop a set of basic checks for common coding errors
• C. Adopt a waterfall method of software development
• D. Implement unit tests that incorporate static code analyzers

Answer:

D