CAS-003 Online Practice Questions and Answers

A security tester is testing a website and performs the following manual query:

https://www.comptia.com/cookies.jsp?products=5%20and%201=1

The following response is received in the payload:

"ORA-000001: SQL command not properly ended"

Which of the following is the response an example of?

A. Fingerprinting

B. Cross-site scripting

C. SQL injection

D. Privilege escalation

A security administrator has noticed that an increased number of employees' workstations are becoming infected with malware. The company deploys an enterprise antivirus system as well as a web content filter, which blocks access to malicious web sites where malware files can be downloaded. Additionally, the company implements technical measures to disable external storage. Which of the following is a technical control that the security administrator should implement next to reduce malware infection?

A. Implement an Acceptable Use Policy which addresses malware downloads.

B. Deploy a network access control system with a persistent agent.

C. Enforce mandatory security awareness training for all employees and contractors.

D. Block cloud-based storage software on the company network.

After multiple service interruptions caused by an older datacenter design, a company decided to migrate away from its datacenter. The company has successfully completed the migration of all datacenter servers and services to a cloud provider. The migration project includes the following phases:

1.

Selection of a cloud provider

2.

Architectural design

3.

Microservice segmentation

4.

Virtual private cloud

5.

Geographic service redundancy

6.

Service migration

The Chief Information Security Officer (CISO) is still concerned with the availability requirements of critical company applications.

Which of the following should the company implement NEXT?

A. Multicloud solution

B. Single-tenancy private cloud

C. Hybrid cloud solution

D. Cloud access security broker

A security engineer is attempting to increase the randomness of numbers used in key generation in a system. The goal of the effort is to strengthen the keys against predictive analysis attacks.

Which of the following is the BEST solution?

A. Use an entropy-as-a-service vendor to leverage larger entropy pools.

B. Loop multiple pseudo-random number generators in a series to produce larger numbers.

C. Increase key length by two orders of magnitude to detect brute forcing.

D. Shift key generation algorithms to ECC algorithms.

An organization is currently performing a market scan for managed security services and EDR capability. Which of the following business documents should be released to the prospective vendors in the first step of the process? (Select TWO).

A. MSA

B. RFP

C. NDA

D. RFI

E. MOU

F. RFQ

A software development team is conducting functional and user acceptance testing of internally developed web applications using a COTS solution. For automated testing, the solution uses valid user credentials from the enterprise directory to authenticate to each application. The solution stores the username in plain text and the corresponding password as an encoded string in a script within a file, located on a globally accessible network share. The account credentials used belong to the development team lead. To reduce the risks associated with this scenario while minimizing disruption to ongoing testing, which of the following are the BEST actions to take? (Choose two.)

A. Restrict access to the network share by adding a group only for developers to the share's ACL

B. Implement a new COTS solution that does not use hard-coded credentials and integrates with directory services

C. Obfuscate the username within the script file with encoding to prevent easy identification and the account used

D. Provision a new user account within the enterprise directory and enable its use for authentication to the target applications. Share the username and password with all developers for use in their individual scripts

E. Redesign the web applications to accept single-use, local account credentials for authentication

An online bank has contracted with a consultant to perform a security assessment of the bank's web portal. The consultant notices the login page is linked from the main page with HTTPS, but when the URL is changed to HTTP, the browser is automatically redirected back to the HTTPS site. Which of the following is a concern for the consultant, and how can it be mitigated?

A. XSS could be used to inject code into the login page during the redirect to the HTTPS site. The consultant should implement a WAF to prevent this.

B. The consultant is concerned the site is using an older version of the SSL 3.0 protocol that is vulnerable to a variety of attacks. Upgrading the site to TLS 1.0 would mitigate this issue.

C. The HTTP traffic is vulnerable to network sniffing, which could disclose usernames and passwords to an attacker. The consultant should recommend disabling HTTP on the web server.

D. A successful MITM attack Could intercept the redirect and use sslstrip to decrypt further HTTPS traffic. Implementing HSTS on the web server would prevent this.

A company recently implemented a new cloud storage solution and installed the required synchronization client on all company devices. A few months later, a breach of sensitive data was discovered. Root cause analysis shows the data breach happened from a lost personal mobile device.

Which of the following controls can the organization implement to reduce the risk of similar breaches?

A. Biometric authentication

B. Cloud storage encryption

C. Application containerization

D. Hardware anti-tamper

The email administrator must reduce the number of phishing emails by utilizing more appropriate security controls The following configurations already are in place

1.

Keyword Mocking based on word lists

2.

URL rewriting and protection

3.

Stopping executable files from messages

Which of the following is the BEST configuration change for the administrator to make?

A. Configure more robust word lists for blocking suspicious emails

B. Configure appropriate regular expression rules per suspicious email received

C. Configure Bayesian filtering to block suspicious inbound email

D. Configure the mail gateway to strip any attachments

A developer implement the following code snippet.

Which of the following vulnerabilities does the code snippet resolve?

A. SQL inject

B. Buffer overflow

C. Missing session limit

D. Information leakage