CAS-003 Online Practice Questions and Answers
A penetration tester is inspecting traffic on a new mobile banking application and sends the following web request:
POST
http://www.example.com/resources/NewBankAccount HTTP/1.1
Content-type: application/json
{
"account":
[
{ "creditAccount":"Credit Card Rewards account"}
{ "salesLeadRef":"www.example.com/badcontent/exploitme.exe"}
],
"customer":
[
{ "name":"Joe Citizen"}
{ "custRef":"3153151"}
]
}
The banking website responds with:
HTTP/1.1 200 OK
{
"newAccountDetails":
[
{ "cardNumber":"1234123412341234"}
{ "cardExpiry":"2020-12-31"}
{ "cardCVV":"909"}
],
"marketingCookieTracker":"JSESSIONID=000000001"
"returnCode":"Account added successfully"
}
Which of the following are security weaknesses in this example? (Select TWO).
A. Missing input validation on some fields
B. Vulnerable to SQL injection
C. Sensitive details communicated in clear-text
D. Vulnerable to XSS
E. Vulnerable to malware file uploads
F. JSON/REST is not as secure as XML
An investigation showed a worm was introduced from an engineer's laptop. It was determined the company does not provide engineers with company-owned laptops, which would be subject to a company policy and technical controls. Which of the following would be the MOST secure control implement?
A. Deploy HIDS on all engineer-provided laptops, and put a new router in the management network.
B. Implement role-based group policies on the management network for client access.
C. Utilize a jump box that is only allowed to connect to client from the management network.
D. Deploy a company-wide approved engineering workstation for management access.
During a security assessment, an organization is advised of inadequate control over network segmentation. The assessor explains that the organization's reliance on VLANs to segment traffic is insufficient to provide segmentation based on regulatory standards.
Which of the following should the organization consider implementing along with VLANs to provide a greater level of segmentation?
A. Air gaps
B. Access control lists
C. Spanning tree protocol
D. Network virtualization
E. Elastic load balancing
A penetration test is being scoped for a set of web services with API endpoints. The APIs will be hosted on existing web application servers. Some of the new APIs will be available to unauthenticated users, but some will only be available to authenticated users. Which of the following tools or activities would the penetration tester MOST likely use or do during the engagement? (Select TWO.)
A. Static code analyzer
B. Intercepting proxy
C. Port scanner
D. Reverse engineering
E. Reconnaissance gathering
F. User acceptance testing
Given the following output from a local PC:
Which of the following ACLs on a stateful host-based firewall would allow the PC to serve an intranet website?
A. Allow 172.30.0.28:80 -> ANY
B. Allow 172.30.0.28:80 -> 172.30.0.0/16
C. Allow 172.30.0.28:80 -> 172.30.0.28:443
D. Allow 172.30.0.28:80 -> 172.30.0.28:53
Which of the following is a feature of virtualization that can potentially create a single point of failure?
A. Server consolidation
B. Load balancing hypervisors
C. Faster server provisioning
D. Running multiple OS instances
Due to a recent acquisition, the security team must find a way to secure several legacy applications. During a review of the applications, the following issues are documented:
1.
The applications are considered mission-critical.
2.
The applications are written in code languages not currently supported by the development staff.
3.
Security updates and patches will not be made available for the applications.
4.
Username and passwords do not meet corporate standards.
5.
The data contained within the applications includes both PII and PHI.
6.
The applications communicate using TLS 1.0.
7.
Only internal users access the applications.
Which of the following should be utilized to reduce the risk associated with these applications and their current architecture?
A. Update the company policies to reflect the current state of the applications so they are not out of compliance.
B. Create a group policy to enforce password complexity and username requirements.
C. Use network segmentation to isolate the applications and control access.
D. Move the applications to virtual servers that meet the password and account standards.
Confidential information related to Application A. Application B and Project X appears to have been leaked to a competitor. After consulting with the legal team, the IR team is advised to take immediate action to preserve evidence for possible litigation and criminal charges.
While reviewing the rights and group ownership of the data involved in the breach, the IR team inspects the following distribution group access lists:
Which of the following actions should the IR team take FIRST?
A. Remove all members from the distribution groups immediately
B. Place the mailbox for jsmith on legal hold
C. Implement a proxy server on the network to inspect all outbound SMTP traffic for the DevOps group
D. Install DLP software on all developer laptops to prevent data from leaving the network.
A security administrator receives reports that several workstations are unable to access resources within one network segment. A packet capture shows the segment is flooded with ICMPv6 traffic from the source fe80::21ae;4571:42ab:1fdd and for the destination ff02::1.
Which of the following should the security administrator integrate into the network to help prevent this from occurring?
A. Raise the dead peer detection interval to prevent the additional network chatter
B. Deploy honeypots on the network segment to identify the sending machine.
C. Ensure routers will use route advertisement guards.
D. Deploy ARP spoofing prevention on routers and switches.
An organization designs and develops safety-critical embedded firmware (inclusive of embedded OS and services) for the automotive industry. The organization has taken great care to exercise secure software development practices for the firmware Of paramount importance is the ability to defeat attacks aimed at replacing or corrupting running firmware once the vehicle leaves production and is in the field Integrating, which of the following host and OS controls would BEST protect against this threat?
A. Configure the host to require measured boot with attestation using platform configuration registers extended through the OS and into application space.
B. Implement out-of-band monitoring to analyze the state of running memory and persistent storage and, in a failure mode, signal a check-engine light condition for the operator.
C. Perform reverse engineering of the hardware to assess for any implanted logic or other supply chain integrity violations
D. Ensure the firmware includes anti-malware services that will monitor and respond to any introduction of malicious logic.
E. Require software engineers to adhere to a coding standard, leverage static and dynamic analysis within the development environment, and perform exhaustive state space analysis before deployment
What Makes leads4pass.com Differ From Others?
There are tens of thousands of certification exam dumps provided on the internet. To keep the exam dumps valid, the exam questions latest and the exam answers accurate should be the first aim. Also, to make the exam PDF and exam VCE simulator easy to use is very important. Besides, leads4pass.com has 100% pass guarantee policy. Free exam demo is available. Customer support team is ready to help at any time when required.
All rights are reserved by leads4pass.com. Any changes, copy or trademarks abuse will be regarded as infringement. leads4pass.com will reserve the right to pursue accountability.
Copyright © 2004-2024 leads4pass.com.