DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Achieve Success in the CompTIA CASP+ Exam with CAS-003 Practice Tests

Aspiring to become a CompTIA Advanced Security Practitioner? Our CAS-003 exam preparation materials are your key to success. Developed by seasoned cybersecurity professionals, our comprehensive study resources cover every aspect of the exam objectives, ensuring you're thoroughly prepared for the real test. With our meticulously crafted exam questions and answers, you'll gain invaluable insights into the types of questions you can expect on the actual CAS-003 exam. Our mock exams simulate the real testing environment, allowing you to develop effective time-management strategies and boost your confidence. Don't compromise your chances of success. Invest in our proven CAS-003 study materials and unlock the door to becoming a CompTIA Advanced Security Practitioner. Our resources are regularly updated to reflect the latest exam objectives, keeping you ahead of the curve. Start your journey today and experience the difference our comprehensive exam preparation resources can make. With our help, you'll be well-equipped to tackle the CAS-003 exam and secure your place among the elite cybersecurity professionals.
Take other online exams

Question #1
A newly hired systems administrator is trying to connect a new and fully updated, but very customized, Android device to access corporate resources. However, the MDM enrollment process continually fails. The administrator asks a security team member to look into the issue. Which of the following is the MOST likely reason the MDM is not allowing enrollment?
A. he OS version is not compatible
B. he OEM is prohibited
C. he device does not support FDE
D. he device is rooted
View answer
Correct Answer: D
Question #2
The Chief Information Security Officer (CISO) suspects that a database administrator has been tampering with financial data to the administrator’s advantage. Which of the following would allow a third-party consultant to conduct an on-site review of the administrator’s activity?
A. eparation of duties
B. ob rotation
C. ontinuous monitoring
D. andatory vacation
View answer
Correct Answer: D
Question #3
A vendor develops a mobile application for global customers. The mobile application supports advanced encryption of data between the source (the mobile device) and the destination (the organization’s ERP system).As part of the vendor’s compliance program, which of the following would be important to take into account?
A. onfigure file integrity monitoring of the guest OS
B. nable the vTPM on a Type 2 hypervisor
C. nly deploy servers that are based on a hardened image
D. rotect the memory allocation of a Type 1 hypervisor
View answer
Correct Answer: A
Question #4
A medical facility wants to purchase mobile devices for doctors and nurses. To ensure accountability, each individual will be assigned a separate mobile device. Additionally, to protect patients’ health information, management has identified the following requirements:-Data must be encrypted at rest.-The device must be disabled if it leaves the facility. -The device must be disabled when tampered with.Which of the following technologies would BEST support these requirements? (Choose two.)
A. eplace the password requirement with the second factor
B. onfigure the RADIUS server to accept the second factor appended to the password
C. econfigure network devices to prompt for username, password, and a token
D. nstall a TOTP service on the RADIUS server in addition to the HOTP service
View answer
Correct Answer: CD
Question #5
Following a recent and very large corporate merger, the number of log files an SOC needs to review has approximately tripled. The Chief Information Security Officer (CISO) has not been allowed to hire any more staff for the SOC, but is looking for other ways to automate the log review process so the SOC receives less noise. Which of the following would BEST reduce log noise for the SOC?
A. IEM filtering
B. achine learning
C. utsourcing
D. entralized IPS
View answer
Correct Answer: A
Question #6
At a meeting, the systems administrator states the security controls a company wishes to implement seem excessive, since all of the information on the company’s web servers can be obtained publicly and is not proprietary in any way. The next day the company’s website is defaced as part of an SQL injection attack, and the company receives press inquiries about the message the attackers displayed on the website.Which of the following is the FIRST action the company should take?
A. efer to and follow procedures from the company’s incident response plan
B. all a press conference to explain that the company has been hacked
C. stablish chain of custody for all systems to which the systems administrator has access
D. onduct a detailed forensic analysis of the compromised system
E. nform the communications and marketing department of the attack details
View answer
Correct Answer: A
Question #7
Within the past six months, a company has experienced a series of attacks directed at various collaboration tools. Additionally, sensitive information was compromised during a recent security breach of a remote access session from an unsecure site. As a result, the company is requiring all collaboration tools to comply with the following:-Secure messaging between internal users using digital signatures -Secure sites for video-conferencing sessions-Presence information for all office employees-Restriction of
A. erform a black box assessment
B. ire an external red team audit
C. onduct a tabletop exercise
D. ecreate the previous breach
E. onduct an external vulnerability assessment
View answer
Correct Answer: AD
Question #8
A Chief Information Security Officer (CISO) needs to establish a KRI for a particular system. The system holds archives of contracts that are no longer in use. The contracts contain intellectual property and have a data classification of non-public. Which of the following be the BEST risk indicator for this system?
A. verage minutes of downtime per quarter
B. ercent of patches applied in the past 30 days
C. ount of login failures per week
D. umber of accounts accessing the system per day
View answer
Correct Answer: D
Question #9
A security technician receives a copy of a report that was originally sent to the board of directors by the Chief Information Security Officer (CISO).The report outlines the following KPI/KRI data for the last 12 months:Which of the following BEST describes what could be interpreted from the above data?
A.
B.
C.
D.
View answer
Correct Answer: A
Question #10
An administrator wants to install a patch to an application. INSTRUCTIONSGiven the scenario, download, verify, and install the patch in the most secure manner. The last install that is completed will be the final submission.If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
A. lease refer to Explanation below for the answer
View answer
Correct Answer: A
Question #11
A company is transitioning to a new VDI environment, and a system engineer is responsible for developing a sustainable security strategy for the VDIs.Which of the following is the MOST appropriate order of steps to be taken?
A. irmware update, OS patching, HIDS, antivirus, baseline, monitoring agent
B. S patching, baseline, HIDS, antivirus, monitoring agent, firmware update
C. irmware update, OS patching, HIDS, antivirus, monitoring agent, baseline
D. aseline, antivirus, OS patching, monitoring agent, HIDS, firmware update
View answer
Correct Answer: A
Question #12
A hospital uses a legacy electronic medical record system that requires multicast for traffic between the application servers and databases on virtual hosts that support segments of the application. Following a switch upgrade, the electronic medical record is unavailable despite physical connectivity between the hypervisor and the storage being in place. The network team must enable multicast traffic to restore access to the electronic medical record. The ISM states that the network team must reduce the foo
A. LAN201, VLAN202, VLAN400
B. LAN201, VLAN202, VLAN700
C. LAN201, VLAN202, VLAN400, VLAN680, VLAN700
D. LAN400, VLAN680, VLAN700
View answer
Correct Answer: B
Question #13
Users have been reporting unusual automated phone calls, including names and phone numbers, that appear to come from devices internal to the company. Which of the following should the systems administrator do to BEST address this problem?
A. dd an ACL to the firewall to block VoIP
B. hange the settings on the phone system to use SIP-TLS
C. ave the phones download new configurations over TFTP
D. nable QoS configuration on the phone VLAN
View answer
Correct Answer: B
Question #14
A company wants to perform analysis of a tool that is suspected to contain a malicious payload. A forensic analyst is given the following snippet:^32^[34fda19(fd^43gfd/home/user/lib/module.so.343jk^rfw(342fds43gWhich of the following did the analyst use to determine the location of the malicious payload?
A. ode deduplicators
B. inary reverse-engineering
C. uzz testing
D. ecurity containers
View answer
Correct Answer: B
Question #15
After embracing a BYOD policy, a company is faced with new security challenges from unmanaged mobile devices and laptops. The company’s IT department has seen a large number of the following incidents:-Duplicate IP addresses -Rogue network devices-Infected systems probing the company’s networkWhich of the following should be implemented to remediate the above issues? (Choose two.)
A. ocumentation of lessons learned
B. uantitative risk assessment
C. ualitative assessment of risk
D. usiness impact scoring
E. hreat modeling
View answer
Correct Answer: BC
Question #16
A project manager is working with a team that is tasked to develop software applications in a structured environment and host them in a vendor’s cloud-based infrastructure. The organization will maintain responsibility for the software but will not manage the underlying server applications. Which of the following does the organization plan to leverage?
A. ode repositories
B. ecurity requirements traceability matrix
C. oftware development lifecycle
D. oles matrix
E. mplementation guide
View answer
Correct Answer: B
Question #17
A financial institution’s information security officer is working with the risk management officer to determine what to do with the institution’s residual risk after all security controls have been implemented. Considering the institution’s very low risk tolerance, which of the following strategies would be BEST?
A. mproving organizations email filtering
B. onducting user awareness training
C. pgrading endpoint anti-malware software
D. nabling application whitelisting
View answer
Correct Answer: A
Question #18
A developer emails the following output to a security administrator for review:Which of the following tools might the security administrator use to perform further security assessment of this issue?
A. ort scanner
B. ulnerability scanner
C. uzzer
D. TTP interceptor
View answer
Correct Answer: D
Question #19
A security administrator must configure the database server shown below to comply with the four requirements listed. Drag and drop the appropriate ACL that should be configured on the database server to its corresponding requirement. Answer options may be used once or not at all.Select and Place:
A. lease refer to Explanation below for the answer
View answer
Correct Answer: A
Question #20
A forensic analyst suspects that a buffer overflow exists in a kernel module. The analyst executes the following command:However, the analyst is unable to find any evidence of the running shell.Which of the following of the MOST likely reason the analyst cannot find a process ID for the shell?
A. he NX bit is enabled
B. he system uses ASLR
C. he shell is obfuscated
D. he code uses dynamic libraries
View answer
Correct Answer: C
Question #21
An organization is considering the use of a thin client architecture as it moves to a cloud-hosted environment. A security analyst is asked to provide thoughts on the security advantages of using thin clients and virtual workstations.Which of the following are security advantages of the use of this combination of thin clients and virtual workstations?
A. alicious insiders will not have the opportunity to tamper with data at rest and affect the integrity of the system
B. hin client workstations require much less security because they lack storage and peripherals that can be easily compromised, and the virtual workstations are protected in the cloud where security is outsourced
C. ll thin clients use TPM for core protection, and virtual workstations use vTPM for core protection with both equally ensuring a greater security advantage for a cloud-hosted environment
D. alicious users will have reduced opportunities for data extractions from their physical thin client workstations, this reducing the effectiveness of local attacks
View answer
Correct Answer: B
Question #22
A recent CRM upgrade at a branch office was completed after the desired deadline. Several technical issues were found during the upgrade and need to be discussed in depth before the next branch office is upgraded.Which of the following should be used to identify weak processes and other vulnerabilities?
A. ap analysis
B. enchmarks and baseline results
C. isk assessment
D. essons learned report
View answer
Correct Answer: D
Question #23
A hospital’s security team recently determined its network was breached and patient data was accessed by an external entity. The Chief Information Security Officer (CISO) of the hospital approaches the executive management team with this information, reports the vulnerability that led to the breach has already been remediated, and explains the team is continuing to follow the appropriate incident response plan. The executive team is concerned about the hospital’s brand reputation and asks the CISO when the
A. hen it is mandated by their legal and regulatory requirements
B. s soon as possible in the interest of the patients
C. s soon as the public relations department is ready to be interviewed
D. hen all steps related to the incident response plan are completed
E. pon the approval of the Chief Executive Officer (CEO) to release information to the public
View answer
Correct Answer: A
Question #24
A security analyst is classifying data based on input from data owners and other stakeholders. The analyst has identified three data types:1. Financially sensitive data2. Project data3. Sensitive project dataThe analyst proposes that the data be protected in two major groups, with further access control separating the financially sensitive data from the sensitive project data. The normal project data will be stored in a separate, less secure location. Some stakeholders are concerned about the recommended ap
A. onduct a quantitative evaluation of the risks associated with commingling the data and reject or accept the concerns raised by the stakeholders
B. eet with the affected stakeholders and determine which security controls would be sufficient to address the newly raised risks
C. se qualitative methods to determine aggregate risk scores for each project and use the derived scores to more finely segregate the data
D. ncrease the number of available data storage devices to provide enough capacity for physical separation of non-sensitive project data
View answer
Correct Answer: B
Question #25
The director of sales asked the development team for some small changes to increase the usability of an application used by the sales team. Prior security reviews of the code showed no significant vulnerabilities, and since the changes were small, they were given a peer review and then pushed to the live environment.Subsequent vulnerability scans now show numerous flaws that were not present in the previous versions of the code.Which of the following is an SDLC best practice that should have been followed?
A. ersioning
B. egression testing
C. ontinuous integration
D. ntegration testing
View answer
Correct Answer: B
Question #26
A company has hired an external security consultant to conduct a thorough review of all aspects of corporate security. The company is particularly concerned about unauthorized access to its physical offices resulting in network compromises. Which of the following should the consultant recommend be performed to evaluate potential risks?
A. he consultant should attempt to gain access to physical offices through social engineering and then attempt data exfiltration
B. he consultant should be granted access to all physical access control systems to review logs and evaluate the likelihood of the threat
C. he company should conduct internal audits of access logs and employee social media feeds to identify potential insider threats
D. he company should install a temporary CCTV system to detect unauthorized access to physical offices
View answer
Correct Answer: A
Question #27
Drag and drop the cloud deployment model to the associated use-case scenario. Options may be used only once or not at all.Select and Place:
A. lease refer to Explanation below for the answer
View answer
Correct Answer: A
Question #28
An SQL database is no longer accessible online due to a recent security breach. An investigation reveals that unauthorized access to the database was possible due to an SQL injection vulnerability. To prevent this type of breach in the future, which of the following security controls should be put in place before bringing the database back online? (Choose two.)
A. llow 172
B. llow 172
C. llow 172
D. llow 172
View answer
Correct Answer: CF
Question #29
A project manager is working with a software development group to collect and evaluate user stories related to the organization’s internally designed CRM tool. After defining requirements, the project manager would like to validate the developer’s interpretation and understanding of the user’s request. Which of the following would BEST support this objective?
A. eer review
B. esign review
C. crum
D. ser acceptance testing
E. nit testing
View answer
Correct Answer: B
Question #30
An organization, which handles large volumes of PII, allows mobile devices that can process, store, and transmit PII and other sensitive data to be issued to employees. Security assessors can demonstrate recovery and decryption of remnant sensitive data from device storage after MDM issues a successful wipe command. Assuming availability of the controls, which of the following would BEST protect against the loss of sensitive data in the future?
A. mplement a container that wraps PII data and stores keying material directly in the container’s encrypted application space
B. se encryption keys for sensitive data stored in an eFuse-backed memory space that is blown during remote wipe
C. ssue devices that employ a stronger algorithm for the authentication of sensitive data stored on them
D. rocure devices that remove the bootloader binaries upon receipt of an MDM-issued remote wipe command
View answer
Correct Answer: A
Question #31
Company leadership believes employees are experiencing an increased number of cyber attacks; however, the metrics do not show this. Currently, the company uses “Number of successful phishing attacks” as a KRI, but it does not show an increase.Which of the following additional information should be the Chief Information Security Officer (CISO) include in the report?
A. he ratio of phishing emails to non-phishing emails
B. he number of phishing attacks per employee
C. he number of unsuccessful phishing attacks
D. he percent of successful phishing attacks
View answer
Correct Answer: C
Question #32
A security architect is determining the best solution for a new project. The project is developing a new intranet with advanced authentication capabilities, SSO for users, and automated provisioning to streamline Day 1 access to systems. The security architect has identified the following requirements:1. Information should be sourced from the trusted master data source.2. There must be future requirements for identity proofing of devices and users.3. A generic identity connector that can be reused must be d
A. DAP, multifactor authentication, OAuth, XACML
B. D, certificate-based authentication, Kerberos, SPML
C. AML, context-aware authentication, OAuth, WAYF
D. AC, radius, 802
View answer
Correct Answer: B
Question #33
A user asks a security practitioner for recommendations on securing a home network. The user recently purchased a connected home assistant and multiple IoT devices in an effort to automate the home. Some of the IoT devices are wearables, and other are installed in the user’s automobiles. The current home network is configured as a single flat network behind an ISP-supplied router. The router has a single IP address, and the router performs NAT on incoming traffic to route it to individual devices.Which of t
A. dd a second-layer VPN from a different vendor between sites
B. pgrade the cipher suite to use an authenticated AES mode of operation
C. se a stronger elliptic curve cryptography algorithm
D. mplement an IDS with sensors inside (clear-text) and outside (cipher-text) of each tunnel between sites
E. nsure cryptography modules are kept up to date from vendor supplying them
View answer
Correct Answer: C
Question #34
A new cluster of virtual servers has been set up in a lab environment and must be audited before being allowed on the production network. The security manager needs to ensure unnecessary services are disabled and all system accounts are using strong credentials.Which of the following tools should be used? (Choose two.)
A. chedule weekly reviews of al unit test results with the entire development team and follow up between meetings with surprise code inspections
B. evelop and implement a set of automated security tests to be installed on each development team leader’s workstation
C. nforce code quality and reuse standards into the requirements definition phase of the waterfall development process
D. eploy an integrated software tool that builds and tests each portion of code committed by developers and provides feedback
View answer
Correct Answer: BF
Question #35
Due to a recent breach, the Chief Executive Officer (CEO) has requested the following activities be conducted during incident response planning:-Involve business owners and stakeholders -Create an applicable scenario-Conduct a biannual verbal review of the incident response plan -Report on the lessons learned and gaps identifiedWhich of the following exercises has the CEO requested?
A. arallel operations
B. ull transition
C. nternal review
D. abletop
E. artial simulation
View answer
Correct Answer: D
Question #36
A security analyst has requested network engineers integrate sFlow into the SOC’s overall monitoring picture. For this to be a useful addition to the monitoring capabilities, which of the following must be considered by the engineering team?
A. ffective deployment of network taps
B. verall bandwidth available at Internet PoP
C. ptimal placement of log aggregators
D. vailability of application layer visualizers
View answer
Correct Answer: D
Question #37
A forensics analyst suspects that a breach has occurred. Security logs show the company’s OS patch system may be compromised, and it is serving patches that contain a zero-day exploit and backdoor. The analyst extracts an executable file from a packet capture of communication between a client computer and the patch server. Which of the following should the analyst use to confirm this suspicion?
A. ile size
B. igital signature
C. hecksums
D. nti-malware software
E. andboxing
View answer
Correct Answer: B
Question #38
A security architect is implementing security measures in response to an external audit that found vulnerabilities in the corporate collaboration tool suite. The report identified the lack of any mechanism to provide confidentiality for electronic correspondence between users and between users and group mailboxes. Which of the following controls would BEST mitigate the identified vulnerability?
A. he consolidation of two different IT enterprises increases the likelihood of the data loss because there are now two backup systems
B. ntegrating two different IT systems might result in a successful data breach if threat intelligence is not shared between the two enterprises
C. erging two enterprise networks could result in an expanded attack surface and could cause outages if trust and permission issues are not handled carefully
D. xpanding the set of data owners requires an in-depth review of all data classification decisions, impacting availability during the review
View answer
Correct Answer: A
Question #39
Click on the exhibit buttons to view the four messages.A security architect is working with a project team to deliver an important service that stores and processes customer banking details. The project, internally known as ProjectX, is due to launch its first set of features publicly within a week, but the team has not been able to implement encryption-at-rest of the customer records. The security architect is drafting an escalation email to senior leadership.Which of the following BEST conveys the busines
A. essage 1
B. essage 2
C. essage 3
D. essage 4
View answer
Correct Answer: A
Question #40
A regional business is expecting a severe winter storm next week. The IT staff has been reviewing corporate policies on how to handle various situations and found some are missing or incomplete. After reporting this gap in documentation to the information security manager, a document is immediately drafted to move various personnel to other locations to avoid downtime in operations. This is an example of:
A. he engineer captured the data with a protocol analyzer, and then utilized Python to edit the data
B. he engineer queried the server and edited the data using an HTTP proxy interceptor
C. he engineer used a cross-site script sent via curl to edit the data
D. he engineer captured the HTTP headers, and then replaced the JSON data with a banner-grabbing tool
View answer
Correct Answer: C
Question #41
A security analyst is reviewing the following packet capture of communication between a host and a company’s router:Which of the following actions should the security analyst take to remove this vulnerability?
A. pdate the router code
B. mplement a router ACL
C. isconnect the host from the network
D. nstall the latest antivirus definitions
E. eploy a network-based IPS
View answer
Correct Answer: B
Question #42
Two new technical SMB security settings have been enforced and have also become policies that increase secure communications.Network Client: Digitally sign communication Network Server: Digitally sign communicationA storage administrator in a remote location with a legacy storage array, which contains time-sensitive data, reports employees can no longer connect to their department shares. Which of the following mitigation strategies should an information security manager recommend to the data owner?
A. ccept the risk, reverse the settings for the remote location, and have the remote location file a risk exception until the legacy storage device can be upgraded
B. ccept the risk for the remote location, and reverse the settings indefinitely since the legacy storage device will not be upgraded
C. itigate the risk for the remote location by suggesting a move to a cloud service provider
D. void the risk, leave the settings alone, and decommission the legacy storage device
View answer
Correct Answer: A
Question #43
A consulting firm was hired to conduct assessment for a company. During the first stage, a penetration tester used a tool that provided the following output:TCP 80 openTCP 443 openTCP 1434 filteredThe penetration tester then used a different tool to make the following requests: GET / script/login.php?token=45$MHT000MND876GET / script/login.php?token=@#984DCSPQ%091DF Which of the following tools did the penetration tester use?
A. rotocol analyzer
B. ort scanner
C. uzzer
D. rute forcer
E. og analyzer
View answer
Correct Answer: C
Question #44
A laptop is recovered a few days after it was stolen.Which of the following should be verified during incident response activities to determine the possible impact of the incident?
A. ull disk encryption status
B. PM PCR values
C. ile system integrity
D. resence of UEFI vulnerabilities
View answer
Correct Answer: D
Question #45
A security consultant is improving the physical security of a sensitive site and takes pictures of the unbranded building to include in the report. Two weeks later, the security consultant misplaces the phone, which only has one hour of charge left on it. The person who finds the phone removes the MicroSD card in an attempt to discover the owner to return it.The person extracts the following data from the phone and EXIF data from some files: DCIM Images folderAudio books folderTorrentzMy TAX.xlsConsultancy
A. icroSD in not encrypted and also contains personal data
B. icroSD contains a mixture of personal and work data
C. icroSD in not encrypted and contains geotagging information
D. icroSD contains pirated software and is not encrypted
View answer
Correct Answer: C
Question #46
During the deployment of a new system, the implementation team determines that APIs used to integrate the new system with a legacy system are not functioning properly. Further investigation shows there is a misconfigured encryption algorithm used to secure data transfers between systems. Which of the following should the project manager use to determine the source of the defined algorithm in use?
A. ort security
B. ogue device detection
C. luetooth
D. PS
View answer
Correct Answer: E
Question #47
Given the following code snippet:Of which of the following is this snippet an example?
A. ata execution prevention
B. uffer overflow
C. ailure to use standard libraries
D. mproper filed usage
E. nput validation
View answer
Correct Answer: E
Question #48
A Chief Information Security Officer (CISO) recently changed jobs into a new industry. The CISO’s first task is to write a new, relevant risk assessment for the organization. Which of the following would BEST help the CISO find relevant risks to the organization? (Choose two.)
A. nstall network taps at the edge of the network
B. end syslog from the IDS into the SIEM
C. nstall HIDS on each computer
D. PAN traffic form the network core into the IDS
View answer
Correct Answer: CE
Question #49
A software development manager is running a project using agile development methods. The company cybersecurity engineer has noticed a high number of vulnerabilities have been making it into production code on the project. Which of the following methods could be used in addition to an integrated development environment to reduce the severity of the issue?
A. onduct a penetration test on each function as it is developed
B. evelop a set of basic checks for common coding errors
C. dopt a waterfall method of software development
D. mplement unit tests that incorporate static code analyzers
View answer
Correct Answer: D
Question #50
A Chief Information Security Officer (CISO) of a large financial institution undergoing an IT transformation program wants to embed security across the business rapidly and across as many layers of the business as possible to achieve quick wins and reduce risk to the organization. Which of the following business areas should the CISO target FIRST to best meet the objective?
A. rogrammers and developers should be targeted to ensure secure coding practices, including automated code reviews with remediation processes, are implemented immediately
B. uman resources should be targeted to ensure all new employees undertake security awareness and compliance training to reduce the impact of phishing and ransomware attacks
C. he project management office should be targeted to ensure security is managed and included at all levels of the project management cycle for new and in-flight projects
D. isk assurance teams should be targeted to help identify key business unit security risks that can be aggregated across the organization to produce a risk posture dashboard for executive management
View answer
Correct Answer: D
Question #51
An organization is preparing to develop a business continuity plan. The organization is required to meet regulatory requirements relating to confidentiality and availability, which are well-defined. Management has expressed concern following initial meetings that the organization is not fully aware of the requirements associated with the regulations. Which of the following would be MOST appropriate for the project manager to solicit additional resources for during this phase of the project?
A. fter-action reports
B. ap assessment
C. ecurity requirements traceability matrix
D. usiness impact assessment
E. isk analysis
View answer
Correct Answer: B
Question #52
During the decommissioning phase of a hardware project, a security administrator is tasked with ensuring no sensitive data is released inadvertently. All paper records are scheduled to be shredded in a crosscut shredder, and the waste will be burned. The system drives and removable media have been removed prior to e-cycling the hardware.Which of the following would ensure no data is recovered from the system drives once they are disposed of?
A. verwriting all HDD blocks with an alternating series of data
B. hysically disabling the HDDs by removing the drive head
C. emagnetizing the hard drive using a degausser
D. eleting the UEFI boot loaders from each HD
View answer
Correct Answer: C
Question #53
An architect was recently hired by a power utility to increase the security posture of the company’s power generation and distribution sites. Upon review, the architect identifies legacy hardware with highly vulnerable and unsupported software driving critical operations. These systems must exchange data with each other, be highly synchronized, and pull from the Internet time sources. Which of the following architectural decisions would BEST reduce the likelihood of a successful attack without harming opera
A. se a protocol analyzer against the site to see if data input can be replayed from the browser
B. can the website through an interception proxy and identify areas for the code injection
C. can the site with a port scanner to identify vulnerable services running on the web server
D. se network enumeration tools to identify if the server is running behind a load balancer
View answer
Correct Answer: BE
Question #54
A developer is reviewing the following transaction logs from a web application:Username: John Doe Street name: Main St.Street number: