CAS-003 Dumps

CAS-003 Real Exam Dumps Questions and answers 51-60

Get Full Version of the Exam

Question No.51

A company#39;s existing forward proxies supportsoftware-based TLS decryption, but are currently at 60% load just dealing with AV scanning and content analysis for HTTP traffic. More than 70% outbound web traffic is currently encrypted. The switching and routing network infrastructure precludes adding capacity, preventing the installation of a dedicated TLS decryption system. The network firewall infrastructure is currently at 30% load and has software decryption modules that can be activated by purchasing additional license keys. An existing project isrolling out agent updates to end-user desktops as part of an endpoint security refresh. Which of the following is the BEST way to address these issues and mitigate risks to the organization?

  1. Purchase the SSL, decryption license for the firewalls and route traffic back to the proxies for end- user categorization and malware analysis.

  2. Roll out application whitelisting to end-user desktops and decommission the existing proxies, freeing up network ports.

  3. Use an EDP solution to address the malware issueand accept the diminishing role of the proxy for URL categorization in the short team.

  4. Accept the current risk and seek possible funding approval in the next budget cycle to replace the existing proxies with ones with more capacity.

Correct Answer: B

Question No.52

An internal staff member logs into an ERP platform and clicks on arecord. The browser URL changes to:



Which of the following is the MOST likely vulnerability in this ERP platform?

  1. Brute forcing of account credentials

  2. Plan-text credentials transmitted over theInternet

  3. Insecure direct object reference

  4. SQL injection of ERP back end

Correct Answer: C

Question No.53

A company is developing requirements for a customized OS build that will be used in an embedded environment. The company procured hardware that is capable of reducing the likelihood of successful buffer overruns while executables are processing. Which of the following capabilities must be included for the OS to take advantage of this critical hardware-based countermeasure?

  1. Application whitelisting

  2. NX/XN bit

  3. ASLR

  4. TrustZone

  5. SCP

Correct Answer: B

Question No.54

Aninternal penetration tester was assessing a recruiting page for potential issues before it was pushed to the production website. The penetration tester discovers an issue that must be corrected before the page goes live. The web host administrator collectsthe log files below and gives them to the development team so improvements can be made to the security design of the website.


Which of the following types of attack vector did the penetration tester use?

  1. SQLi

  2. CSRF

  3. Brute force

  4. XSS

  5. TOC/TOU

Correct Answer: B

Question No.55


A security consultant isconsidering authentication options for a financial institution. The following authentication options are available security mechanism to the appropriate use case. Options may be used once.


Correct Answer:


Question No.56

A managed service provider is designing a log aggregation service for customers who no longer want tomanage an internal SIEM infrastructure. The provider expects that customers will send all types of logs to them, and that log files could contain very sensitive entries. Customers have indicated they want on-premises and cloud-based infrastructure logs tobe stored in this new service. An engineer, who is designing the new service, is deciding how to segment customers. Which of the following is the BEST statement for the engineer to take into consideration?

  1. Single-tenancy is often more expensive and has less efficient resource utilization. Multi-tenancy may increase the risk of cross-customer exposure in the event of service vulnerabilities.

  2. The managed service provider should outsource security of the platform to an existing cloud company. This willallow the new log service to be launched faster and with well-tested security controls.

  3. Due to the likelihood of large log volumes, the service provider should use a multi-tenancy model for the data storage tier, enable data deduplication for storage cost efficiencies, and encrypt data at rest.

  4. The most secure design approach would be to give customers on-premises appliances, install agents on endpoints, and then remotely manage the service via a VPN.

Correct Answer: A

Question No.57

A web developer has implemented HTML5 optimizations into a legacy web application. One of the modifications the web developer made was the following client side optimization:

localStorage.setItem(quot;session-cookiequot;, document.cookie); Which of thefollowing should the security engineer recommend?

  1. SessionStorage should be used so authorized cookies expire after the session ends

  2. Cookies should be marked as quot;securequot; and quot;HttpOnlyquot;

  3. Cookies should be scoped to a relevant domain/path

  4. Client-side cookies should be replaced by server-side mechanisms

Correct Answer: C

Question No.58

A security engineer has implemented an internal user access review tool so service teams can baseline user accounts and group memberships. The tool is functional and popular among its initial set of onboarded teams. However, the tool has not been built to cater to a broader set of internal teams yet. The engineer has sought feedback from internal stakeholders, and a list of summarized requirements is as follows:


The tool needs to be responsive so service teamscan query it, and then perform an automated response action.


The tool needs to be resilient to outages so service teams can perform the user access review at any point in time and meet their own SLAs.


The tool will become the system-of-record for approval,reapproval, and removal life cycles of group memberships and must allow for data retrieval after failure.

Which of the following need specific attention to meet the requirements listed above? (Choose three.)

  1. Scalability

  2. Latency

  3. Availability

  4. Usability

  5. Recoverability

  6. Maintainability

Correct Answer: BCE

Question No.59

A forensic analyst suspects that a buffer overflow exists in a kernel module. The analyst executes the following command:

dd if=/dev/ram of=/tmp/mem/dmp

The analyst then reviews the associated output:


However, the analyst is unable to find any evidence of the running shell. Which of the following of the MOST likely reason the analyst cannot find a process ID for the shell?

  1. The NX bit is enabled

  2. The system uses ASLR

  3. The shell is obfuscated

  4. The code uses dynamic libraries

Correct Answer: B

Question No.60

Which of the following is an external pressure that causes companies to hire security assessors and penetration testers?

  1. Lack of adequate in-house testing skills.

  2. Requirements for geographically based assessments

  3. Cost reduction measures

  4. Regulatory insistence on independent reviews.

Correct Answer: D

Get Full Version of CAS-003 Dumps

Leave a Reply

Your email address will not be published. Required fields are marked *