CAS-005 Practice Questions

Company A acquired Company

B.  

A security analyst is reviewing the following code in the public repository for potential risk concerns:

typescript

CopyEdit

include bouncycastle-1.4.jar;

include jquery-2.0.2.jar;

public static void main() {...}

public static void territory() { ... }

public static void state() { ... }

public static String code = "init";

public static String access_token = "spat-hfeiw-sogur-werdb-werib";

Which of the following should the security analyst recommend first to remediate the vulnerability?

An organization is developing an in-house software platform to support capital planning and reporting functions. In addition to role-based access controls and auditing/logging capabilities, the product manager must include requirements associated with archiving data and immutable backups. Which of the following organizational considerations are most likely associated with this requirement? (Select two)

A company implemented a NIDS and a NIPS on the most critical environments. Since this implementation, the company has been experiencing network connectivity issues. Which of the following should the security architect recommend for a new NIDS/NIPS implementation?

A security engineer needs to review the configurations of several devices on the network to meet the following requirements:

• The PostgreSQL server must only allow connectivity in the 10.1.2.0/24

subnet.

• The SSH daemon on the database server must be configured to listen

to port 4022.

• The SSH daemon must only accept connections from a Single

workstation.

• All host-based firewalls must be disabled on all workstations.

• All devices must have the latest updates from within the past eight

days.

•All HDDs must be configured to secure data at rest.

• Cleartext services are not allowed.

• All devices must be hardened when possible.

Instructions:

Click on the various workstations and network devices to review the posture assessment results. Remediate any possible issues or indicate that no issue is found.

Click on Server A to review output data. Select commands in the appropriate tab to remediate connectivity problems to the pOSTGREsql DATABASE VIA ssh

WAP A

PC A

Laptop A

Switch A

Switch B:

Laptop B

PC B

PC C

Server A

An analyst reviews a SIEM and generates the following report:

OnlyHOST002is authorized for internet traffic. Which of the following statements is accurate?

Emails that the marketing department is sending to customers are going to the customers' spam folders. The security team is investigating the issue and discovers that the certificates used by the email server were reissued, but DNS records had not been updated. Which of the following should the security team update in order to fix this issue? (Select three).

Users are willing passwords on paper because of the number of passwords needed in an environment. Which of the following solutions is the best way to manage this situation and decrease risks?

A security manager at a local hospital wants to secure patient medical records. The manager needs to:

• Choose an access control model that clearly defines who has access to sensitive information.

• Prevent those who enter new patient information from specifying who has access to this data.

Which of the following access control models is the best way to ensure the lowest risk of granting unintentional access?

An organization must provide access to its internal system data. The organization requires that this access complies with the following:

Access must be automated.

Data confidentiality must be preserved.

Access must be authenticated.

Data must be preprocessed before it is retrieved.

Which of the following actions should the organization take to meet these requirements?