Tag - CAS-003 exam

After embracing a BYOD policy, a company is faced with new security challenges from unmanaged mobile devices and laptops. The company’s IT department has seen a large number of the following incidents: - Duplicate IP addresses - Rogue network devices - Infected systems probing the company’s network Which of the...

SIMULATION Compliance with company policy requires a quarterly review of firewall rules. You are asked to conduct a review on the internal firewall sitting between several internal networks. The intent of this firewall is to make traffic more secure. Given the following information perform the tasks listed below: Untrusted zone:...

One of the objectives of a bank is to instill a security awareness culture. Which of the following are techniques that could help to achieve this? (Choose two.)A . Blue teamingB . Phishing simulationsC . Lunch-and-learnD . Random auditsE . Continuous monitoringF . Separation of dutiesView AnswerAnswer: BE

During a security assessment, an organization is advised of inadequate control over network segmentation. The assessor explains that the organization’s reliance on VLANs to segment traffic is insufficient to provide segmentation based on regulatory standards. Which of the following should the organization consider implementing along with VLANs to provide a...

Two competing companies experienced similar attacks on their networks from various threat actors. To improve response times, the companies wish to share some threat intelligence about the sources and methods of attack. Which of the following business documents would be BEST to document this engagement?A . Business partnership agreementB ....

A newly hired systems administrator is trying to connect a new and fully updated, but very customized, Android device to access corporate resources. However, the MDM enrollment process continually fails. The administrator asks a security team member to look into the issue. Which of the following is the MOST likely...

An organization is preparing to develop a business continuity plan. The organization is required to meet regulatory requirements relating to confidentiality and availability, which are well-defined. Management has expressed concern following initial meetings that the organization is not fully aware of the requirements associated with the regulations. Which of the...

A security analyst is reviewing the corporate MDM settings and notices some disabled settings, which consequently permit users to download programs from untrusted developers and manually install them. After some conversations, it is confirmed that these settings were disabled to support the internal development of mobile applications. The security analyst...

Given the following output from a local PC: Which of the following ACLs on a stateful host-based firewall would allow the PC to serve an intranet website?A . Allow 172.30.0.28:80 -> ANYB . Allow 172.30.0.28:80 -> 172.30.0.0/16C . Allow 172.30.0.28:80 -> 172.30.0.28:443D . Allow 172.30.0.28:80 -> 172.30.0.28:53View AnswerAnswer: B

The board of a financial services company has requested that the senior security analyst acts as a cybersecurity advisor in order to comply with recent federal legislation. The analyst is required to give a report on current cybersecurity and threat trends in the financial services industry at the next board...