Question 6 of 480

An SQL database is no longer accessible online due to a recent security breach. An investigation reveals that unauthorized access to the database was possible due to an SQL injection vulnerability. To prevent this type of breach in the future, which of the following security controls should be put in place before bringing the database back online? (Choose two.)

Answer

Suggested Answer

The suggested answer is C, D.

To prevent SQL injection vulnerabilities, input validation and a web application firewall (WAF) should be put in place. Input validation ensures that any data sent to the server is checked for potentially malicious content, effectively mitigating the risk of SQL injection. A WAF can filter and monitor HTTP traffic to and from a web application, providing an additional layer of security by blocking malicious requests attempting to exploit SQL injection vulnerabilities.

Question 7 of 480

A company has entered into a business agreement with a business partner for managed human resources services. The Chief Information Security Officer (CISO) has been asked to provide documentation that is required to set up a business-to-business VPN between the two organizations. Which of the following is required in this scenario?

Answer

Suggested Answer

The suggested answer is A.

An ISA (Interconnection Security Agreement) is a document that outlines the technical and security requirements for establishing, operating, and maintaining a secure connection between networks or systems belonging to different organizations. In the context of setting up a business-to-business VPN, this agreement would detail the security measures, protocols, and rules that both parties must adhere to, ensuring the integrity, confidentiality, and availability of the data being transmitted over the VPN.

Community Votes3 votes
ASuggested
100%
Question 8 of 480

Given the following output from a local PC:

Exam CAS-003: Question 8 - Image 1

Which of the following ACLs on a stateful host-based firewall would allow the PC to serve an intranet website?

Answer

Suggested Answer

The suggested answer is B.

To allow the PC to serve an intranet website, it needs to accept incoming traffic on port 80, which is the standard port for HTTP traffic. The ACL should permit intranet users to access the web server hosted on the PC. Given that the intranet might span multiple subnets within the 172.30.0.0/16 network, allowing traffic from any address within this subnet range to port 80 on 172.30.0.28 would enable access appropriately. So, the correct rule would be 'Allow 172.30.0.28:80 -> 172.30.0.0/16'.

Question 9 of 480

A penetration tester has been contracted to conduct a physical assessment of a site. Which of the following is the MOST plausible method of social engineering to be conducted during this engagement?

Answer

Suggested Answer

The suggested answer is B.

Posing as a copier service technician and indicating the equipment had 'phoned home' to alert the technician for a service call is the most plausible method of social engineering in this context. A penetration tester conducting a physical assessment aims to gain physical access to a site. By posing as a service technician, the tester can appear legitimate and gain entry into the facility. This method exploits the human element of trust and perceived authority, making it an effective form of social engineering for physical security testing. Other options either do not focus on gaining physical access, or involve highly risky and illegal activities, which are unlikely to be the preferred methods in such engagements.

Community Votes1 vote
BSuggested
100%
Question 10 of 480

A penetration tester is conducting an assessment on Comptia.org and runs the following command from a coffee shop while connected to the public Internet:

Exam CAS-003: Question 10 - Image 1

Which of the following should the penetration tester conclude about the command output?

Answer

Suggested Answer

The suggested answer is A.

To conclude about the command output, the fact that a private IP address (192.168.102.67) is visible in the public DNS query result indicates a misconfiguration in the DNS settings for Comptia.org. Typically, private IP addresses should not be exposed through public DNS records as they are not routable on the public Internet and are intended to be used only within private networks. Therefore, the public/private views on the Comptia.org DNS servers are misconfigured.

Community Votes1 vote
ASuggested
100%