CAS-003 무료 덤프문제 온라인 액세스

A security engineer is performing a routine audit of a company's decommissioned devices. The current process involves a third-party firm removing the hard drive from a company device, wiping it using a seven-pass software placing it back into the device and tagging the device for reuse or disposal. The audit reveals sensitive information is present m the hard drive duster tips. Which of the following should the third-party firm implement NEXT to ensure all data is permanently removed''

• A.Degauss the drives using a commercial tool,
• B.Disable the logic board using high-voltage input.
• C.Wipe the drives using a 21 -pass overwrite,.
• D.Scramble the file allocation table.

The code snippet below controls all electronic door locks to a secure facility in which the doors should only fail open in an emergency. In the code, "criticalValue" indicates if an emergency is underway:

Which of the following is the BEST course of action for a security analyst to recommend to the software developer?

• A.Rewrite the software's exception handling routine to fail in a secure state
• B.Rewrite the software to implement fine-grained, conditions-based testing
• C.Apply for a life-safety-based risk exception allowing secure doors to fail open
• D.Add additional exception handling logic to the main program to prevent doors from being opened

A security architect is implementing security measures in response to an external audit that found vulnerabilities in the corporate collaboration tool suite. The report identified the lack of any mechanism to provide confidentiality for electronic correspondence between users and between users and group mailboxes. Which of the following controls would BEST mitigate the identified vulnerability?

• A.Issue digital certificates to all users, including owners of group mailboxes, and enable S/MIME
• B.Provide digital certificates to all systems, and eliminate the user group or shared mailboxes
• C.Federate with an existing PKI provider, and reject all non-signed emails
• D.Implement two-factor email authentication, and require users to hash all email messages upon receipt

A managed service provider is designing a log aggregation service for customers who no longer want to manage an internal SIEM infrastructure. The provider expects that customers will send all types of logs to them, and that log files could contain very sensitive entries. Customers have indicated they want on-premises and cloud-based infrastructure logs to be stored in this new service. An engineer, who is designing the new service, is deciding how to segment customers.
Which of the following is the BEST statement for the engineer to take into consideration?

• A.Single-tenancy is often more expensive and has less efficient resource utilization. Multi-tenancy may increase the risk of cross-customer exposure in the event of service vulnerabilities.
• B.The managed service provider should outsource security of the platform to an existing cloud company. This will allow the new log service to be launched faster and with well-tested security controls.
• C.Due to the likelihood of large log volumes, the service provider should use a multi-tenancy model for the data storage tier, enable data deduplication for storage cost efficiencies, and encrypt data at rest.
• D.The most secure design approach would be to give customers on-premises appliances, install agents on endpoints, and then remotely manage the service via a VPN.

An electric car company hires an IT consulting company to improve the cybersecurity of us vehicles. Which of the following should achieve the BEST long-term result for the company?

• A.Designing Developing add-on security components for fielded vehicles
• B.Performing a cyber-risk assessment on production vehicles
• C.Reviewing proposed designs and prototypes for cybersecurity vulnerabilities
• D.Reviewing and influencing requirements for an early development vehicle