CAS-003 문제 96
A security administrator wants to calculate the ROI of a security design which includes the purchase of new equipment. The equipment costs $50,000 and it will take 50 hours to install and configure the equipment. The administrator plans to hire a contractor at a rate of $100/hour to do the installation. Given that the new design and equipment will allow the company to increase revenue and make an additional $100,000 on the first year, which of the following is the ROI expressed as a percentage for the first year?
CAS-003 문제 97
A company recently developed a new mobile application that will be used to access a sensitive system. The application and the system have the following requirements:
* The application contains sensitive encryption material and should not be accessible over the network
* The system should not be exposed to the Internet
* Communication must be encrypted and authenticated by both the server and the client Which of the following can be used to install the application on the mobile device? (Select TWO).
* The application contains sensitive encryption material and should not be accessible over the network
* The system should not be exposed to the Internet
* Communication must be encrypted and authenticated by both the server and the client Which of the following can be used to install the application on the mobile device? (Select TWO).
CAS-003 문제 98
A security administrator receives reports that several workstations are unable to access resources within one network segment. A packet capture shows the segment is flooded with ICMPv6 traffic from the source fe80::21ae;4571:42ab:1fdd and for the destination ff02::1. Which of the following should the security administrator integrate into the network to help prevent this from occurring?
CAS-003 문제 99
Two major aircraft manufacturers are in the process of merging their assets and forming a single enterprise network. One of the manufacturers maintains its ICS systems on the same network segment as its enterprise IT assets, whereas the other manufacturer has physically isolated its factory-floor ICS systems from the rest of its enterprise. Which of the following BEST describes an architectural weakness associated with merging the two companies' assets in their current state?
CAS-003 문제 100
A government contractor was the victim of a malicious attack that resulted in the theft of sensitive information. An analyst's subsequent investigation of sensitive systems led to the following discoveries:
- There was no indication of the data owner's or user's accounts being
compromised.
- No database activity outside of previous baselines was discovered.
- All workstations and servers were fully patched for all known
vulnerabilities at the time of the attack.
- It was likely not an insider threat, as all employees passed
polygraph tests.
Given this scenario, which of the following is the MOST likely attack that occurred?
- There was no indication of the data owner's or user's accounts being
compromised.
- No database activity outside of previous baselines was discovered.
- All workstations and servers were fully patched for all known
vulnerabilities at the time of the attack.
- It was likely not an insider threat, as all employees passed
polygraph tests.
Given this scenario, which of the following is the MOST likely attack that occurred?