CAS-003 문제 16
Customers are receiving emails containing a link to malicious software. These emails are subverting spam filters. The email reads as follows:
Delivered-To: [email protected]
Received: by 10.14.120.205
Mon, 1 Nov 2010 11:15:24 -0700 (PDT)
Received: by 10.231.31.193
Mon, 01 Nov 2010 11:15:23 -0700 (PDT)
Return-Path: <[email protected]>
Received: from 127.0.0.1 for <[email protected]>; Mon, 1 Nov 2010 13:15:14 -0500 (envelope-from <[email protected]>)
Received: by smtpex.example.com (SMTP READY)
with ESMTP (AIO); Mon, 01 Nov 2010 13:15:14 -0500
Received: from 172.18.45.122 by 192.168.2.55; Mon, 1 Nov 2010 13:15:14 -0500
From: Company <[email protected]>
To: "[email protected]" <[email protected]>
Date: Mon, 1 Nov 2010 13:15:11 -0500
Subject: New Insurance Application
Thread-Topic: New Insurance Application
Please download and install software from the site below to maintain full access to your account.
www.examplesite.com
________________________________
Additional information: The authorized mail servers IPs are 192.168.2.10 and 192.168.2.11.
The network's subnet is 192.168.2.0/25.
Which of the following are the MOST appropriate courses of action a security administrator could take to eliminate this risk? (Select TWO).
Delivered-To: [email protected]
Received: by 10.14.120.205
Mon, 1 Nov 2010 11:15:24 -0700 (PDT)
Received: by 10.231.31.193
Mon, 01 Nov 2010 11:15:23 -0700 (PDT)
Return-Path: <[email protected]>
Received: from 127.0.0.1 for <[email protected]>; Mon, 1 Nov 2010 13:15:14 -0500 (envelope-from <[email protected]>)
Received: by smtpex.example.com (SMTP READY)
with ESMTP (AIO); Mon, 01 Nov 2010 13:15:14 -0500
Received: from 172.18.45.122 by 192.168.2.55; Mon, 1 Nov 2010 13:15:14 -0500
From: Company <[email protected]>
To: "[email protected]" <[email protected]>
Date: Mon, 1 Nov 2010 13:15:11 -0500
Subject: New Insurance Application
Thread-Topic: New Insurance Application
Please download and install software from the site below to maintain full access to your account.
www.examplesite.com
________________________________
Additional information: The authorized mail servers IPs are 192.168.2.10 and 192.168.2.11.
The network's subnet is 192.168.2.0/25.
Which of the following are the MOST appropriate courses of action a security administrator could take to eliminate this risk? (Select TWO).
CAS-003 문제 17
An organization is currently performing a market scan for managed security services and EDR capability. Which of the following business documents should be released to the prospective vendors in the first step of the process? (Select TWO).
CAS-003 문제 18
The SOC has noticed an unusual volume of traffic coming from an open WiFi guest network that appears correlated with a broader network slowdown The network team is unavailable to capture traffic but logs from network services are available
* No users have authenticated recently through the guest network's captive portal
* DDoS mitigation systems are not alerting
* DNS resolver logs show some very long domain names
Which of the following is the BEST step for a security analyst to take next?
* No users have authenticated recently through the guest network's captive portal
* DDoS mitigation systems are not alerting
* DNS resolver logs show some very long domain names
Which of the following is the BEST step for a security analyst to take next?
CAS-003 문제 19
The finance department has started to use a new payment system that requires strict Pll security restrictions on various network devices. The company decides to enforce the restrictions and configure all devices appropriately.
Which of the following risk response strategies is being used?
Which of the following risk response strategies is being used?
CAS-003 문제 20
A security engineer has received feedback from other security professionals about the effectiveness of hiding a wireless SSID as a security measure Opinions vary as to whether this practice is effective or hinders WiFi performance. The security engineer decides to get information from a definitive source. Which of the following should the security engineer do to BEST make an informed decision?