CAS-003 Full Version: 307 Q&As Full version of CAS-003 Dumps Share CAS-003 exam dumps below. 1.A penetration testing manager is contributing to an RFP for the purchase of a new platform. The manager has provided the following requirements:- Must be able to MITM web-based protocols- Must be able to find common misconfigurations and security holesWhich of the following types of testing should be included in the testing platform? (Choose two.)A. Reverse engineering toolB. HTTP intercepting proxyC. Vulnerability scannerD. File integrity monitorE. Password crackerF. FuzzerAnswer:BC2.An incident responder wants to capture volatile memory
comprehensively from a running machine for forensic purposes. The machine is running a very recent release of the Linux OS.Which of the following technical approaches would be the MOST feasible way to accomplish this capture?3.A request has been approved for a vendor to access a new internal server using only HTTPS and SSH to manage the back-end system for the portal. Internal users just need HTTP and HTTPS access to all internal web servers. All other external access to the new server and its subnet is not allowed. The security manager must ensure proper access is configured.Below is a snippet from the firewall related to that server (access is provided in a top-down model):Which of the following lines should be configured to allow the proper access? (Choose two.)4.A firewall specialist has been newly assigned to participate in red
team exercises and needs to ensure the skills represent real-world threats.Which of the following would be the BEST choice to help the new team member learn bleeding-edge techniques?5.An organization is implementing a virtualized thin-client solution for normal user computing and access. During a review of the architecture, concerns were raised that an attacker could gain access to multiple user environments by simply gaining a foothold on a single one with malware.Which of the following reasons BEST explains this?A. Malware on one virtual environment could enable pivoting to others by leveraging vulnerabilities in the hypervisor.
You've reached the end of your free preview.
Want to read all 10 pages?
- Winter '18
- Computer Security, consultant, Security engineering, security administrator, CAS-003 Exam, CAS-003