CompTIA CAS-003 Questions Answers

Page: 17 / 25

Question 68

A software development team is conducting functional and user acceptance testing of internally developed web applications using a COTS solution. For automated testing, the solution uses valid user credentials from the enterprise directory to authenticate to each application. The solution stores the username in plain text and the corresponding password as an encoded string in a script within a file, located on a globally accessible network share. The account credentials used belong to the development team lead.

To reduce the risks associated with this scenario while minimizing disruption to ongoing testing, which of the following are the BEST actions to take? (Choose two.)

Options:

Restrict access to the network share by adding a group only for developers to the share’s ACL

Implement a new COTS solution that does not use hard-coded credentials and integrates with directory services

Obfuscate the username within the script file with encoding to prevent easy identification and the account used

Provision a new user account within the enterprise directory and enable its use for authentication to the target applications. Share the username and password with all developers for use in their individual scripts

Redesign the web applications to accept single-use, local account credentials for authentication

Question 69

An attacker exploited an unpatched vulnerability in a web framework, and then used an application service account that had an insecure configuration to download a rootkit The attacker was unable to obtain root privileges Instead the attacker then downloaded a crypto-currency mining program and subsequently was discovered The server was taken offline, rebuilt, and patched. Which of the following should the security engineer suggest to help prevent a similar scenario in the future?

Options:

Remove root privileges from the application service account

Implement separation of duties.

Properly configure SELinux and set it to enforce.

Use cron to schedule regular restarts of the service to terminate sessions.

Perform regular uncredentialed vulnerability scans

Question 70

The government is concerned with remote military missions being negatively being impacted by the use of technology that may fail to protect operational security. To remediate this concern, a number of solutions have been implemented, including the following:

End-to-end encryption of all inbound and outbound communication, including personal email and chat sessions that allow soldiers to securely communicate with families.
Layer 7 inspection and TCP/UDP port restriction, including firewall rules to only allow TCP port 80 and 443 and approved applications
A host-based whitelist of approved websites and applications that only allow mission-related tools and sites
The use of satellite communication to include multiple proxy servers to scramble the source IP address

Which of the following is of MOST concern in this scenario?

Options:

Malicious actors intercepting inbound and outbound communication to determine the scope of the mission

Family members posting geotagged images on social media that were received via email from soldiers

The effect of communication latency that may negatively impact real-time communication with mission control

The use of centrally managed military network and computers by soldiers when communicating with external parties

Question 71

A company is acquiring incident response and forensic assistance from a managed security service provider in the event of a data breach. The company has selected a partner and must now provide required documents to be reviewed and evaluated.

Which of the following documents would BEST protect the company and ensure timely assistance? (Choose two.)