Online Access Free CompTIA.CAS-003.v2021-10-13.q221 Practice Test (Page 15)

CAS-003 Exam Question 66

SIMULATION
Compliance with company policy requires a quarterly review of firewall rules. A new administrator is asked to conduct this review on the internal firewall sitting between several internal networks. The intent of this firewall is to make traffic more restrictive. Given the following information answer the questions below:
User Subnet: 192.168.1.0/24 Server Subnet: 192.168.2.0/24 Finance Subnet:192.168.3.0/24 Instructions: To perform the necessary tasks, please modify the DST port, Protocol, Action, and/or Rule Order columns. Firewall ACLs are read from the top down Task 1) An administrator added a rule to allow their machine terminal server access to the server subnet. This rule is not working. Identify the rule and correct this issue.
Task 2) All web servers have been changed to communicate solely over SSL. Modify the appropriate rule to allow communications.
Task 3) An administrator added a rule to block access to the SQL server from anywhere on the network. This rule is not working. Identify and correct this issue.
Task 4) Other than allowing all hosts to do network time and SSL, modify a rule to ensure that no other traffic is allowed.

A.Check the answer below

Task 1) An administrator added a rule to allow their machine terminal server access to the server subnet. This rule is not working. Identify the rule and correct this issue.
The rule shown in the image below is the rule in question. It is not working because the action is set to Deny. This needs to be set to Permit.

Task 2) All web servers have been changed to communicate solely over SSL. Modify the appropriate rule to allow communications.
The web servers rule is shown in the image below. Port 80 (HTTP) needs to be changed to port 443 for HTTPS (HTTP over SSL).
Task 3) An administrator added a rule to block access to the SQL server from anywhere on the network. This rule is not working. Identify and correct this issue.
The SQL Server rule is shown in the image below. It is not working because the protocol is wrong. It should be TCP, not UDP.
Task 4) Other than allowing all hosts to do network time and SSL, modify a rule to ensure that no other traffic is allowed.
The network time rule is shown in the image below.

However, this rule is not being used because the 'any' rule shown below allows all traffic and the rule is placed above the network time rule. To block all other traffic, the 'any' rule needs to be set to Deny, not Permit and the rule needs to be placed below all the other rules (it needs to be placed at the bottom of the list to the rule is enumerated last).

B.Check the answer below

Task 1) An administrator added a rule to allow their machine terminal server access to the server subnet. This rule is not working. Identify the rule and correct this issue.
The rule shown in the image below is the rule in question. It is not working because the action is set to Deny. This needs to be set to Permit.

Task 2) All web servers have been changed to communicate solely over SSL. Modify the appropriate rule to allow communications.
The web servers rule is shown in the image below. Port 80 (HTTP) needs to be changed to port 443 for HTTPS (HTTP over SSL).

Task 3) An administrator added a rule to block access to the SQL server from anywhere on the network. This rule is not working. Identify and correct this issue.
The SQL Server rule is shown in the image below. It is not working because the protocol is wrong. It should be TCP, not UDP.

Task 4) Other than allowing all hosts to do network time and SSL, modify a rule to ensure that no other traffic is allowed.
The network time rule is shown in the image below.

However, this rule is not being used because the 'any' rule shown below allows all traffic and the rule is placed above the network time rule. To block all other traffic, the 'any' rule needs to be set to Deny, not Permit and the rule needs to be placed below all the other rules (it needs to be placed at the bottom of the list to the rule is enumerated last).

CAS-003 Exam Question 67

The results of an external penetration test for a software development company show a small number of applications account for the largest number of findings. While analyzing the content and purpose of the applications, the following matrix is created.

The findings are then categorized according to the following chart:

Which of the following would BEST reduce the amount of immediate risk incurred by the organization from a compliance and legal standpoint? (Select TWO)

A.Move Application 3 to a secure VLAN and require employees to use a jump server for access.

B.Use network segmentation and ACLs to control access to Application 5.

C.Apply the missing OS and software patches to the server hosting Application 4

D.Install a FIM on the server hosting Application 4

E.Place a WAF in line with Application 2

F.Implement an IDS/IPS on the same network segment as Application 3

CAS-003 Exam Question 68

At 9:00 am each morning, all of the virtual desktops in a VDI implementation become extremely slow and/or unresponsive. The outage lasts for around 10 minutes, after which everything runs properly again. The administrator has traced the problem to a lab of thin clients that are all booted at 9:00 am each morning. Which of the following is the MOST likely cause of the problem and the BEST solution? (Select TWO).

A.Add guests with more memory to increase capacity of the infrastructure.

B.A backup is running on the thin clients at 9am every morning.

C.Install more memory in the thin clients to handle the increased load while booting.

D.Booting all the lab desktops at the same time is creating excessive I/O.

E.Install 10-Gb uplinks between the hosts and the lab to increase network capacity.

F.Install faster SSD drives in the storage system used in the infrastructure.

G.The lab desktops are saturating the network while booting.

H.The lab desktops are using more memory than is available to the host systems.

CAS-003 Exam Question 69

A security researcher is gathering information about a recent spoke in the number of targeted attacks against multinational banks. The spike is on top of already sustained attacks against the banks. Some of the previous attacks have resulted in the loss of sensitive data, but as of yet the attackers have not successfully stolen any funds.
Based on the information available to the researcher, which of the following is the MOST likely threat profile?

A.Nation-state-sponsored attackers conducting espionage for strategic gain.

B.Opportunists seeking notoriety and fame for personal gain.

C.Insiders seeking to gain access to funds for illicit purposes.

D.Hacktivists seeking to make a political statement because of socio-economic factors.

CAS-003 Exam Question 70

Exhibit:

A.Please see the below
Step 1: Verify that the certificate is valid or not. In case of any warning message, cancel the download.
Step 2: If certificate issue is not there then, download the file in your system.
Step 3: Match the hash value of the downloaded file with the one which you selected on the website.
Step 4: Install the file if the hash value matches.

B.Please see the below
Step 1: Verify that the certificate is valid or not. In case of any warning message, cancel the download.
Step 2: If certificate issue is not there then, download the file in your system.
Step 3: Calculate the hash value of the downloaded file.
Step 4: Match the hash value of the downloaded file with the one which you selected on the website.
Step 5: Install the file if the hash value matches.

CAS-003 Exam Question 66

CAS-003 Exam Question 67

CAS-003 Exam Question 68

CAS-003 Exam Question 69

CAS-003 Exam Question 70

Download PDF File