CAS-003 Exam Question 101
The Chief Information Security Officer (CISO) has asked the security team to determine whether the organization is susceptible to a zero-day exploit utilized in the banking industry and whether attribution is possible. The CISO has asked what process would be utilized to gather the information, and then wants to apply signatureless controls to stop these kinds of attacks in the future. Which of the following are the MOST appropriate ordered steps to take to meet the CISO's request?
CAS-003 Exam Question 102
The helpdesk manager wants to find a solution that will enable the helpdesk staff to better serve company employees who call with computer-related problems. The helpdesk staff is currently unable to perform effective troubleshooting and relies on callers to describe their technology problems. Given that the helpdesk staff is located within the company headquarters and 90% of the callers are telecommuters, which of the following tools should the helpdesk manager use to make the staff more effective at troubleshooting while at the same time reducing company costs? (Select TWO).
CAS-003 Exam Question 103
The Chief Information Officer (CIO) is focused on improving IT governance within the organization to reduce system downtime.
The CIO has mandated that the following improvements be implemented:
- All business units must now identify IT risks and include them in
their business risk profiles.
- Key controls must be identified and monitored.
- Incidents and events must be recorded and reported with management
oversight.
- Exemptions to the information security policy must be formally
recorded, approved, and managed.
- IT strategy will be reviewed to ensure it is aligned with the
businesses strategy and objectives.
In addition to the above, which of the following would BEST help the CIO meet the requirements?
The CIO has mandated that the following improvements be implemented:
- All business units must now identify IT risks and include them in
their business risk profiles.
- Key controls must be identified and monitored.
- Incidents and events must be recorded and reported with management
oversight.
- Exemptions to the information security policy must be formally
recorded, approved, and managed.
- IT strategy will be reviewed to ensure it is aligned with the
businesses strategy and objectives.
In addition to the above, which of the following would BEST help the CIO meet the requirements?
CAS-003 Exam Question 104
An attacker attempts to create a DoS event against the VoIP system of a company. The attacker uses a tool to flood the network with a large number of SIP INVITE traffic. Which of the following would be LEAST likely to thwart such an attack?
CAS-003 Exam Question 105
After analyzing code, two developers al a company bring these samples to the security operations manager.
Which of the following would BEST solve these coding problems?
Which of the following would BEST solve these coding problems?