CompTIA CAS-003 Preparation Material
By
John William,
in CompTIA Advanced Security Practitioner Exams
Practice CompTIA CAS-003 Exam Questions
Question No: 1
An attacker exploited an unpatched vulnerability in a web framework, and then used an application service account that had an insecure configuration to download a rootkit The attacker was unable to obtain root privileges Instead the attacker then downloaded a crypto-currency mining program and subsequently was discovered The server was taken offline, rebuilt, and patched. Which of the following should the security engineer suggest to help prevent a similar scenario in the future?
A. Remove root privileges from the application service account
B. Implement separation of duties.
C. Properly configure SELinux and set it to enforce.
D. Use cron to schedule regular restarts of the service to terminate sessions.
E. Perform regular uncredentialed vulnerability scans
Answer: E
See More Questions
Information About CompTIA CAS-003 Exam
Vender: CompTIA
Exam Code: CAS-003
Exam Name: CompTIA Advanced Security Practitioner
Number Of Questions: 587
Certification Name: CompTIA Advanced Security Practitioner
Exam Language: English
Questions Type: MCQs
Material Format: PDF & Web Practice Test Software