CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. CAS-003

Free CAS-003 Exam Braindumps

A systems administrator at a medical imaging company discovers protected health information (PHI) on a general-purpose file server. Which of the following steps should the administrator take NEXT?

  1. Isolate all of the PHI on its own VLAN and keep it segregated at Layer 2
  2. Immediately encrypt all PHI with AES-256
  3. Delete all PHI from the network until the legal department is consulted
  4. Consult the legal department to determine legal requirements

Answer(s): B



A Chief Information Security Officer (CISO) is reviewing the results of a gap analysis with an outside cybersecurity consultant. The gap analysis reviewed all procedural and technical controls and found the following:

-High-impact controls implemented: 6 out of 10
-Medium-impact controls implemented: 409 out of 472
-Low-impact controls implemented: 97 out of 1000

The report includes a cost-benefit analysis for each control gap. The analysis yielded the following information:
-Average high-impact control implementation cost: $15,000; Probable ALE for each high-impact control gap: $95,000
-Average medium-impact control implementation cost: $6,250; Probable ALE for each medium-impact control gap: $11,000

Due to the technical construction and configuration of the corporate enterprise, slightly more than 50% of the medium-impact controls will take two years to fully implement. Which of the following conclusions could the CISO draw from the analysis?

  1. Too much emphasis has been placed on eliminating low-risk vulnerabilities in the past
  2. The enterprise security team has focused exclusively on mitigating high-level risks
  3. Because of the significant ALE for each high-risk vulnerability, efforts should be focused on those controls
  4. The cybersecurity team has balanced residual risk for both high and medium controls

Answer(s): C



After investigating virus outbreaks that have cost the company $1000 per incident, the company’s Chief Information Security Officer (CISO) has been researching new antivirus software solutions to use and be fully supported for the next two years. The CISO has narrowed down the potential solutions to four candidates that meet all the company’s performance and capability requirements:


Using the table above, which of the following would be the BEST business-driven choice among the five possible solutions?

  1. Product A
  2. Product B
  3. Product C
  4. Product D
  5. Product E

Answer(s): D



A financial consulting firm recently recovered from some damaging incidents that were associated with malware installed via rootkit. Post-incident analysis is ongoing, and the incident responders and systems administrators are working to determine a strategy to reduce the risk of recurrence. The firm’s systems are running modern operating systems and feature UEFI and TPMs. Which of the following technical options would provide the MOST preventive value?

  1. Update and deploy GPOs
  2. Configure and use measured boot
  3. Strengthen the password complexity requirements
  4. Update the antivirus software and definitions

Answer(s): D






Post your Comments and Discuss CompTIA CAS-003 exam with other Community members:

Nathan commented on April 20, 2020
I appreicate that you provide the Xengine software for free. But are you planning to keep it free! I really hope so!
GERMANY
upvote