CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. CAS-003

Free CAS-003 Exam Braindumps (page: 16)

Page 16 of 137
PDF with 683 Questions

A company is developing requirements for a customized OS build that will be used in an embedded environment. The company procured hardware that is capable of reducing the likelihood of successful buffer overruns while executables are processing. Which of the following capabilities must be included for the OS to take advantage of this critical hardware-based countermeasure?

  1. Application whitelisting
  2. NX/XN bit
  3. ASLR
  4. TrustZone
  5. SCP

Answer(s): B



A software development team has spent the last 18 months developing a new web-based front-end that will allow clients to check the status of their orders as they proceed through manufacturing. The marketing team schedules a launch party to present the new application to the client base in two weeks. Before the launch, the security team discovers numerous flaws that may introduce dangerous vulnerabilities, allowing direct access to a database used by manufacturing. The development team did not plan to remediate these vulnerabilities during development. Which of the following SDLC best practices should the development team have followed?

  1. Implementing regression testing
  2. Completing user acceptance testing
  3. Verifying system design documentation
  4. Using a SRTM

Answer(s): D



An engineer maintains a corporate-owned mobility infrastructure, and the organization requires that all web browsing using corporate-owned resources be monitored. Which of the following would allow the organization to meet its requirement? (Choose two.)

  1. Exempt mobile devices from the requirement, as this will lead to privacy violations
  2. Configure the devices to use an always-on IPSec VPN
  3. Configure all management traffic to be tunneled into the enterprise via TLS
  4. Implement a VDI solution and deploy supporting client apps to devices
  5. Restrict application permissions to establish only HTTPS connections outside of the enterprise boundary

Answer(s): B,E



After multiple service interruptions caused by an older datacenter design, a company decided to migrate away from its datacenter. The company has successfully completed the migration of all datacenter servers and services to a cloud provider. The migration project includes the following phases:

-Selection of a cloud provider
-Architectural design
-Microservice segmentation
-Virtual private cloud
-Geographic service redundancy
-Service migration

The Chief Information Security Officer (CISO) is still concerned with the availability requirements of critical company applications. Which of the following should the company implement NEXT?

  1. Multicloud solution
  2. Single-tenancy private cloud
  3. Hybrid cloud solution
  4. Cloud access security broker

Answer(s): D



Page 16 of 137



Post your Comments and Discuss CompTIA CAS-003 exam with other Community members:

Nathan commented on April 20, 2020
I appreicate that you provide the Xengine software for free. But are you planning to keep it free! I really hope so!
GERMANY
upvote