CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. CAS-003

Free CAS-003 Exam Braindumps (page: 23)

Page 23 of 137
PDF with 683 Questions

A network engineer is attempting to design-in resiliency characteristics for an enterprise network’s VPN services.

If the engineer wants to help ensure some resilience against zero-day vulnerabilities exploited against the VPN implementation, which of the following decisions would BEST support this objective?

  1. Implement a reverse proxy for VPN traffic that is defended and monitored by the organization’s SOC with near-real-time alerting to administrators.
  2. Subscribe to a managed service provider capable of supporting the mitigation of advanced DDoS attacks on the enterprise’s pool of VPN concentrators.
  3. Distribute the VPN concentrators across multiple systems at different physical sites to ensure some backup services are available in the event of primary site loss.
  4. Employ a second VPN layer concurrently where the other layer’s cryptographic implementation is sourced from a different vendor.

Answer(s): D



An information security officer is responsible for one secure network and one office network. Recent intelligence suggests there is an opportunity for attackers to gain access to the secure network due to similar login credentials across networks. To determine the users who should change their information, the information security officer uses a tool to scan a file with hashed values on both networks and receives the following data:


Which of the following tools was used to gather this information from the hashed values in the file?

  1. Vulnerability scanner
  2. Fuzzer
  3. MD5 generator
  4. Password cracker
  5. Protocol analyzer

Answer(s): D



A Chief Information Security Officer (CISO is reviewing and revising system configuration and hardening guides that were developed internally and have been used several years to secure the organization’s systems. The CISO knows improvements can be made to the guides.

Which of the following would be the BEST source of reference during the revision process?

  1. CVE database
  2. Internal security assessment reports
  3. Industry-accepted standards
  4. External vulnerability scan reports
  5. Vendor-specific implementation guides

Answer(s): A



A systems administrator recently joined an organization and has been asked to perform a security assessment of controls on the organization’s file servers, which contain client data from a number of sensitive systems. The administrator needs to compare documented access requirements to the access implemented within the file system.

Which of the following is MOST likely to be reviewed during the assessment? (Choose two.)

  1. Access control list
  2. Security requirements traceability matrix
  3. Data owner matrix
  4. Roles matrix
  5. Data design document
  6. Data access policies

Answer(s): A,F



Page 23 of 137



Post your Comments and Discuss CompTIA CAS-003 exam with other Community members:

Nathan commented on April 20, 2020
I appreicate that you provide the Xengine software for free. But are you planning to keep it free! I really hope so!
GERMANY
upvote