CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. CAS-003

Free CAS-003 Exam Braindumps (page: 27)

Page 27 of 137
PDF with 683 Questions

An organization enables BYOD but wants to allow users to access the corporate email, calendar, and contacts from their devices. The data associated with the user’s accounts is sensitive, and therefore, the organization wants to comply with the following requirements:

-Active full-device encryption
-Enabled remote-device wipe
-Blocking unsigned applications
-Containerization of email, calendar, and contacts

Which of the following technical controls would BEST protect the data from attack or loss and meet the above requirements?

  1. Require frequent password changes and disable NFC.
  2. Enforce device encryption and activate MAM.
  3. Install a mobile antivirus application.
  4. Configure and monitor devices with an MDM.

Answer(s): D



Given the following information about a company’s internal network:

User IP space: 192.168.1.0/24
Server IP space: 192.168.192.0/25

A security engineer has been told that there are rogue websites hosted outside of the proper server space, and those websites need to be identified.

Which of the following should the engineer do?

  1. Use a protocol analyzer on 192.168.1.0/24
  2. Use a port scanner on 192.168.1.0/24
  3. Use an HTTP interceptor on 192.168.1.0/24
  4. Use a port scanner on 192.168.192.0/25
  5. Use a protocol analyzer on 192.168.192.0/25
  6. Use an HTTP interceptor on 192.168.192.0/25

Answer(s): B



The Chief Information Officer (CIO) wants to increase security and accessibility among the organization’s cloud SaaS applications. The applications are configured to use passwords, and two-factor authentication is not provided natively.

Which of the following would BEST address the CIO’s concerns?

  1. Procure a password manager for the employees to use with the cloud applications.
  2. Create a VPN tunnel between the on-premises environment and the cloud providers.
  3. Deploy applications internally and migrate away from SaaS applications.
  4. Implement an IdP that supports SAML and time-based, one-time passwords.

Answer(s): D



During a security assessment, activities were divided into two phases: internal and external exploitation. The security assessment team set a hard time limit on external activities before moving to a compromised box within the enterprise perimeter.

Which of the following methods is the assessment team most likely to employ NEXT?

  1. Pivoting from the compromised, moving laterally through the enterprise, and trying to exfiltrate data and compromise devices.
  2. Conducting a social engineering attack attempt with the goal of accessing the compromised box physically.
  3. Exfiltrating network scans from the compromised box as a precursor to social media reconnaissance
  4. Open-source intelligence gathering to identify the network perimeter and scope to enable further system compromises.

Answer(s): A



Page 27 of 137



Post your Comments and Discuss CompTIA CAS-003 exam with other Community members:

Nathan commented on April 20, 2020
I appreicate that you provide the Xengine software for free. But are you planning to keep it free! I really hope so!
GERMANY
upvote