CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. CAS-003

Free CAS-003 Exam Braindumps (page: 30)

Page 30 of 137
PDF with 683 Questions

Due to a recent breach, the Chief Executive Officer (CEO) has requested the following activities be conducted during incident response planning:

-Involve business owners and stakeholders
-Create an applicable scenario
-Conduct a biannual verbal review of the incident response plan
-Report on the lessons learned and gaps identified

Which of the following exercises has the CEO requested?

  1. Parallel operations
  2. Full transition
  3. Internal review
  4. Tabletop
  5. Partial simulation

Answer(s): D



A government organization operates and maintains several ICS environments. The categorization of one of the ICS environments led to a moderate baseline. The organization has complied a set of applicable security controls based on this categorization.

Given that this is a unique environment, which of the following should the organization do NEXT to determine if other security controls should be considered?

  1. Check for any relevant or required overlays.
  2. Review enhancements within the current control set.
  3. Modify to a high-baseline set of controls.
  4. Perform continuous monitoring.

Answer(s): C



A security researcher is gathering information about a recent spoke in the number of targeted attacks against multinational banks. The spike is on top of already sustained attacks against the banks. Some of the previous attacks have resulted in the loss of sensitive data, but as of yet the attackers have not successfully stolen any funds.

Based on the information available to the researcher, which of the following is the MOST likely threat profile?

  1. Nation-state-sponsored attackers conducting espionage for strategic gain.
  2. Insiders seeking to gain access to funds for illicit purposes.
  3. Opportunists seeking notoriety and fame for personal gain.
  4. Hacktivists seeking to make a political statement because of socio-economic factors.

Answer(s): D



A security analyst is inspecting pseudocode of the following multithreaded application:


Which of the following security concerns is evident in the above pseudocode?

  1. Time of check/time of use
  2. Resource exhaustion
  3. Improper storage of sensitive data
  4. Privilege escalation

Answer(s): A



Page 30 of 137



Post your Comments and Discuss CompTIA CAS-003 exam with other Community members:

Nathan commented on April 20, 2020
I appreicate that you provide the Xengine software for free. But are you planning to keep it free! I really hope so!
GERMANY
upvote