CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. CAS-003

Free CAS-003 Exam Braindumps (page: 39)

Page 39 of 137
PDF with 683 Questions

A forensic analyst suspects that a buffer overflow exists in a kernel module. The analyst executes the following command:


However, the analyst is unable to find any evidence of the running shell.
Which of the following of the MOST likely reason the analyst cannot find a process ID for the shell?

  1. The NX bit is enabled
  2. The system uses ASLR
  3. The shell is obfuscated
  4. The code uses dynamic libraries

Answer(s): C



Ann, a terminated employee, left personal photos on a company-issued laptop and no longer has access to them. Ann emails her previous manager and asks to get her personal photos back.

Which of the following BEST describes how the manager should respond?

  1. Determine if the data still exists by inspecting to ascertain if the laptop has already been wiped and if the storage team has recent backups.
  2. Inform Ann that the laptop was for company data only and she should not have stored personal photos on a company asset.
  3. Report the email because it may have been a spoofed request coming from an attacker who is trying to exfiltrate data from the company laptop.
  4. Consult with the legal and/or human resources department and check company policies around employment and termination procedures.

Answer(s): D



During the decommissioning phase of a hardware project, a security administrator is tasked with ensuring no sensitive data is released inadvertently. All paper records are scheduled to be shredded in a crosscut shredder, and the waste will be burned. The system drives and removable media have been removed prior to e-cycling the hardware.

Which of the following would ensure no data is recovered from the system drives once they are disposed of?

  1. Overwriting all HDD blocks with an alternating series of data.
  2. Physically disabling the HDDs by removing the drive head.
  3. Demagnetizing the hard drive using a degausser.
  4. Deleting the UEFI boot loaders from each HD

Answer(s): C



A company has decided to lower costs by conducting an internal assessment on specific devices and various internal and external subnets. The assessment will be done during regular office hours, but it must not affect any production servers.

Which of the following would MOST likely be used to complete the assessment? (Choose two.)

  1. Agent-based vulnerability scan
  2. Black-box penetration testing
  3. Configuration review
  4. Social engineering
  5. Malware sandboxing
  6. Tabletop exercise

Answer(s): A,C



Page 39 of 137



Post your Comments and Discuss CompTIA CAS-003 exam with other Community members:

Nathan commented on April 20, 2020
I appreicate that you provide the Xengine software for free. But are you planning to keep it free! I really hope so!
GERMANY
upvote