CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. CAS-003

Free CAS-003 Exam Braindumps (page: 48)

Page 48 of 137
PDF with 683 Questions

An organization just merged with an organization in another legal jurisdiction and must improve its network security posture in ways that do not require additional resources to implement data isolation. One recommendation is to block communication between endpoint PCs. Which of the following would be the BEST solution?

  1. Installing HIDS
  2. Configuring a host-based firewall
  3. Configuring EDR
  4. Implementing network segmentation

Answer(s): D



After several industry competitors suffered data loss as a result of cyberattacks, the Chief Operating Officer (COO) of a company reached out to the information security manager to review the organization’s security stance. As a result of the discussion, the COO wants the organization to meet the following criteria:

-Blocking of suspicious websites
-Prevention of attacks based on threat intelligence
-Reduction in spam
-Identity-based reporting to meet regulatory compliance
-Prevention of viruses based on signature
-Protect applications from web-based threats

Which of the following would be the BEST recommendation the information security manager could make?

  1. Reconfigure existing IPS resources
  2. Implement a WAF
  3. Deploy a SIEM solution
  4. Deploy a UTM solution
  5. Implement an EDR platform

Answer(s): D



A company’s chief cybersecurity architect wants to configure mutual authentication to access an internal payroll website. The architect has asked the administration team to determine the configuration that would provide the best defense against MITM attacks. Which of the following implementation approaches would BEST support the architect’s goals?

  1. Utilize a challenge-response prompt as required input at username/password entry.
  2. Implement TLS and require the client to use its own certificate during handshake.
  3. Configure a web application proxy and institute monitoring of HTTPS transactions.
  4. Install a reverse proxy in the corporate DMZ configured to decrypt TLS sessions.

Answer(s): B



A company is not familiar with the risks associated with IPv6. The systems administrator wants to isolate IPv4 from IPv6 traffic between two different network segments. Which of the following should the company implement? (Choose two.)

  1. Use an internal firewall to block UDP port 3544.
  2. Disable network discovery protocol on all company routers.
  3. Block IP protocol 41 using Layer 3 switches.
  4. Disable the DHCPv6 service from all routers.
  5. Drop traffic for ::/0 at the edge firewall.
  6. Implement a 6in4 proxy server.

Answer(s): A,C



Page 48 of 137



Post your Comments and Discuss CompTIA CAS-003 exam with other Community members:

Nathan commented on April 20, 2020
I appreicate that you provide the Xengine software for free. But are you planning to keep it free! I really hope so!
GERMANY
upvote