CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. CAS-003

Free CAS-003 Exam Braindumps (page: 50)

Page 50 of 137
PDF with 683 Questions

Which of the following describes a contract that is used to define the various levels of maintenance to be provided by an external business vendor in a secure environment?

  1. NDA
  2. MOU
  3. BIA
  4. SLA

Answer(s): D



Developers are working on a new feature to add to a social media platform. The new feature involves users uploading pictures of what they are currently doing. The data privacy officer (DPO) is concerned about various types of abuse that might occur due to this new feature. The DPO states the new feature cannot be released without addressing the physical safety concerns of the platform’s users.

Which of the following controls would BEST address the DPO’s concerns?

  1. Increasing blocking options available to the uploader
  2. Adding a one-hour delay of all uploaded photos
  3. Removing all metadata in the uploaded photo file
  4. Not displaying to the public who uploaded the photo
  5. Forcing TLS for all connections on the platform

Answer(s): C



A security technician receives a copy of a report that was originally sent to the board of directors by the Chief Information Security Officer (CISO).
The report outlines the following KPI/KRI data for the last 12 months:


Which of the following BEST describes what could be interpreted from the above data?

  1. 1. AV coverage across the fleet improved
    2. There is no correlation between infected systems and AV coverage.
    3. There is no correlation between detected phishing attempts and infected systems
    4. A correlation between threat landscape rating and infected systems appears to exist.
    5. Effectiveness and performance of the security team appears to be degrading.
  2. 1. AV signature coverage has remained consistently high
    2. AV coverage across the fleet improved
    3. A correlation between phishing attempts and infected systems appears to exist
    4. There is a correlation between the threat landscape rating and the security team’s performance.
    5. There is no correlation between detected phishing attempts and infected systems
  3. 1. There is no correlation between infected systems and AV coverage
    2. AV coverage across the fleet improved
    3. A correlation between phishing attempts and infected systems appears to exist
    4. There is no correlation between the threat landscape rating and the security team’s performance.
    5. There is a correlation between detected phishing attempts and infected systems
  4. 1. AV coverage across the fleet declined
    2. There is no correlation between infected systems and AV coverage.
    3. A correlation between phishing attempts and infected systems appears to exist
    4. There is no correlation between the threat landscape rating and the security team’s performance
    5. Effectiveness and performance of the security team appears to be degrading.

Answer(s): A



A Chief Information Security Officer (CISO) is reviewing the controls in place to support the organization’s vulnerability management program. The CISO finds patching and vulnerability scanning policies and procedures are in place. However, the CISO is concerned the organization is siloed and is not maintaining awareness of new risks to the organization. The CISO determines systems administrators need to participate in industry security events. Which of the following is the CISO looking to improve?

  1. Vendor diversification
  2. System hardening standards
  3. Bounty programs
  4. Threat awareness
  5. Vulnerability signatures

Answer(s): D



Page 50 of 137



Post your Comments and Discuss CompTIA CAS-003 exam with other Community members:

Nathan commented on April 20, 2020
I appreicate that you provide the Xengine software for free. But are you planning to keep it free! I really hope so!
GERMANY
upvote