CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. CAS-003

Free CAS-003 Exam Braindumps (page: 58)

Page 58 of 137
PDF with 683 Questions

A technician is configuring security options on the mobile device manager for users who often utilize public Internet connections while travelling. After ensuring that full disk encryption is enabled, which of the following security measures should the technician take? (Choose two.)

  1. Require all mobile device backups to be encrypted
  2. Ensure all mobile devices back up using USB OTG
  3. Issue a remote wipe of corporate and personal partitions
  4. Restrict devices from making long-distance calls during business hours
  5. Implement an always-on VPN

Answer(s): A,E



A systems administrator receives an advisory email that a recently discovered exploit is being used in another country and the financial institutions have ceased operations while they find a way to respond to the attack.
Which of the following BEST describes where the administrator should look to find information on the attack to determine if a response must be prepared for the systems? (Choose two.)

  1. Bug bounty websites
  2. Hacker forums
  3. Antivirus vendor websites
  4. Trade industry association websites
  5. CVE database
  6. Company’s legal department

Answer(s): B,E



A security assessor is working with an organization to review the policies and procedures associated with managing the organization’s virtual infrastructure. During a review of the virtual environment, the assessor determines the organization is using servers to provide more than one primary function, which violates a regulatory requirement. The assessor reviews hardening guides and determines policy allows for this configuration. It would be MOST appropriate for the assessor to advise the organization to:

  1. segment dual-purpose systems on a hardened network segment with no external access
  2. assess the risks associated with accepting non-compliance with regulatory requirements
  3. update system implementation procedures to comply with regulations
  4. review regulatory requirements and implement new policies on any newly provisioned servers

Answer(s): C



While conducting a BIA for a proposed acquisition, the IT integration team found that both companies outsource CRM services to competing and incompatible third-party cloud services. The decision has been made to bring the CRM service in-house, and the IT team has chosen a future solution. With which of the following should the Chief Information Security Officer (CISO) be MOST concerned? (Choose two.)

  1. Data remnants
  2. Sovereignty
  3. Compatible services
  4. Storage encryption
  5. Data migration
  6. Chain of custody

Answer(s): A,D



Page 58 of 137



Post your Comments and Discuss CompTIA CAS-003 exam with other Community members:

Nathan commented on April 20, 2020
I appreicate that you provide the Xengine software for free. But are you planning to keep it free! I really hope so!
GERMANY
upvote