CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. CAS-003

Free CAS-003 Exam Braindumps (page: 59)

Page 59 of 137
PDF with 683 Questions

A newly hired Chief Information Security Officer (CISO) is reviewing the organization’s security budget from the previous year. The CISO notices $100,000 worth of fines were paid for not properly encrypting outbound email messages. The CISO expects next year’s costs associated with fines to double and the volume of messages to increase by 100%. The organization sent out approximately 25,000 messages per year over the last three years. Given the table below:


Which of the following would be BEST for the CISO to include in this year’s budget?

  1. A budget line for DLP Vendor A
  2. A budget line for DLP Vendor B
  3. A budget line for DLP Vendor C
  4. A budget line for DLP Vendor D
  5. A budget line for paying future fines

Answer(s): A



The Chief Information Security Officer (CISO) suspects that a database administrator has been tampering with financial data to the administrator’s advantage. Which of the following would allow a third-party consultant to conduct an on-site review of the administrator’s activity?

  1. Separation of duties
  2. Job rotation
  3. Continuous monitoring
  4. Mandatory vacation

Answer(s): D



While investigating suspicious activity on a server, a security administrator runs the following report:



In addition, the administrator notices changes to the /etc/shadow file that were not listed in the report. Which of the following BEST describe this scenario? (Choose two.)

  1. An attacker compromised the server and may have used a collision hash in the MD5 algorithm to hide the changes to the /etc/shadow file
  2. An attacker compromised the server and may have also compromised the file integrity database to hide the changes to the /etc/shadow file
  3. An attacker compromised the server and may have installed a rootkit to always generate valid MD5 hashes to hide the changes to the /etc/shadow file
  4. An attacker compromised the server and may have used MD5 collision hashes to generate valid passwords, allowing further access to administrator accounts on the server
  5. An attacker compromised the server and may have used SELinux mandatory access controls to hide the changes to the /etc/shadow file

Answer(s): A,B



Following the successful response to a data-leakage incident, the incident team lead facilitates an exercise that focuses on continuous improvement of the organization’s incident response capabilities. Which of the following activities has the incident team lead executed?

  1. Lessons learned review
  2. Root cause analysis
  3. Incident audit
  4. Corrective action exercise

Answer(s): A



Page 59 of 137



Post your Comments and Discuss CompTIA CAS-003 exam with other Community members:

Nathan commented on April 20, 2020
I appreicate that you provide the Xengine software for free. But are you planning to keep it free! I really hope so!
GERMANY
upvote