CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. CAS-003

Free CAS-003 Exam Braindumps (page: 64)

Page 64 of 137
PDF with 683 Questions

Joe, a penetration tester, is assessing the security of an application binary provided to him by his client. Which of the following methods would be the MOST effective in reaching this objective?

  1. Employ a fuzzing utility
  2. Use a static code analyzer
  3. Run the binary in an application sandbox
  4. Manually review the binary in a text editor

Answer(s): B



A security administrator is advocating for enforcement of a new policy that would require employers with privileged access accounts to undergo periodic inspections and review of certain job performance data. To which of the following policies is the security administrator MOST likely referring?

  1. Background investigation
  2. Mandatory vacation
  3. Least privilege
  4. Separation of duties

Answer(s): B



An organization is reviewing endpoint security solutions. In evaluating products, the organization has the following requirements:

1. Support server, laptop, and desktop infrastructure
2. Due to limited security resources, implement active protection capabilities
3. Provide users with the ability to self-service classify information and apply policies
4. Protect data-at-rest and data-in-use

Which of the following endpoint capabilities would BEST meet the above requirements? (Choose two.)

  1. Data loss prevention
  2. Application whitelisting
  3. Endpoint detect and respond
  4. Rights management
  5. Log monitoring
  6. Antivirus

Answer(s): C,D



A company is migrating systems from an on-premises facility to a third-party managed datacenter. For continuity of operations and business agility, remote access to all hardware platforms must be available at all times. Access controls need to be very robust and provide an audit trail. Which of the following security controls will meet the company’s objectives? (Choose two.)

  1. Integrated platform management interfaces are configured to allow access only via SSH
  2. Access to hardware platforms is restricted to the systems administrator’s IP address
  3. Access is captured in event logs that include source address, time stamp, and outcome
  4. The IP addresses of server management interfaces are located within the company’s extranet
  5. Access is limited to interactive logins on the VDi
  6. Application logs are hashed cryptographically and sent to the SIEM

Answer(s): A,C



Page 64 of 137



Post your Comments and Discuss CompTIA CAS-003 exam with other Community members:

Nathan commented on April 20, 2020
I appreicate that you provide the Xengine software for free. But are you planning to keep it free! I really hope so!
GERMANY
upvote