CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. CAS-003

Free CAS-003 Exam Braindumps (page: 73)

Page 73 of 137
PDF with 683 Questions

An incident responder wants to capture volatile memory comprehensively from a running machine for forensic purposes. The machine is running a very recent release of the Linux OS.

Which of the following technical approaches would be the MOST feasible way to accomplish this capture?

  1. Run the memdump utility with the -k flag.
  2. Use a loadable kernel module capture utility, such as LiME.
  3. Run dd on/dev/mem.
  4. Employ a stand-alone utility, such as FTK Imager.

Answer(s): D



A request has been approved for a vendor to access a new internal server using only HTTPS and SSH to manage the back-end system for the portal. Internal users just need HTTP and HTTPS access to all internal web servers. All other external access to the new server and its subnet is not allowed. The security manager must ensure proper access is configured.


Below is a snippet from the firewall related to that server (access is provided in a top-down model):


Which of the following lines should be configured to allow the proper access? (Choose two.)

  1. Move line 3 below line 4 and change port 80 to 443 on line 4.
  2. Move line 3 below line 4 and add port 443 to line.
  3. Move line 4 below line 5 and add port 80 to 8080 on line 2.
  4. Add port 22 to line 2.
  5. Add port 22 to line 5.
  6. Add port 443 to line 2.
  7. Add port 443 to line 5.

Answer(s): A,F



A firewall specialist has been newly assigned to participate in red team exercises and needs to ensure the skills represent real-world threats.

Which of the following would be the BEST choice to help the new team member learn bleeding-edge techniques?

  1. Attend hacking conventions.
  2. Research methods while using Tor.
  3. Interview current red team members.
  4. Attend web-based training.

Answer(s): A



An organization is implementing a virtualized thin-client solution for normal user computing and access. During a review of the architecture, concerns were raised that an attacker could gain access to multiple user environments by simply gaining a foothold on a single one with malware. Which of the following reasons BEST explains this?

  1. Malware on one virtual environment could enable pivoting to others by leveraging vulnerabilities in the hypervisor.
  2. A worm on one virtual environment could spread to others by taking advantage of guest OS networking services vulnerabilities.
  3. One virtual environment may have one or more application-layer vulnerabilities, which could allow an attacker to escape that environment.
  4. Malware on one virtual user environment could be copied to all others by the attached network storage controller.

Answer(s): C



Page 73 of 137



Post your Comments and Discuss CompTIA CAS-003 exam with other Community members:

Nathan commented on April 20, 2020
I appreicate that you provide the Xengine software for free. But are you planning to keep it free! I really hope so!
GERMANY
upvote