CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. CAS-003

Free CAS-003 Exam Braindumps (page: 78)

Page 78 of 137
PDF with 683 Questions

A security administrator is updating corporate policies to respond to an incident involving collusion between two systems administrators that went undetected for more than six months.

Which of the following policies would have MOST likely uncovered the collusion sooner? (Choose two.)

  1. Mandatory vacation
  2. Separation of duties
  3. Continuous monitoring
  4. Incident response
  5. Time-of-day restrictions
  6. Job rotation

Answer(s): B,F



A core router was manipulated by a credentialed bypass to send all network traffic through a secondary router under the control of an unauthorized user connected to the network by WiFi.

Which of the following would BEST reduce the risk of this attack type occurring?

  1. Implement a strong, complex password policy for user accounts that have access to the core router.
  2. Deploy 802.1X as the NAC system for the WiFi infrastructure.
  3. Add additional port security settings for the switching environment connected to the core router.
  4. Allow access to the core router management interface only through an out-of-band channel.

Answer(s): D



An infrastructure team is at the end of a procurement process and has selected a vendor. As part of the final negotiation, there are a number of outstanding issues, including:

1. Indemnity clauses have identified the maximum liability.
2. The data will be hosted and managed outside of the company’s geographical location.

The number of users accessing the system will be small, and no sensitive data will be hosted in the solution. As the security consultant of the project, which of the following should the project’s security consultant recommend as the NEXT step?

  1. Develop a security exemption, as it does not meet the security policies.
  2. Require the solution owner to accept the identified risks and consequences.
  3. Mitigate the risk by asking the vendor to accept the in-country privacy principles.
  4. Review the procurement process to determine the lessons learned.

Answer(s): B



A security analyst works for a defense contractor that produces classified research on drones. The contractor faces nearly constant attacks from sophisticated nation-state actors and other APIs.

Which of the following would help protect the confidentiality of the research data?

  1. Use diverse components in layers throughout the architecture
  2. Implement non-heterogeneous components at the network perimeter
  3. Purge all data remnants from client devices' volatile memory at regularly scheduled intervals
  4. Use only in-house developed applications that adhere to strict SDLC security requirements

Answer(s): A



Page 78 of 137



Post your Comments and Discuss CompTIA CAS-003 exam with other Community members:

Nathan commented on April 20, 2020
I appreicate that you provide the Xengine software for free. But are you planning to keep it free! I really hope so!
GERMANY
upvote