CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. CAS-003

Free CAS-003 Exam Braindumps (page: 8)

Page 8 of 137
PDF with 683 Questions

After embracing a BYOD policy, a company is faced with new security challenges from unmanaged mobile devices and laptops. The company’s IT department has seen a large number of the following incidents:

-Duplicate IP addresses
-Rogue network devices
-Infected systems probing the company’s network

Which of the following should be implemented to remediate the above issues? (Choose two.)

  1. Port security
  2. Route protection
  3. NAC
  4. HIPS
  5. NIDS

Answer(s): B,C



Following a security assessment, the Chief Information Security Officer (CISO) is reviewing the results of the assessment and evaluating potential risk treatment strategies. As part of the CISO’s evaluation, a judgment of potential impact based on the identified risk is performed. To prioritize response actions, the CISO uses past experience to take into account the exposure factor as well as the external accessibility of the weakness identified. Which of the following is the CISO performing?

  1. Documentation of lessons learned
  2. Quantitative risk assessment
  3. Qualitative assessment of risk
  4. Business impact scoring
  5. Threat modeling

Answer(s): B



A Chief Information Officer (CIO) publicly announces the implementation of a new financial system. As part of a security assessment that includes a social engineering task, which of the following tasks should be conducted to demonstrate the BEST means to gain information to use for a report on social vulnerability details about the financial system?

  1. Call the CIO and ask for an interview, posing as a job seeker interested in an open position
  2. Compromise the email server to obtain a list of attendees who responded to the invitation who is on the IT staff
  3. Notify the CIO that, through observation at events, malicious actors can identify individuals to befriend
  4. Understand the CIO is a social drinker, and find the means to befriend the CIO at establishments the CIO frequents

Answer(s): D



A recent assessment identified that several users’ mobile devices are running outdated versions of endpoint security software that do not meet the company’s security policy. Which of the following should be performed to ensure the users can access the network and meet the company’s security requirements?

  1. Vulnerability assessment
  2. Risk assessment
  3. Patch management
  4. Device quarantine
  5. Incident management

Answer(s): C



Page 8 of 137



Post your Comments and Discuss CompTIA CAS-003 exam with other Community members:

Nathan commented on April 20, 2020
I appreicate that you provide the Xengine software for free. But are you planning to keep it free! I really hope so!
GERMANY
upvote