무료 온라인 액세스 CompTIA.CAS-003.v2022-12-20.q589 모의 시험 (Page 2)

CAS-003 문제 1

A company's Chief Information Security Officer (CISO) is working with the product owners to perform a business impact assessment. The product owners provide feedback related to the critically of various business processes, personal, and technologies. Transitioning into risk assessment activities, which of the following types of information should the CISO require to determine the proper risk ranking? (Select TWO).

A. Compensating controls

B. TCO

C. Magnitude

D. ROI

E. Likelihood

F. Trend analysis

CAS-003 문제 2

A company recently experienced a security incident in which its domain controllers were the target of a DoS attack. In which of the following steps should technicians connect domain controllers to the network and begin authenticating users again?

A. Identification

B. Lessons learned

C. Containment

D. Recovery

E. Eradication

F. Preparation

CAS-003 문제 3

보안 분석가인 Ann은 인터넷에 연결된 파일 전송 서버가 공격을 받고 있다고 믿습니다. 다음 중 Ann이 이러한 서버를 보호하기 위해 조치를 취해야 한다는 주장을 경영진에게 제시하는 데 도움이 되는 증거는 무엇입니까?

A. 시스템에 연결되는 모든 IP 주소 및 해당 위치에 대한 보고서 제공

B. 분석가에게 높은 활동을 알리기 위해 특정 임계값에 경고 설정

C. 서버의 파일 전송 로그를 보여주는 보고서 제공

D. 현재 활동을 정상 활동의 기준선과 비교

CAS-003 문제 4

A newly hired security analyst has joined an established SOC team. Not long after going through corporate
orientation, a new attack method on web-based applications was publicly revealed. The security analyst
immediately brings this new information to the team lead, but the team lead is not concerned about it.
Which of the following is the MOST likely reason for the team lead's position?

A. The attack type does not meet the organization's threat model.

B. Corporate policy states that NIPS signatures must be updated every hour.

C. Web-based applications are on isolated network segments.

D. The organization has accepted the risks associated with web-based threats.

CAS-003 문제 5

Legal authorities notify a company that its network has been compromised for the second time in two years.
The investigation shows the attackers were able to use the same vulnerability on different systems in both attacks. Which of the following would have allowed the security team to use historical information to protect against the second attack?

A. Key risk indicators

B. Recovery point objectives

C. Lessons learned

D. Tabletop exercise

다른 버전: 4966CompTIA.CAS-003.v2022-07-04.q589; 2116CompTIA.CAS-003.v2022-05-09.q215

최근 업로드: 107Oracle.1Z0-908.v2025-09-06.q68; 109Oracle.1Z0-1055-24.v2025-09-05.q29; 258VMware.2V0-13.24.v2025-09-04.q75; 119Qlik.QSBA2022.v2025-09-04.q17; 119Oracle.1Z0-1073-23.v2025-09-03.q29; 120Cisco.300-820.v2025-09-03.q187; 116Oracle.1z0-1060-25.v2025-09-03.q26; 126CIPS.L5M4.v2025-09-02.q13; 140Fortinet.FCP_ZCS-AD-7.4.v2025-09-02.q12; 116PECB.ISO-45001-Lead-Auditor.v2025-09-02.q14