무료 온라인 액세스 CompTIA.CAS-003.v2022-12-20.q589 모의 시험 (Page 36)

CAS-003 문제 171

개발자는 SDLC 동안 동료의 작업에 대한 피드백을 제공해야 합니다. 코드 변경 사항을 검토하는 동안 웹 애플리케이션에 대한 개발자 세션 ID 토큰이 보안되지 않은 연결을 통해 전송됩니다. 다음 중 개발자가 취약점을 수정하기 위해 구현하도록 권장해야 하는 코드 조각은 무엇입니까?
A)

A. 옵션 A

B. 옵션 B

C. 옵션 D

D. 옵션 C

CAS-003 문제 172

보안 엔지니어는 사무실에서 DNS 조회 요청이 더 이상 작동하지 않는다는 내용의 사고 티켓을 헬프 데스크에서 받습니다. 네트워크 팀은 레이어 2 및 레이어 3 연결이 작동하는지 확인했습니다. 다음 중 보안 엔지니어가 DNS 서버가 포트 53에서 수신 대기 중인지 확인하기 위해 사용하는 도구는 무엇입니까?

A. 핑

B. 네서스

C. NSLOOKUP

D. NMAP

CAS-003 문제 173

An administrator is tasked with securing several website domains on a web server. The administrator elects to secure www.example.com, mail.example.org, archive.example.com, and www.example.org with the same certificate. Which of the following would allow the administrator to secure those domains with a single issued certificate?

A. Intermediate Root Certificate

B. Wildcard Certificate

C. EV x509 Certificate

D. Subject Alternative Names Certificate

CAS-003 문제 174

A security administrator is shown the following log excerpt from a Unix system:
2013 Oct 10 07:14:57 web14 sshd[1632]: Failed password for root from 198.51.100.23 port 37914 ssh2
2013 Oct 10 07:14:57 web14 sshd[1635]: Failed password for root from 198.51.100.23 port 37915 ssh2
2013 Oct 10 07:14:58 web14 sshd[1638]: Failed password for root from 198.51.100.23 port 37916 ssh2
2013 Oct 10 07:15:59 web14 sshd[1640]: Failed password for root from 198.51.100.23 port 37918 ssh2
2013 Oct 10 07:16:00 web14 sshd[1641]: Failed password for root from 198.51.100.23 port 37920 ssh2
2013 Oct 10 07:16:00 web14 sshd[1642]: Successful login for root from 198.51.100.23 port 37924 ssh2
Which of the following is the MOST likely explanation of what is occurring and the BEST immediate response? (Select TWO).

A. An authorized administrator has logged into the root account remotely.

B. The administrator should disable remote root logins.

C. Isolate the system immediately and begin forensic analysis on the host.

D. A remote attacker has compromised the root account using a buffer overflow in sshd.

E. A remote attacker has guessed the root password using a dictionary attack.

F. Use iptables to immediately DROP connections from the IP 198.51.100.23.

G. A remote attacker has compromised the private key of the root account.

H. Change the root password immediately to a password not found in a dictionary.

CAS-003 문제 175

A security is testing a server finds the following in the output of a vulnerability scan:

Which of the following will the security analyst most likely use NEXT to explore this further?

A. Exploitation framework

B. Vulnerability scanner

C. Visualization tool

D. Reverse engineering tools

다른 버전: 5034CompTIA.CAS-003.v2022-07-04.q589; 2159CompTIA.CAS-003.v2022-05-09.q215

최근 업로드: 130Avaya.78201X.v2025-09-09.q135; 135CompTIA.220-1202.v2025-09-09.q57; 122CheckPoint.156-215.81.v2025-09-09.q391; 164ECCouncil.312-50v13.v2025-09-09.q347; 120Supermicro.SMI300XS.v2025-09-08.q15; 121Oracle.1z0-1104-25.v2025-09-08.q12; 129SAP.C-LIXEA-2404.v2025-09-08.q60; 150Cisco.300-730.v2025-09-08.q143; 128Huawei.H19-308_V4.0.v2025-09-08.q77; 127Nutanix.NCA-6.5.v2025-09-08.q56