무료 온라인 액세스 CompTIA.CAS-003.v2022-12-20.q589 모의 시험 (Page 46)

CAS-003 문제 221

A company monitors the performance of all web servers using WMI. A network administrator informs the security engineer that web servers hosting the company's client-facing portal are running slowly today. After some investigation, the security engineer notices a large number of attempts at enumerating host information via SNMP from multiple IP addresses.
Which of the following would be the BEST technique for the security engineer to employ in an attempt to prevent reconnaissance activity?

A. Install anti-DDoS protection in the DMZ

B. Disable SNMP on the web servers

C. Disable inbound traffic from offending sources

D. Install a HIPS on the web servers

CAS-003 문제 222

Given the following code snippet:

Of which of the following is this snippet an example?

A. Buffer overflow

B. Input validation

C. Data execution prevention

D. Failure to use standard libraries

E. Improper filed usage

CAS-003 문제 223

A company is acquiring incident response and forensic assistance from a managed security service
provider in the event of a data breach. The company has selected a partner and must now provide
required documents to be reviewed and evaluated. Which of the following documents would BEST protect
the company and ensure timely assistance? (Choose two.)

A. RA

B. RFI

C. MSA

D. BIA

E. RFQ

F. NDA

CAS-003 문제 224

An infrastructure team is at the end of a procurement process and has selected a vendor. As part of the final negotiation, there are a number of outstanding issues, including:
1. Indemnity clauses have identified the maximum liability.
2. The data will be hosted and managed outside of the company's geographical location.
The number of users accessing the system will be small, and no sensitive data will be hosted in the solution. As the security consultant of the project, which of the following should the project's security consultant recommend as the NEXT step?

A. Review the procurement process to determine the lessons learned.

B. Develop a security exemption, as it does not meet the security policies.

C. Require the solution owner to accept the identified risks and consequences.

D. Mitigate the risk by asking the vendor to accept the in-country privacy principles.

CAS-003 문제 225

When generating a new key pair, a security application asks the user to move the mouse and type random characters on the keyboard.
Which of the following BEST describes why this is necessary?

A. The user needs a non-repudiation data source in order for the application to generate the key pair.

B. The user is providing a diffusion point to the application to aid in creating the key pair.

C. The user is providing entropy so the application can use random data to create the key pair.

D. The application is requesting perfect forward secrecy from the user in order to create the key pair.

다른 버전: 5038CompTIA.CAS-003.v2022-07-04.q589; 2159CompTIA.CAS-003.v2022-05-09.q215

최근 업로드: 107Oracle.1Z0-1160-1.v2025-09-10.q18; 104Oracle.1z0-1054-25.v2025-09-10.q50; 102Cisco.300-710.v2025-09-10.q297; 104VMware.2V0-41.24.v2025-09-10.q104; 150Avaya.78201X.v2025-09-09.q135; 138CompTIA.220-1202.v2025-09-09.q57; 153CheckPoint.156-215.81.v2025-09-09.q391; 193ECCouncil.312-50v13.v2025-09-09.q347; 127Supermicro.SMI300XS.v2025-09-08.q15; 123Oracle.1z0-1104-25.v2025-09-08.q12