무료 온라인 액세스 CompTIA.CAS-003.v2022-12-20.q589 모의 시험 (Page 51)

CAS-003 문제 246

An infrastructure team is at the end of a procurement process and has selected a vendor. As part of the final negotiations, there are a number of outstanding issues, including:
1. Indemnity clauses have identified the maximum liability
2. The data will be hosted and managed outside of the company's
geographical location
The number of users accessing the system will be small, and no sensitive data will be hosted in the solution. As the security consultant on the project, which of the following should the project's security consultant recommend as the NEXT step?

A. Require the solution owner to accept the identified risks and consequences

B. Develop a security exemption, as it does not meet the security policies

C. Review the entire procurement process to determine the lessons learned

D. Mitigate the risk by asking the vendor to accept the in-country privacy principles

CAS-003 문제 247

A security engineer at a company is designing a system to mitigate recent setbacks caused competitors that are beating the company to market with the new products. Several of the products incorporate propriety enhancements developed by the engineer's company. The network already includes a SEIM and a NIPS and requires 2FA for all user access. Which of the following system should the engineer consider NEXT to mitigate the associated risks?

A. Data flow enforcement

B. DLP

C. Mail gateway

D. UTM

CAS-003 문제 248

An organization is selecting a SaaS provider to replace its legacy, in house Customer Resource Management (CRM) application. Which of the following ensures the organization mitigates the risk of managing separate user credentials?

A. Ensure the SaaS provider supports dual factor authentication.

B. Ensure the SaaS provider supports encrypted password transmission and storage.

C. Ensure the SaaS provider supports secure hash file exchange.

D. Ensure the SaaS provider supports role-based access control.

E. Ensure the SaaS provider supports directory services federation.

CAS-003 문제 249

사고 대응자는 포렌식 목적으로 실행 중인 시스템에서 휘발성 메모리를 포괄적으로 캡처하려고 합니다. 머신은 Linux OS의 최신 릴리스를 실행하고 있습니다.
다음 중 이 캡처를 수행하는 가장 실현 가능한 방법은 무엇입니까?

A. dd on/dev/mem을 실행합니다.

B. -k 플래그와 함께 memdump 유틸리티를 실행합니다.

C. LiME와 같은 로드 가능한 커널 모듈 캡처 유틸리티를 사용합니다.

D. FTK Imager와 같은 독립 실행형 유틸리티를 사용합니다.

CAS-003 문제 250

An organization's network engineering team recently deployed a new software encryption solution to ensure the confidentiality of data at rest, which was found to add 300ms of latency to data read-write requests in storage, impacting business operations.
Which of the following alternative approaches would BEST address performance requirements while meeting the intended security objective?

A. Employ hardware FDE or SED solutions.

B. Utilize a more efficient cryptographic hash function.

C. Replace HDDs with SSD arrays.

D. Use a FIFO pipe a multithreaded software solution.

다른 버전: 5039CompTIA.CAS-003.v2022-07-04.q589; 2159CompTIA.CAS-003.v2022-05-09.q215

최근 업로드: 108Oracle.1Z0-1160-1.v2025-09-10.q18; 107Oracle.1z0-1054-25.v2025-09-10.q50; 104Cisco.300-710.v2025-09-10.q297; 106VMware.2V0-41.24.v2025-09-10.q104; 152Avaya.78201X.v2025-09-09.q135; 141CompTIA.220-1202.v2025-09-09.q57; 173CheckPoint.156-215.81.v2025-09-09.q391; 205ECCouncil.312-50v13.v2025-09-09.q347; 130Supermicro.SMI300XS.v2025-09-08.q15; 125Oracle.1z0-1104-25.v2025-09-08.q12