무료 온라인 액세스 CompTIA.CAS-003.v2022-12-20.q589 모의 시험 (Page 65)

CAS-003 문제 316

A security technician receives a copy of a report that was originally sent to the board of directors by the Chief Information Security Officer (CISO).
The report outlines the following KPVKRI data for the last 12 months:

Which of the following BEST describes what could be interpreted from the above data?

A. 1. AV coverage across the fleet improved2. There is no correlation between infected systems and AV coverage.3. There is no correlation between detected phishing attempts and infected systems4. A correlation between threat landscape rating and infected systems appears to exist.5. Effectiveness and performance of the security team appears to be degrading.

B. 1. AV coverage across the fleet declined2. There is no correlation between infected systems and AV coverage.3. A correlation between phishing attempts and infected systems appears to exist4. There is no correlation between the threat landscape rating and the security team's performance5. Effectiveness and performance of the security team appears to be degrading.

C. 1. AV signature coverage has remained consistently high2. AV coverage across the fleet improved3. A correlation between phishing attempts and infected systems appears to exist4. There is a correlation between the threat landscape rating and the security team's performance.5. There is no correlation between detected phishing attempts and infected systems

D. 1. There is no correlation between infected systems and AV coverage2. AV coverage across the fleet improved3. A correlation between phishing attempts and infected systems appears to exist4. There is no correlation between the threat landscape rating and the security team's performance.5. There is a correlation between detected phishing attempts and infected systems

CAS-003 문제 317

보안 관리자가 오프라인 암호 감사의 다음 출력을 검토하고 있습니다.

다음 중 시스템 관리자가 이 감사 결과를 가장 잘 처리하기 위해 구현해야 하는 것은 무엇입니까? (2개를 선택하세요.)

A. 암호화 프로세서

B. 비크립트

C. SHA-256

D. PBKDF2

E. 메시지 인증

CAS-003 문제 318

A security engineer successfully exploits an application during a penetration test. As proof of the exploit, the security engineer takes screenshots of how data was compromised in the application. Given the information below from the screenshot.

Which of the following tools was MOST likely used to exploit the application?

A. The engineer queried the server and edited the data using an HTTP proxy interceptor

B. The engineer captured the data with a protocol analyzer, and then utilized Python to edit the data

C. The engineer used a cross-site script sent via curl to edit the data

D. The engineer captured the HTTP headers, and then replaced the JSON data with a banner-grabbing tool

CAS-003 문제 319

A security analyst, who is working in a Windows environment, has noticed a significant amount of IPv6 traffic originating from a client, even though IPv6 is not currently in use. The client is a stand-alone device, not connected to the AD that manages a series of SCADA devices used for manufacturing. Which of the following is the appropriate command to disable the client's IPv6 stack?

A. Option C

B. Option D

C. Option A

D. Option B

CAS-003 문제 320

A large company with a very complex IT environment is considering a move from an on-premises, internally managed proxy to a cloud-based proxy solution managed by an external vendor. The current proxy provides caching, content filtering, malware analysis, and URL categorization for all staff connected behind the proxy.
Staff members connect directly to the Internet outside of the corporate network. The cloud-based version of the solution would provide content filtering, TLS decryption, malware analysis, and URL categorization. After migrating to the cloud solution, all internal proxies would be decommissioned. Which of the following would MOST likely change the company's risk profile?

A. 1. Outages would be likely to occur for systems or applications with hard-coded proxy information.2.
The service would provide some level of protection for staff members working from home.3. Malware detection times would decrease due to third-party management of the service.

B. 1. The loss of local caching would dramatically increase ISP changes and impact existing bandwidth.2.
There would be a greater likelihood of Internet access outages due to lower resilience of cloud gateways.3. There would be a loss of internal intellectual knowledge regarding proxy configurations and application data flows.

C. 1. The external vendor would have access to inbound and outbound gateway traffic.2. The service would provide some level of protection for staff working from home.3. Outages would be likely to occur for systems or applications with hard-coded proxy information.

D. 1. There would be a loss of internal intellectual knowledge regarding proxy configurations and application data flows.2. There would be a greater likelihood of Internet access outages due to lower resilience of cloud gateways.3. There would be data sovereignty concerns due to changes required in routing and proxy PAC files.

다른 버전: 5039CompTIA.CAS-003.v2022-07-04.q589; 2159CompTIA.CAS-003.v2022-05-09.q215

최근 업로드: 108Oracle.1Z0-1160-1.v2025-09-10.q18; 107Oracle.1z0-1054-25.v2025-09-10.q50; 104Cisco.300-710.v2025-09-10.q297; 106VMware.2V0-41.24.v2025-09-10.q104; 152Avaya.78201X.v2025-09-09.q135; 141CompTIA.220-1202.v2025-09-09.q57; 174CheckPoint.156-215.81.v2025-09-09.q391; 207ECCouncil.312-50v13.v2025-09-09.q347; 133Supermicro.SMI300XS.v2025-09-08.q15; 125Oracle.1z0-1104-25.v2025-09-08.q12