무료 온라인 액세스 CompTIA.CAS-003.v2022-12-20.q589 모의 시험 (Page 66)

CAS-003 문제 321

Given the following output from a security tool in Kali:

A. Log reduction

B. Network enumerator

C. Fuzzer

D. SCAP scanner

CAS-003 문제 322

Following a merger, the number of remote sites for a company has doubled to 52. The company has decided to secure each remote site with an NGFW to provide web filtering, NIDS/NIPS, and network antivirus. The Chief Information Officer (CIO) has requested that the security engineer provide recommendations on sizing for the firewall with the requirements that it be easy to manage and provide capacity for growth.
The tables below provide information on a subset of remote sites and the firewall options:

Which of the following would be the BEST option to recommend to the CIO?

A. Vendor B for all remote sites

B. Vendor A for all remote sites

C. Vendor D for all remote sites

D. Vendor C for small remote sites, and Vendor B for large sites.

E. Vendor C for all remote sites

CAS-003 문제 323

A company has decided to lower costs by conducting an internal assessment on specific devices and various internal and external subnets. The assessment will be done during regular office hours, but it must not affect any production servers.
Which of the following would MOST likely be used to complete the assessment? (Choose two.)

A. Agent-based vulnerability scan

B. Malware sandboxing

C. Configuration review

D. Tabletop exercise

E. Social engineering

F. Black-box penetration testing

CAS-003 문제 324

An organization wants to allow its employees to receive corporate email on their own smartphones. A security analyst is reviewing the following information contained within the file system of an employee's smartphone:
FamilyPix.jpg
Taxreturn.tax
paystub.pdf
employeesinfo.xls
SoccerSchedule.doc
RecruitmentPlan.xls
Based on the above findings, which of the following should the organization implement to prevent further exposure? (Choose two.)

A. Containerization

B. Side loading

C. Remote wiping

D. Jailbreaking

E. Geofencing

F. Rooting

G. VPN

CAS-003 문제 325

The following has been discovered in an internally developed application:
Error - Memory allocated but not freed:
char *myBuffer = malloc(BUFFER_SIZE);
if (myBuffer != NULL) {
*myBuffer = STRING_WELCOME_MESSAGE;
printf("Welcome to: %s\n", myBuffer);
}
exit(0);
Which of the following security assessment methods are likely to reveal this security weakness? (Select TWO).

A. Static code analysis

B. Memory dumping

C. Manual code review

D. Application sandboxing

E. Penetration testing

F. Black box testing

다른 버전: 5039CompTIA.CAS-003.v2022-07-04.q589; 2159CompTIA.CAS-003.v2022-05-09.q215

최근 업로드: 108Oracle.1Z0-1160-1.v2025-09-10.q18; 107Oracle.1z0-1054-25.v2025-09-10.q50; 104Cisco.300-710.v2025-09-10.q297; 106VMware.2V0-41.24.v2025-09-10.q104; 152Avaya.78201X.v2025-09-09.q135; 141CompTIA.220-1202.v2025-09-09.q57; 174CheckPoint.156-215.81.v2025-09-09.q391; 207ECCouncil.312-50v13.v2025-09-09.q347; 133Supermicro.SMI300XS.v2025-09-08.q15; 125Oracle.1z0-1104-25.v2025-09-08.q12