무료 온라인 액세스 CompTIA.CAS-003.v2022-12-20.q589 모의 시험 (Page 69)

CAS-003 문제 336

Following a recent outage, a systems administrator is conducting a study to determine a suitable bench stock on server hard drives.
Which of the following metrics is MOST valuable to the administrator in determining how many hard drives to keep-on hand?

A. TTR

B. ALE

C. MTBF

D. SLE

E. RPO

CAS-003 문제 337

An investigation showed a worm was introduced from an engineer's laptop. It was determined the company does not provide engineers with company-owned laptops, which would be subject to a company policy and technical controls. Which of the following would be the MOST secure control implement?

A. Deploy a company-wide approved engineering workstation for management access.

B. Deploy HIDS on all engineer-provided laptops, and put a new router in the management network.

C. Utilize a jump box that is only allowed to connect to client from the management network.

D. Implement role-based group policies on the management network for client access.

CAS-003 문제 338

A risk manager has decided to use likelihood and consequence to determine the risk of an event occurring to a company asset. Which of the following is a limitation of this approach to risk management?

A. Subjective and based on an individual's experience.

B. Requires a high degree of upfront work to gather environment details.

C. Difficult to differentiate between high, medium, and low risks.

D. Allows for cost and benefit analysis.

E. Calculations can be extremely complex to manage.

CAS-003 문제 339

A security engineer is working on a large software development project. As part of the design of the project, various stakeholder requirements were gathered and decomposed to an implementable and testable level. Various security requirements were also documented.
Organize the following security requirements into the correct hierarchy required for an SRTM.
Requirement 1: The system shall provide confidentiality for data in transit and data at rest.
Requirement 2: The system shall use SSL, SSH, or SCP for all data transport.
Requirement 3: The system shall implement a file-level encryption scheme.
Requirement 4: The system shall provide integrity for all data at rest.
Requirement 5: The system shall perform CRC checks on all files.

A. Level 1: Requirements 1 and 4; Level 2: Requirements 2, 3, and 5

B. Level 1: Requirements 1 and 4; Level 2: Requirements 2 and 3 under 1, Requirement 5 under 4

C. Level 1: Requirements 1 and 4; Level 2: Requirement 2 under 1, Requirement 5 under 4; Level 3: Requirement 3 under 2

D. Level 1: Requirements 1, 2, and 3; Level 2: Requirements 4 and 5

CAS-003 문제 340

Which of the following would MOST likely cause an organization to review and potentially rebaseline its current risk assessment?

A. Implementation of a new access control system

B. Emergence of a new class of threats

C. Decommissioning of a backup server

D. Reduction in the attack surface

다른 버전: 5038CompTIA.CAS-003.v2022-07-04.q589; 2159CompTIA.CAS-003.v2022-05-09.q215

최근 업로드: 108Oracle.1Z0-1160-1.v2025-09-10.q18; 105Oracle.1z0-1054-25.v2025-09-10.q50; 104Cisco.300-710.v2025-09-10.q297; 106VMware.2V0-41.24.v2025-09-10.q104; 151Avaya.78201X.v2025-09-09.q135; 141CompTIA.220-1202.v2025-09-09.q57; 172CheckPoint.156-215.81.v2025-09-09.q391; 197ECCouncil.312-50v13.v2025-09-09.q347; 129Supermicro.SMI300XS.v2025-09-08.q15; 124Oracle.1z0-1104-25.v2025-09-08.q12