무료 온라인 액세스 CompTIA.CAS-003.v2022-12-20.q589 모의 시험 (Page 80)

CAS-003 문제 391

A security consultant is conducting a network assessment and wishes to discover any legacy backup Internet connections the network may have. Where would the consultant find this information and why would it be valuable?

A. This information can be found in global routing tables, and is valuable because backup connections typically do not have perimeter protection as strong as the primary connection.

B. This information can be found by calling the regional Internet registry, and is valuable because backup connections typically do not require VPN access to the network.

C. This information can be found by accessing telecom billing records, and is valuable because backup connections typically have much lower latency than primary connections.

D. This information can be found by querying the network's DNS servers, and is valuable because backup DNS servers typically allow recursive queries from Internet hosts.

CAS-003 문제 392

A breach was caused by an insider threat in which customer PII was compromised. Following the breach, a lead security analyst is asked to determine which vulnerabilities the attacker used to access company resources.
Which of the following should the analyst use to remediate the vulnerabilities?

A. Data leak prevention

B. Root cause analysis

C. Behavioral analytics

D. Protocol analyzer

CAS-003 문제 393

A security consultant is considering authentication options for a financial institution. The following authentication options are available. Drag and drop the security mechanism to the appropriate use case. Options may be used once.

CAS-003 문제 394

A software company is releasing a new mobile application to a broad set of external customers. Because the software company is rapidly releasing new features, it has built in an over-the-air software update process that can automatically update the application at launch time. Which of the following security controls should be recommended by the company's security architect to protect the integrity of the update process? (Choose two.)

A. Validate cryptographic signatures applied to software updates

B. Perform certificate pinning of the associated code signing key

C. Require HTTPS connections for downloads of software updates

D. Ensure there are multiple download mirrors for availability

E. Enforce a click-through process with user opt-in for new features

CAS-003 문제 395

An engineer is evaluating the control profile to assign to a system containing PII, financial, and proprietary
data.

Based on the data classification table above, which of the following BEST describes the overall
classification?

A. High confidentiality, high availability

B. High confidentiality, medium availability

C. Low availability, low confidentiality

D. High integrity, low availability

다른 버전: 5038CompTIA.CAS-003.v2022-07-04.q589; 2159CompTIA.CAS-003.v2022-05-09.q215

최근 업로드: 103Oracle.1Z0-1160-1.v2025-09-10.q18; 102Oracle.1z0-1054-25.v2025-09-10.q50; 101Cisco.300-710.v2025-09-10.q297; 102VMware.2V0-41.24.v2025-09-10.q104; 144Avaya.78201X.v2025-09-09.q135; 135CompTIA.220-1202.v2025-09-09.q57; 144CheckPoint.156-215.81.v2025-09-09.q391; 178ECCouncil.312-50v13.v2025-09-09.q347; 126Supermicro.SMI300XS.v2025-09-08.q15; 122Oracle.1z0-1104-25.v2025-09-08.q12