Free Access CompTIA.CAS-003.v2022-04-30.q141 Practice Test (Page 14)

Question 61

A company has hired an external security consultant to conduct a thorough review of all aspects of corporate security. The company is particularly concerned about unauthorized access to its physical offices resulting in network compromises. Which of the following should the consultant recommend be performed to evaluate potential risks?

A.The consultant should attempt to gain access to physical offices through social engineering and then attempt data exfiltration

B.The consultant should be granted access to all physical access control systems to review logs and evaluate the likelihood of the threat

C.The company should conduct internal audits of access logs and employee social media feeds to identify potential insider threats

D.The company should install a temporary CCTV system to detect unauthorized access to physical offices

Question 62

A security consultant is attempting to discover if the company is utilizing databases on client machines to store the customer data. The consultant reviews the following information:

Which of the following commands would have providedthis output?

A.sqlmap -w

B.ifconfig -arp

C.arp -s

D.netstat -a

Question 63

A legacy web application, which is being used by a hospital, cannot be upgraded for 12 months. A new vulnerability is found in the legacy application, and the networking team is tasked with mitigation. Middleware for mitigation will cost $100,000 per year. Which of the following must be calculated to determine ROI?
(Choose two.)

A.ALE

B.RTO

C.MTBF

D.ARO

E.RPO

Question 64

Given the following code snippet:

Of which of the following is this snippet an example?

A.Input validation

B.Buffer overflow

C.Data execution prevention

D.Failure to use standard libraries

E.Improper filed usage

Question 65

A systems administrator at a medical imaging company discovers protected health information (PHI) on a general purpose file server. Which of the following steps should the administrator take NEXT?

A.Immediately encrypt all PHI with AES 256

B.Consult the legal department to determine legal requirements

C.Delete all PHI from the network until the legal department is consulted

D.Isolate all of the PHI on its own VLAN and keep it segregated at Layer 2

Other Version: 7464CompTIA.CAS-003.v2022-09-22.q535; 6496CompTIA.CAS-003.v2022-08-15.q472; 4303CompTIA.CAS-003.v2022-05-05.q206; 84CompTIA.Actualtestpdf.CAS-003.v2022-01-19.by.morgan.327q.pdf

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 223CFAInstitute.ESG-Investing.v2025-09-08.q173; 158PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 149Salesforce.Data-Architect.v2025-09-05.q216; 144Adobe.AD0-E605.v2025-09-05.q50

Question 61

Question 62

Question 63

Question 64

Question 65

Download PDF File