Free Access CompTIA.CAS-003.v2022-04-30.q141 Practice Test (Page 2)

Question 1

The Chief Information Officer (CIO) is focused on improving IT governance within the organization to reduce system downtime.
The CIO has mandated that the following improvements be implemented:
- All business units must now identify IT risks and include them in
their business risk profiles.
- Key controls must be identified and monitored.
- Incidents and events must be recorded and reported with management
oversight.
- Exemptions to the information security policy must be formally
recorded, approved, and managed.
- IT strategy will be reviewed to ensure it is aligned with the
businesses strategy and objectives.
In addition to the above, which of the following would BEST help the CIO meet the requirements?

A.Establish a formal change management process

B.Document legacy systems to be decommissioned and the disposal process

C.Develop a security requirement traceability matrix

D.Establish a register of core systems and identify technical service owners

Question 2

A managed service provider is designing a log aggregation service for customers who no longer want to manage an internal SIEM infrastructure. The provider expects that customers will send all types of logs to them, and that log files could contain very sensitive entries. Customers have indicated they want on- premises and cloud-based infrastructure logs to be stored in this new service. An engineer, who is designing the new service, is deciding how to segment customers.
Which of the following is the BEST statement for the engineer to take into consideration?

A.Due to the likelihood of large log volumes, the service provider should use a multi-tenancy model for the data storage tier, enable data deduplication for storage cost efficiencies, and encrypt data at rest.

B.Single-tenancy is often more expensive and has less efficient resource utilization. Multi-tenancy may increase the risk of cross-customer exposure in the event of service vulnerabilities.

C.The most secure design approach would be to give customers on-premises appliances, install agents on endpoints, and then remotely manage the service via a VPN.

D.The managed service provider should outsource security of the platform to an existing cloud company.
This will allow the new log service to be launched faster and with well-tested security controls.

Question 3

The results of an external penetration test for a software development company show a small number of applications account for the largest number of findings. While analyzing the content and purpose of the applications, the following matrix is created.

The findings are then categorized according to the following chart:

Which of the following would BEST reduce the amount of immediate risk incurred by the organization from a compliance and legal standpoint? (Select TWO)

A.Place a WAF in line with Application 2

B.Install a FIM on the server hosting Application 4

C.Use network segmentation and ACLs to control access to Application 5.

D.Move Application 3 to a secure VLAN and require employees to use a jump server for access.

E.Implement an IDS/IPS on the same network segment as Application 3

F.Apply the missing OS and software patches to the server hosting Application 4

Question 4

A security administrator must configure the database server shown below to comply with the four requirements listed. Drag and drop the appropriate ACL that should be configured on the database server to its corresponding requirement. Answer options may be used once or not at all.

Question 5

The Chief Executive Officer (CEO) of an Internet service provider (ISP) has decided to limit the company's contribution to worldwide Distributed Denial of Service (DDoS) attacks. Which of the following should the ISP implement? (Select TWO).

A.Block traffic from the ISP's networks destined for blacklisted IPs.

B.Prevent the ISP's customers from querying DNS servers other than those hosted by the ISP.

C.Scan the ISP's customer networks using an up-to-date vulnerability scanner.

D.Notify customers when services they run are involved in an attack.

E.Block traffic with an IP source not allocated to customers from exiting the ISP's network.

Other Version: 7443CompTIA.CAS-003.v2022-09-22.q535; 6476CompTIA.CAS-003.v2022-08-15.q472; 4278CompTIA.CAS-003.v2022-05-05.q206; 84CompTIA.Actualtestpdf.CAS-003.v2022-01-19.by.morgan.327q.pdf

Latest Upload: 117Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 156TheSecOpsGroup.CNSP.v2025-09-08.q20; 208CFAInstitute.ESG-Investing.v2025-09-08.q173; 155PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 145Salesforce.Data-Architect.v2025-09-05.q216; 139Adobe.AD0-E605.v2025-09-05.q50; 183Nutanix.NCP-MCI-6.10.v2025-09-05.q55; 114Oracle.1z0-591.v2025-09-05.q104

Question 1

Question 2

Question 3

Question 4

Question 5

Download PDF File