Free Access CompTIA.CAS-003.v2022-04-30.q141 Practice Test (Page 26)

Question 121

A security analyst is reviewing the corporate MDM settings and notices some disabled settings, which consequently permit users to download programs from untrusted developers and manually install them. After some conversations, it is confirmed that these settings were disabled to support the internal development of mobile applications. The security analyst is now recommending that developers and testers have a separate device profile allowing this, and that the rest of the organization's users do not have the ability to manually download and install untrusted applications. Which of the following settings should be toggled to achieve the goal? (Choose two.)

A.Side loading

B.Signed applications

C.Containerization

D.Remote wiping

E.Sandboxing

F.OTA updates

Question 122

A large company with a very complex IT environment is considering a move from an on-premises, internally managed proxy to a cloud-based proxy solution managed by an external vendor. The current proxy provides caching, content filtering, malware analysis, and URL categorization for all staff connected behind the proxy.
Staff members connect directly to the Internet outside of the corporate network. The cloud-based version of the solution would provide content filtering, TLS decryption, malware analysis, and URL categorization. After migrating to the cloud solution, all internal proxies would be decommissioned. Which of the following would MOST likely change the company's risk profile?

A.1. There would be a loss of internal intellectual knowledge regarding proxy configurations and application data flows.
2. There would be a greater likelihood of Internet access outages due to lower resilience of cloud gateways.
3. There would be data sovereignty concerns due to changes required in routing and proxy PAC files.

B.1. Outages would be likely to occur for systems or applications with hard-coded proxy information.
2. The service would provide some level of protection for staff members working from home.
3. Malware detection times would decrease due to third-party management of the service.

C.1. The loss of local caching would dramatically increase ISP charges and impact existing bandwidth.
2. There would be a greater likelihood of Internet access outages due to lower resilience of cloud gateways.
3. There would be a loss of internal intellectual knowledge regarding proxy configurations and application data flows.

D.1. The external vendor would have access to inbound and outbound gateway traffic.
2. The service would provide some level of protection for staff working from home.
3. Outages would be likely to occur for systems or applications with hard-coded proxy information.

Question 123

An administrator wants to install a patch to an application.
INSTRUCTIONS
Given the scenario, download, verify, and install the patch in the most secure manner.
The last install that is completed will be the final submission.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

A.In this case the second link should be used (This may vary in actual exam). The first link showed the following error so it should not be used.

Also, Two of the link choices used HTTP and not HTTPS as shown when hovering over the links as shown:

Since we need to do this in the most secure manner possible, they should not be used.Finally, the second link was used and the MD5 utility of MD5sum should be used on the install.exe file as shown. Make sure that the hash matches.

Finally, type in install.exe to install it and make sure there are no signature verification errors.

B.In this case the second link should be used (This may vary in actual exam). The first link showed the following error so it should not be used.

Also, Two of the link choices used HTTP and not HTTPS as shown when hovering over the links as shown:
Since we need to do this in the most secure manner possible, they should not be used.Finally, the second link was used and the MD5 utility of MD5sum should be used on the install.exe file as shown. Make sure that the hash matches.
Finally, type in install.exe to install it and make sure there are no signature verification errors.

Question 124

Joe is a security architect who is tasked with choosing a new NIPS platform that has the ability to perform SSL inspection, analyze up to 10Gbps of traffic, can be centrally managed and only reveals inspected application payload data to specified internal security employees. Which of the following steps should Joe take to reach the desired outcome?

A.Research new technology vendors to look for potential products. Contribute to an RFP and then evaluate RFP responses to ensure that the vendor product meets all mandatory requirements. Test the product and make a product recommendation.

B.Evaluate relevant RFC and ISO standards to choose an appropriate vendor product. Research industry surveys, interview existing customers of the product and then recommend that the product be purchased.

C.Consider outsourcing the product evaluation and ongoing management to an outsourced provider on the basis that each of the requirements are met and a lower total cost of ownership (TCO) is achieved.

D.Choose a popular NIPS product and then consider outsourcing the ongoing device management to a cloud provider. Give access to internal security employees so that they can inspect the application payload data.

E.Ensure that the NIPS platform can also deal with recent technological advancements, such as threats emerging from social media, BYOD and cloud storage prior to purchasing the product.

Question 125

Given the following:

Which of the following vulnerabilities is present in the above code snippet?

A.Disclosure of database credential

B.SQL-based string concatenation

C.DOM-based injection

D.Information disclosure in comments

Other Version: 7463CompTIA.CAS-003.v2022-09-22.q535; 6492CompTIA.CAS-003.v2022-08-15.q472; 4303CompTIA.CAS-003.v2022-05-05.q206; 84CompTIA.Actualtestpdf.CAS-003.v2022-01-19.by.morgan.327q.pdf

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 223CFAInstitute.ESG-Investing.v2025-09-08.q173; 158PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 149Salesforce.Data-Architect.v2025-09-05.q216; 144Adobe.AD0-E605.v2025-09-05.q50

Question 121

Question 122

Question 123

Question 124

Question 125

Download PDF File