Free Access CompTIA.CAS-003.v2022-05-05.q206 Practice Test (Page 10)

Question 41

A newly hired systems administrator is trying to connect a new and fully updated, but very customized, Android device to access corporate resources. However, the MDM enrollment process continually fails. The administrator asks a security team member to look into the issue.
Which of the following is the MOST likely reason the MDM is not allowing enrollment?

A.The OEM is prohibited

B.The device does not support FDE

C.The device is rooted

D.The OS version is not compatible

Question 42

A systems administrator has installed a disk wiping utility on all computers across the organization and configured it to perform a seven-pass wipe and an additional pass to overwrite the disk with zeros. The company has also instituted a policy that requires users to erase files containing sensitive information when they are no longer needed.
To ensure the process provides the intended results, an auditor reviews the following content from a randomly selected decommissioned hard disk:

Which of the following should be included in the auditor's report based on the above findings?

A.Sensitive data might still be present on the hard drives.

B.The data represents part of the disk BIOS.

C.The hard disk contains bad sectors

D.The disk has been degaussed.

Question 43

While investigating suspicious activity on a server, a security administrator runs the following report:

In addition, the administrator notices changes to the /etc/shadow file that were not listed in the report. Which of the following BEST describe this scenario? (Choose two.)

A.An attacker compromised the server and may have also compromised the file integrity database to hide the changes to the /etc/shadow file

B.An attacker compromised the server and may have used SELinux mandatory access controls to hide the changes to the /etc/shadow file

C.An attacker compromised the server and may have installed a rootkit to always generate valid MD5 hashes to hide the changes to the /etc/shadow file

D.An attacker compromised the server and may have used a collision hash in the MD5 algorithm to hide the changes to the /etc/shadow file

E.An attacker compromised the server and may have used MD5 collision hashes to generate valid passwords, allowing further access to administrator accounts on the server

Question 44

A company has made it a spending priority to implement security architectures that will be resilient during an attack. Recent incidents have involved attackers leveraging latent vulnerabilities in cryptographic implementations and VPN concentrators to be able to compromise sensitive information. Patches have been slowly released for these emergent vulnerabilities, leaving weeks to months of exposed and vulnerable attack surface. Which of the following approaches would be BEST to increase enterprise resilience during similar future attacks?

A.Maximize open-source software to benefit from swifter patch releases

B.Upgrade the cryptographic ciphers used on the VPN concentrators

C.Segment remote VPN users logically from the production LAN

D.Implement appliances and software from diverse manufacturers

Question 45

A new cluster of virtual servers has been set up in a lab environment and must be audited before being allowed on the production network. The security manager needs to ensure unnecessary services are disabled and all system accounts are using strong credentials.
Which of the following tools should be used? (Choose two.)

A.SIEM

B.Packet analyzer

C.SCAP scanner

D.Fuzzer

E.Network enumerator

F.Password cracker

Other Version: 7444CompTIA.CAS-003.v2022-09-22.q535; 6477CompTIA.CAS-003.v2022-08-15.q472; 2962CompTIA.CAS-003.v2022-04-30.q141; 84CompTIA.Actualtestpdf.CAS-003.v2022-01-19.by.morgan.327q.pdf

Latest Upload: 101OCEG.GRCP.v2025-09-11.q211; 101HP.HPE0-V27.v2025-09-11.q78; 117Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 222CFAInstitute.ESG-Investing.v2025-09-08.q173; 157PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 146Salesforce.Data-Architect.v2025-09-05.q216; 140Adobe.AD0-E605.v2025-09-05.q50

Question 41

Question 42

Question 43

Question 44

Question 45

Download PDF File