Free Access CompTIA.CAS-003.v2022-08-15.q472 Practice Test (Page 28)

Question 131

A company wants to extend its help desk availability beyond business hours. The Chief Information Officer (CIO) decides to augment the help desk with a third-party service that will answer calls and provide Tier 1 problem resolution, such as password resets and remote assistance. The security administrator implements the following firewall change:

The administrator provides the appropriate path and credentials to the third-party company. Which of the following technologies is MOST likely being used to provide access to the third company?

A.SAML

B.WAYF

C.RADIUS

D.OpenID

E.LDAP

Question 132

Company leadership believes employees are experiencing an increased number of cyber attacks; however, the metrics do not show this. Currently, the company uses "Number of successful phishing attacks" as a KRI, but it does not show an increase.
Which of the following additional information should be the Chief Information Security Officer (CISO) include in the report?

A.The percent of successful phishing attacks

B.The number of unsuccessful phishing attacks

C.The number of phishing attacks per employee

D.The ratio of phishing emails to non-phishing emails

Question 133

A system integrator wants to assess the security of the application binaries delivered by its subcontracted vendors. The vendors do not deliver source code as a part of their contract Which of the Mowing techniques can the integrator use to accomplish the objective? (Select TWO)

A.Disassemble/decompile

B.Logic flow analysis

C.Regression test

D.Code signature validation

E.Fuzziest

F.Static code analysis tool

Question 134

A systems administrator has installed a disk wiping utility on all computers across the organization and configured it to perform a seven-pass wipe and an additional pass to overwrite the disk with zeros. The company has also instituted a policy that requires users to erase files containing sensitive information when they are no longer needed.
To ensure the process provides the intended results, an auditor reviews the following content from a randomly selected decommissioned hard disk:

Which of the following should be included in the auditor's report based in the above findings?

A.The disk has been degaussed.

B.Sensitive data might still be present on the hard drives.

C.The data represents part of the disk BIOS.

D.The hard disk contains bad sectors

Question 135

During a recent audit of servers, a company discovered that a network administrator, who required remote access, had deployed an unauthorized remote access application that communicated over common ports already allowed through the firewall. A network scan showed that this remote access application had already been installed on one third of the servers in the company. Which of the following is the MOST appropriate action that the company should take to provide a more appropriate solution?

A.Implement an IPS to block the application on the network

B.Implement the remote application out to the rest of the servers

C.Implement SSL VPN with SAML standards for federation

D.Implement an ACL on the firewall with NAT for remote access

Other Version: 7502CompTIA.CAS-003.v2022-09-22.q535; 4322CompTIA.CAS-003.v2022-05-05.q206; 2991CompTIA.CAS-003.v2022-04-30.q141; 84CompTIA.Actualtestpdf.CAS-003.v2022-01-19.by.morgan.327q.pdf

Latest Upload: 106OCEG.GRCP.v2025-09-11.q211; 106HP.HPE0-V27.v2025-09-11.q78; 121Oracle.1Z0-1057-23.v2025-09-10.q47; 157Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 136SAP.C-S4EWM-2023.v2025-09-08.q83; 171TheSecOpsGroup.CNSP.v2025-09-08.q20; 238CFAInstitute.ESG-Investing.v2025-09-08.q173; 225PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 156Salesforce.Data-Architect.v2025-09-05.q216; 151Adobe.AD0-E605.v2025-09-05.q50

Question 131

Question 132

Question 133

Question 134

Question 135

Download PDF File