Free Access CompTIA.CAS-003.v2022-08-15.q472 Practice Test (Page 36)

Question 171

Which of the following provides the BEST risk calculation methodology?

A.Annual Loss Expectancy (ALE) x Value of Asset

B.Potential Loss x Event Probability x Control Failure Probability

C.Impact x Threat x Vulnerability

D.Risk Likelihood x Annual Loss Expectancy (ALE)

Question 172

A systems administrator has installed a disk wiping utility on all computers across the organization and configured it to perform a seven-pass wipe and an additional pass to overwrite the disk with zeros. The company has also instituted a policy that requires users to erase files containing sensitive information when they are no longer needed.
To ensure the process provides the intended results, an auditor reviews the following content from a randomly selected decommissioned hard disk:

Which of the following should be included in the auditor's report based in the above findings?

A.The harddisk contains bad sectors

B.Sensitive data might still be present on the hard drives.

C.The data represents part of the disk BIOS.

D.The disk has been degaussed.

Question 173

The Information Security Officer (ISO) is reviewing a summary of the findings from the last COOP tabletop exercise. The Chief Information Officer (CIO) wants to determine which additional controls must be implemented to reduce the risk of an extended customer service outage due to the VoIP system being unavailable. Which of the following BEST describes the scenario presented and the document the ISO is reviewing?

A.The ISO is evaluating the business implications of a recent telephone system failure within the BIA.

B.The ISO is investigating the impact of a possible downtime of the messaging system within the RA.

C.The ISO is calculating the budget adjustment needed to ensure audio/video system redundancy within the RFQ.

D.The ISO is assessing the effect of a simulated downtime involving the telecommunication system within the AAR.

Question 174

A company's chief cybersecurity architect wants to configure mutual authentication to access an internal payroll website. The architect has asked the administration team to determine the configuration that would provide the best defense against MITM attacks. Which of the folowing implementation approaches would BEST support the architect's goals?

A.Configure a web application proxy and institute monitoring of HTTPS transactions.

B.Install a reverse proxy in the corporate DMZ configured to decrypt TLS sessions.

C.Utilize a challenge-response prompt as required input at username/password entry.

D.Implement TLS and require the client to use its own certificate during handshake.

Question 175

A software development firm wants to validate the use of standard libraries as part of the software development process Each developer performs unit testing prior to committing changes to the code repository. Which of the following activities would be BEST to perform after a commit but before the creation of a branch?

A.Dynamic analysis

B.Static analysis

C.Web application vulnerability scanning

D.Penetration testing

E.Heuristic analysis

Other Version: 7520CompTIA.CAS-003.v2022-09-22.q535; 4322CompTIA.CAS-003.v2022-05-05.q206; 2991CompTIA.CAS-003.v2022-04-30.q141; 84CompTIA.Actualtestpdf.CAS-003.v2022-01-19.by.morgan.327q.pdf

Latest Upload: 106OCEG.GRCP.v2025-09-11.q211; 106HP.HPE0-V27.v2025-09-11.q78; 122Oracle.1Z0-1057-23.v2025-09-10.q47; 157Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 136SAP.C-S4EWM-2023.v2025-09-08.q83; 172TheSecOpsGroup.CNSP.v2025-09-08.q20; 240CFAInstitute.ESG-Investing.v2025-09-08.q173; 236PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 159Salesforce.Data-Architect.v2025-09-05.q216; 153Adobe.AD0-E605.v2025-09-05.q50

Question 171

Question 172

Question 173

Question 174

Question 175

Download PDF File