Free Access CompTIA.CAS-003.v2022-08-15.q472 Practice Test (Page 47)

Question 226

A security engineer is responsible for monitoring company applications for known vulnerabilities. Which of the following is a way to stay current on exploits and information security news?

A.Update company policies and procedures

B.Subscribe to security mailing lists

C.Implement security awareness training

D.Ensure that the organization vulnerability management plan is up-to-date

Question 227

An organization wants to allow its employees to receive corporate email on their own smartphones. A security analyst is reviewing the following information contained within the file system of an employee's smartphone:
FamilyPix.jpg
Taxreturn.tax
paystub.pdf
employeesinfo.xls
SoccerSchedule.doc
RecruitmentPlan.xls
Based on the above findings, which of the following should the organization implement to prevent further exposure? (Choose two.)

A.Remote wiping

B.Rooting

C.Side loading

D.VPN

E.Geofencing

F.Containerization

G.Jailbreaking

Question 228

A system administrator has a responsibility to maintain the security of the video teleconferencing system.
During a self-audit of the video teleconferencing room, the administrator notices that speakers and microphones are hard-wired and wireless enabled.
Which of the following security concerns should the system administrator have about the existing technology in the room?

A.Wireless transmission causes interference with the video signal.

B.Bluetooth speakers could cause RF emanation concerns.

C.Wired transmissions could be intercepted by remote users.

D.Bluetooth is an unsecure communication channel.

Question 229

A security controls assessor intends to perform a holistic configuration compliance test of networked assets. The assessor has been handed a package of definitions provided in XML format, and many of the files have two common tags within them: "<object object_ref=... />"and "<state state_ref=...
/>".Which of the following tools BEST supports the use of these definitions?

A.HTTP interceptor

B.Static code analyzer

C.XML fuzzer

D.SCAP scanner

Question 230

The Chief Information Security Officer (CISO) has asked the security team to determine whether the organization is susceptible to a zero-day exploit utilized in the banking industry and whether attribution is possible. The CISO has asked what process would be utilized to gather the information, and then wants to apply signatureless controls to stop these kinds of attacks in the future. Which of the following are the MOST appropriate ordered steps to take to meet the CISO's request?

A.1. Apply artificial intelligence algorithms for detection
2. Inform the CERT team
3. Research threat intelligence and potential adversaries
4. Utilize threat intelligence to apply Big Data techniques

B.1. Perform the ongoing research of the best practices
2. Determine current vulnerabilities and threats
3. Apply Big Data techniques
4. Use antivirus control

C.1. Obtain the latest IOCs from the open source repositories
2. Perform a sweep across the network to identify positive matches
3. Sandbox any suspicious files
4. Notify the CERT team to apply a future proof threat model

D.1. Analyze the current threat intelligence
2. Utilize information sharing to obtain the latest industry IOCs
3. Perform a sweep across the network to identify positive matches
4. Apply machine learning algorithms

Other Version: 7534CompTIA.CAS-003.v2022-09-22.q535; 4322CompTIA.CAS-003.v2022-05-05.q206; 2991CompTIA.CAS-003.v2022-04-30.q141; 84CompTIA.Actualtestpdf.CAS-003.v2022-01-19.by.morgan.327q.pdf

Latest Upload: 107Oracle.1z0-1196-25.v2025-09-12.q18; 106NetworkAppliance.NS0-162.v2025-09-12.q86; 145OCEG.GRCP.v2025-09-11.q211; 107HP.HPE0-V27.v2025-09-11.q78; 123Oracle.1Z0-1057-23.v2025-09-10.q47; 157Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 137SAP.C-S4EWM-2023.v2025-09-08.q83; 181TheSecOpsGroup.CNSP.v2025-09-08.q20; 260CFAInstitute.ESG-Investing.v2025-09-08.q173; 248PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132

Question 226

Question 227

Question 228

Question 229

Question 230

Download PDF File