Free Access CompTIA.CAS-003.v2022-08-15.q472 Practice Test (Page 64)

Question 311

An enterprise is trying to secure a specific web-based application by forcing the use of multifactor authentication.
Currently, the enterprise cannot change the application's sign-in page to include an extra field.
However, the web-based application supports SAML. Which of the following would BEST secure the application?

A.Deploying Shibboleth to all web-based applications in the enterprise

B.Forcing higher-complexity passwords and frequent changes

C.Using an SSO application that supports mutlifactor authentication

D.Enabling the web application to support LDAP integration

Question 312

Joe is a security architect who is tasked with choosing a new NIPS platform that has the ability to perform SSL inspection, analyze up to 10Gbps of traffic, can be centrally managed and only reveals inspected application payload data to specified internal security employees. Which of the following steps should Joe take to reach the desired outcome?

A.Research new technology vendors to look for potential products. Contribute to an RFP and then evaluate RFP responses to ensure that the vendor product meets all mandatory requirements.
Test the product and make a product recommendation.

B.Evaluate relevant RFC and ISO standards to choose an appropriate vendor product. Research industry surveys, interview existing customers of the product and then recommend that the product be purchased.

C.Consider outsourcing the product evaluation and ongoing management to an outsourced provider on the basis that each of the requirements are met and a lower total cost of ownership (TCO) is achieved.

D.Choose a popular NIPS product and then consider outsourcing the ongoing device management to a cloud provider. Give access to internal security employees so that they can inspect the application payload data.

E.Ensure that the NIPS platform can also deal with recent technological advancements, such as threats emerging from social media, BYOD and cloud storage prior to purchasing the product.

Question 313

A security engineer is assessing a new IoT product. The product interfaces with the ODBII port of a vehicle and uses a Bluetooth connection to relay data to an onboard data logger located in the vehicle. The data logger can only transfer data over a custom USB cable. The engineer suspects a relay attack is possible against the cryptographic implementation used to secure messages between segments of the system. Which of the following tools should the engineer use to confirm the analysis?

A.Binary decompiler

B.Wireless protocol analyzer

C.Network-based fuzzer

D.Log analysis and reduction tools

Question 314

A multi-national company has a highly mobile workforce and minimal IT infrastructure. The company utilizes a BYOD and social media policy to integrate presence technology into global collaboration tools by individuals and teams. As a result of the dispersed employees and frequent international travel, the company is concerned about the safety of employees and their families when moving in and out of certain countries. Which of the following could the company view as a downside of using presence technology?

A.Insider threat

B.Network reconnaissance

C.Physical security

D.Industrial espionage

Question 315

A newly hired security analyst has joined an established SOC team. Not long after going through corporate
orientation, a new attack method on web-based applications was publicly revealed. The security analyst
immediately brings this new information to the team lead, but the team lead is not concerned about it.
Which of the following is the MOST likely reason for the team lead's position?

A.The attack type does not meet the organization's threat model.

B.Corporate policy states that NIPS signatures must be updated every hour.

C.Web-based applications are on isolated network segments.

D.The organization has accepted the risks associated with web-based threats.

Other Version: 7511CompTIA.CAS-003.v2022-09-22.q535; 4322CompTIA.CAS-003.v2022-05-05.q206; 2991CompTIA.CAS-003.v2022-04-30.q141; 84CompTIA.Actualtestpdf.CAS-003.v2022-01-19.by.morgan.327q.pdf

Latest Upload: 106OCEG.GRCP.v2025-09-11.q211; 106HP.HPE0-V27.v2025-09-11.q78; 122Oracle.1Z0-1057-23.v2025-09-10.q47; 157Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 136SAP.C-S4EWM-2023.v2025-09-08.q83; 172TheSecOpsGroup.CNSP.v2025-09-08.q20; 239CFAInstitute.ESG-Investing.v2025-09-08.q173; 234PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 157Salesforce.Data-Architect.v2025-09-05.q216; 152Adobe.AD0-E605.v2025-09-05.q50

Question 311

Question 312

Question 313

Question 314

Question 315

Download PDF File