Free Access CompTIA.CAS-003.v2022-08-15.q472 Practice Test (Page 74)

Question 361

A cybersecurity analyst is conducting packet analysis on the following:

Which of the following is occurring in the given packet capture?

A.ARP spoofing

B.Broadcast storm

C.Zero-day exploit

D.Network enurneration

E.Smurf attack

Question 362

A security researcher is gathering information about a recent spoke in the number of targeted attacks against multinational banks. The spike is on top of already sustained attacks against the banks. Some of the previous attacks have resulted in the loss of sensitive data, but as of yet the attackers have not successfully stolen any funds.
Based on the information available to the researcher, which of the following is the MOST likely threat profile?

A.Opportunists seeking notoriety and fame for personal gain.

B.Nation-state-sponsored attackers conducting espionage for strategic gain.

C.Hacktivists seeking to make a political statement because of socio-economic factors.

D.Insiders seeking to gain access to funds for illicit purposes.

Question 363

A cloud architect needs to isolate the most sensitive portion of the network while maintaining hosting in a public cloud Which of the following configurations can be employed to support this effort?

A.Sandbox the servers with the public cloud by server type

B.Create a single-tenancy security group in the public cloud that hosts only similar types of servers

C.Create a hybrid cloud with an on-premises instance for the most sensitive server types.

D.Privatize the cloud by implementing an on-premises instance.

Question 364

An application present on the majority of an organization's 1,000 systems is vulnerable to a buffer overflow attack. Which of the following is the MOST comprehensive way to resolve the issue?

A.Deploy custom HIPS signatures to detect and block the attacks.

B.Validate and deploy the appropriate patch.

C.Run the application in terminal services to reduce the threat landscape.

D.Deploy custom NIPS signatures to detect and block the attacks.

Question 365

A security analyst has been asked to create a list of external IT security concerns, which are applicable to the organization. The intent is to show the different types of external actors, their attack vectors, and the types of vulnerabilities that would cause business impact. The Chief Information Security Officer (CISO) will then present this list to the board to request funding for controls in areas that have insufficient coverage.
Which of the following exercise types should the analyst perform?

A.Summarize the most recently disclosed vulnerabilities.

B.Conduct a threat modeling exercise.

C.Undertake an external vulnerability scan and penetration test.

D.Research industry best practices and the latest RFCs.

Other Version: 7489CompTIA.CAS-003.v2022-09-22.q535; 4321CompTIA.CAS-003.v2022-05-05.q206; 2991CompTIA.CAS-003.v2022-04-30.q141; 84CompTIA.Actualtestpdf.CAS-003.v2022-01-19.by.morgan.327q.pdf

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 105HP.HPE0-V27.v2025-09-11.q78; 119Oracle.1Z0-1057-23.v2025-09-10.q47; 153Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 133SAP.C-S4EWM-2023.v2025-09-08.q83; 167TheSecOpsGroup.CNSP.v2025-09-08.q20; 232CFAInstitute.ESG-Investing.v2025-09-08.q173; 214PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 154Salesforce.Data-Architect.v2025-09-05.q216; 148Adobe.AD0-E605.v2025-09-05.q50

Question 361

Question 362

Question 363

Question 364

Question 365

Download PDF File