Free Access CompTIA.CAS-003.v2022-08-15.q472 Practice Test (Page 84)

Question 411

A security engineer is attempting to convey the importance of including job rotation in a company's
standard security policies. Which of the following would be the BEST justification?

A.Forcing different people to perform the same job minimizes the amount of time malicious actions go
undetected by forcing malicious actors to attempt collusion between two or more people.

B.It eliminates the need to share administrative account passwords because employees gain
administrative rights as they rotate into a new job area.

C.Making employees rotate through jobs ensures succession plans can be implemented and prevents
single point of failure.

D.Administrators and engineers who perform multiple job functions throughout the day benefit from being
cross-trained in new job areas.

Question 412

A Chief Information Security Officer (CISO) wants to set up a SOC to respond to security threats and events more quickly. The SOC must have the following capacities:
* Real-time response
* Visualization
* Threat intelligence integration
* Cross-referencing from multiple sources
* Deduplication
Which of the following technologies would BEST meet these requirements?

A.UTM

B.SIEM

C.EDR

D.OSINT

Question 413

The Chief Information Security Officer (CISO) suspects that a database administrator has been tampering with financial data to the administrator's advantage. Which of the following would allow a third-party consultant to conduct an on-site review of the administrator's activity?

A.Separation of duties

B.Job rotation

C.Continuous monitoring

D.Mandatory vacation

Question 414

Several corporate users returned from an international trip with compromised operating systems on their cellular devices Additionally. intelligence reports confirm some international carriers are able to modify firmware unexpectedly even when the WDM policy is set to disable FOTA updates Which of the following mitigations is operationally feasible and MOST likely to reduce the risk of firmware compromise by a carrier white traveling internationally?

A.Disable the ability to connect to third-party application stores

B.Disable the smartphone's cellular radio and require the use of Wifi.

C.Enforce the use of an always-on SSL VPN with FlPS-validated encryption

D.issue device PKI certificates to ensure mutual authentication

Question 415

A security administrator is shown the following log excerpt from a Unix system:
2013 Oct 10 07:14:57 web14 sshd[1632]: Failed password for root from
198.51.100.23 port 37914 ssh2
2013 Oct 10 07:14:57 web14 sshd[1635]: Failed password for root from
198.51.100.23 port 37915 ssh2
2013 Oct 10 07:14:58 web14 sshd[1638]: Failed password for root from
198.51.100.23 port 37916 ssh2
2013 Oct 10 07:15:59 web14 sshd[1640]: Failed password for root from
198.51.100.23 port 37918 ssh2
2013 Oct 10 07:16:00 web14 sshd[1641]: Failed password for root from
198.51.100.23 port 37920 ssh2
2013 Oct 10 07:16:00 web14 sshd[1642]: Successful login for root from
198.51.100.23 port 37924 ssh2
Which of the following is the MOST likely explanation of what is occurring and the BEST immediate response? (Select TWO).

A.An authorized administrator has logged into the root account remotely.

B.The administrator should disable remote root logins.

C.Isolate the system immediately and begin forensic analysis on the host.

D.A remote attacker has compromised the root account using a buffer overflow in sshd.

E.A remote attacker has guessed the root password using a dictionary attack.

F.Use iptables to immediately DROP connections from the IP 198.51.100.23.

G.A remote attacker has compromised the private key of the root account.

H.Change the root password immediately to a password not found in a dictionary.

Other Version: 7485CompTIA.CAS-003.v2022-09-22.q535; 4321CompTIA.CAS-003.v2022-05-05.q206; 2991CompTIA.CAS-003.v2022-04-30.q141; 84CompTIA.Actualtestpdf.CAS-003.v2022-01-19.by.morgan.327q.pdf

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 153Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 166TheSecOpsGroup.CNSP.v2025-09-08.q20; 229CFAInstitute.ESG-Investing.v2025-09-08.q173; 176PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 152Salesforce.Data-Architect.v2025-09-05.q216; 148Adobe.AD0-E605.v2025-09-05.q50

Question 411

Question 412

Question 413

Question 414

Question 415

Download PDF File