Free Access CompTIA.CAS-003.v2022-09-22.q535 Practice Test (Page 102)

Question 501

A government organization operates and maintains several ICS environments. The categorization of one of the ICS environments led to a moderate baseline. The organization has complied a set of applicable security controls based on this categorization.
Given that this is a unique environment, which of the following should the organization do NEXT to determine if other security controls should be considered?

A.Modify to a high-baseline set of controls.

B.Perform continuous monitoring.

C.Review enhancements within the current control set.

D.Check for any relevant or required overlays.

Question 502

A security analyst is reviewing an endpoint that was found to have a rookit installed. The rootkit survived multiple attempts to clean the endpoints, as well as an attempt to reinstall the QS. The security analyst needs to implement a method to prevent other endpoint from having similar issues. Which of the following would BEST accomplish this objective?

A.Utilize measured boot attestation.

B.Reset the motherboard's TPM chip.

C.Configure custom anti-malware rules.

D.Reinstall the OS with known-good media.

E.Enforce the secure boot process.

Question 503

A security policy states that all applications on the network must have a password length of eight characters. There are three legacy applications on the network that cannot meet this policy. One system will be upgraded in six months, and two are not expected to be upgraded or removed from the network. Which of the following processes should be followed?

A.Establish a risk matrix

B.Inherit the risk for six months

C.Provide a business justification to avoid the risk

D.Provide a business justification for a risk exception

Question 504

Which of the following is an external pressure that causes companies to hire security assessors and penetration testers?

A.Lack of adequate in-house testing skills.

B.Requirements for geographically based assessments

C.Cost reduction measures

D.Regulatory insistence on independent reviews.

Question 505

A security administrator is hardening a TrustedSolaris server that processes sensitive data. The data owner has established the following security requirements:
* The data is for internal consumption only and shall not be distributed to outside individuals
* The systems administrator should not have access to the data processed by the server
* The integrity of the kernel image is maintained
Which of the following host-based security controls BEST enforce the data owner's requirements? (Choose three.)

A.Host-based firewall

B.Watermarking

C.DLP

D.HIDS

E.Data encryption

F.SELinux

G.Measured boot

Other Version: 6488CompTIA.CAS-003.v2022-08-15.q472; 4303CompTIA.CAS-003.v2022-05-05.q206; 2972CompTIA.CAS-003.v2022-04-30.q141; 84CompTIA.Actualtestpdf.CAS-003.v2022-01-19.by.morgan.327q.pdf

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 223CFAInstitute.ESG-Investing.v2025-09-08.q173; 158PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 148Salesforce.Data-Architect.v2025-09-05.q216; 144Adobe.AD0-E605.v2025-09-05.q50

Question 501

Question 502

Question 503

Question 504

Question 505

Download PDF File