Free Access CompTIA.CAS-003.v2022-09-22.q535 Practice Test (Page 12)

Question 51

A security engineer is analyzing an application during a security assessment to ensure it is configured to protect against common threats. Given the output below:

Which of the following tools did the security engineer MOST likely use to generate this output?

A.Fuzzer

B.Application fingerprinter

C.HTTP interceptor

D.Vulnerability scanner

Question 52

An organization has implemented an Agile development process for front end web application development. A new security architect has just joined the company and wants to integrate security activities into the SDLC.
Which of the following activities MUST be mandated to ensure code quality from a security perspective?
(Select TWO).

A.Static and dynamic analysis is run as part of integration

B.Security standards and training is performed as part of the project

C.Daily stand-up meetings are held to ensure security requirements are understood

D.For each major iteration penetration testing is performed

E.Security requirements are story boarded and make it into the build

F.A security design is performed at the end of the requirements phase

Question 53

An external penetration tester compromised one of the client organization's authentication servers and retrieved the password database. Which of the following methods allows the penetration tester to MOST efficiently use any obtained administrative credentials on the client organization's other systems, without impacting the integrity of any of the systems?

A.Use the pass the hash technique

B.Use rainbow tables to crack the passwords

C.Use the existing access to change the password

D.Use social engineering to obtain the actual password

Question 54

A company wants to confirm sufficient executable space protection is in place for scenarios in which malware may be attempting buffer overflow attacks. Which of the following should the security engineer check?

A.strcpy

B.ASLR

C.ECC

D.NX/XN

Question 55

Providers at a healthcare system with many geographically dispersed clinics have been fined five times this year after an auditor received notice of the following SMS messages:

Which of the following represents the BEST solution for preventing future fines?

A.Implement FTP services between clinics to transmit text documents with the information.

B.Provide a courier service to deliver sealed documents containing public health informatics.

C.Write a policy requiring this information to be given over the phone only.

D.Implement a secure text-messaging application for mobile devices and workstations.

E.Implement a system that will tokenize patient numbers.

Other Version: 6501CompTIA.CAS-003.v2022-08-15.q472; 4303CompTIA.CAS-003.v2022-05-05.q206; 2983CompTIA.CAS-003.v2022-04-30.q141; 84CompTIA.Actualtestpdf.CAS-003.v2022-01-19.by.morgan.327q.pdf

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 223CFAInstitute.ESG-Investing.v2025-09-08.q173; 158PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 149Salesforce.Data-Architect.v2025-09-05.q216; 144Adobe.AD0-E605.v2025-09-05.q50

Question 51

Question 52

Question 53

Question 54

Question 55

Download PDF File