Free Access CompTIA.CAS-003.v2022-09-22.q535 Practice Test (Page 17)

Question 76

A user has a laptop configured with multiple operating system installations. The operating systems are all installed on a single SSD, but each has its own partition and logical volume. Which of the following is the BEST way to ensure confidentiality of individual operating system data?

A.Encryption of each individual partition

B.Encryption of the SSD at the file level

C.FDE of each logical volume on the SSD

D.FDE of the entire SSD as a single disk

Question 77

A hospital is using a functional magnetic resonance imaging (fMRI) scanner, which is controlled legacy desktop connected to the network. The manufacturer of the fMRI will not support patching of the legacy system. The legacy desktop needs to be network accessible on TCP port 445 A security administrator is concerned the legacy system will be vulnerable to exploits Which of the following would be the BEST strategy to reduce the risk of an outage while still providing for security?

A.Apply only critical security patches for known vulnerabilities.

B.Install HIDS and disable unused services.

C.Segment the network and configure a controlled interface

D.Enable application whitelisting and disable SMB.

Question 78

A firm's Chief Executive Officer (CEO) is concerned that IT staff lacks the knowledge to identify complex vulnerabilities that may exist in a payment system being internally developed. The payment system being developed will be sold to a number of organizations and is in direct competition with another leading product. The CEO highlighted that code base confidentiality is of critical importance to allow the company to exceed the competition in terms of the product's reliability, stability, and performance. Which of the following would provide the MOST thorough testing and satisfy the CEO's requirements?

A.Sign a MOU with a marketing firm to preserve the company reputation and use in-house resources for random testing.

B.Sign a BPA with a small software consulting firm and use the firm to perform Black box testing and address all findings.

C.Sign a NDA with a large security consulting firm and use the firm to perform Grey box testing and address all findings.

D.Use the most qualified and senior developers on the project to perform a variety of White box testing and code reviews.

Question 79

An aircraft manufacturer is developing software that will perform automatic flight control (auto-pilot) Given the high safety criticality of the software the developer can BEST prove software correctness to a requirement's specification by employing:

A.formal methods

B.dynamic analysis methods

C.static code analyzers

D.test harnesses

Question 80

A security analyst is reading the results of a successful exploit that was recently conducted by third-party penetration testers. The testers reverse engineered a privileged executable. In the report, the planning and execution of the exploit is detailed using logs and outputs from the test However, the attack vector of the exploit is missing, making it harder to recommend remediation's. Given the following output:

The penetration testers MOST likely took advantage of:

A.A plain-text password disclosure

B.A TOC/TOU vulnerability

C.A buffer overflow vulnerability

D.An integer overflow vulnerability

Other Version: 6501CompTIA.CAS-003.v2022-08-15.q472; 4312CompTIA.CAS-003.v2022-05-05.q206; 2985CompTIA.CAS-003.v2022-04-30.q141; 84CompTIA.Actualtestpdf.CAS-003.v2022-01-19.by.morgan.327q.pdf

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 151Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 165TheSecOpsGroup.CNSP.v2025-09-08.q20; 223CFAInstitute.ESG-Investing.v2025-09-08.q173; 169PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 150Salesforce.Data-Architect.v2025-09-05.q216; 144Adobe.AD0-E605.v2025-09-05.q50

Question 76

Question 77

Question 78

Question 79

Question 80

Download PDF File