Free Access CompTIA.CAS-003.v2022-09-22.q535 Practice Test (Page 18)

Question 81

Given the following output from a local PC:

Which of the following ACLs on a stateful host-based firewall would allow the PC to serve an intranet website?

A.Allow 172.30.0.28:80 -> 172.30.0.28:443

B.Allow 172.30.0.28:80 -> 172.30.0.0/16

C.Allow 172.30.0.28:80 -> 172.30.0.28:53

D.Allow 172.30.0.28:80 -> ANY

Question 82

The government is concerned with remote military missions being negatively being impacted by the use of technology that may fail to protect operational security. To remediate this concern, a number of solutions have been implemented, including the following:
* End-to-end encryption of all inbound and outbound communication, including personal email and chat sessions that allow soldiers to securely communicate with families.
* Layer 7 inspection and TCP/UDP port restriction, including firewall rules to only allow TCP port 80 and 443 and approved applications
* A host-based whitelist of approved websites and applications that only allow mission-related tools and sites
* The use of satellite communication to include multiple proxy servers to scramble the source IP address
Which of the following is of MOST concern in this scenario?

A.Malicious actors intercepting inbound and outbound communication to determine the scope of the mission

B.Family members posting geotagged images on social media that were received via email from soldiers

C.The use of centrally managed military network and computers by soldiers when communicating with external parties

D.The effect of communication latency that may negatively impact real-time communication with mission control

Question 83

A security administrator wants to allow external organizations to cryptographically validate the company's domain name in email messages sent by employees. Which of the following should the security administrator implement?

A.SPF

B.S/MIME

C.TLS

D.DKIM

Question 84

Which of the following would be used in forensic analysis of a compromised Linux system? (Select THREE).

A.Check log files for logins from unauthorized IPs.

B.Check /proc/kmem for fragmented memory segments.

C.Check for unencrypted passwords in /etc/shadow.

D.Check timestamps for files modified around time of compromise.

E.Use lsof to determine files with future timestamps.

F.Use gpg to encrypt compromised data files.

G.Verify the MD5 checksum of system binaries.

H.Use vmstat to look for excessive disk I/O.

Question 85

An analyst is investigating anomalous behavior on a corporate-owned, corporate-managed mobile device with application whitelisting enabled, based on a name string. The employee to whom the device is assigned reports the approved email client is displaying warning messages that can launch browser windows and is adding unrecognized email addresses to the "compose" window.
Which of the following would provide the analyst the BEST chance of understanding and characterizing the malicious behavior?

A.Analyze the device firmware via the JTAG interface.

B.Penetration test the mobile application.

C.Change to a whitelist that uses cryptographic hashing.

D.Reverse engineer the application binary.

E.Perform static code analysis on the source code.

Other Version: 6501CompTIA.CAS-003.v2022-08-15.q472; 4312CompTIA.CAS-003.v2022-05-05.q206; 2985CompTIA.CAS-003.v2022-04-30.q141; 84CompTIA.Actualtestpdf.CAS-003.v2022-01-19.by.morgan.327q.pdf

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 151Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 165TheSecOpsGroup.CNSP.v2025-09-08.q20; 223CFAInstitute.ESG-Investing.v2025-09-08.q173; 169PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 150Salesforce.Data-Architect.v2025-09-05.q216; 144Adobe.AD0-E605.v2025-09-05.q50

Question 81

Question 82

Question 83

Question 84

Question 85

Download PDF File