Free Access CompTIA.CAS-003.v2022-09-22.q535 Practice Test (Page 39)

Question 186

A firewall specialist has been newly assigned to participate in red team exercises and needs to ensure the skills represent real-world threats.
Which of the following would be the BEST choice to help the new team member learn bleeding-edge techniques?

A.Interview current red team members.

B.Research methods while using Tor.

C.Attend hacking conventions.

D.Attend web-based training.

Question 187

A breach was caused by an insider threat in which customer PII was compromised. Following the breach, a lead security analyst is asked to determine which vulnerabilities the attacker used to access company resources.
Which of the following should the analyst use to remediate the vulnerabilities?

A.Protocol analyzer

B.Behavioral analytics

C.Data leak prevention

D.Root cause analysis

Question 188

An investigator wants to collect the most volatile data first in an incident to preserve the data that runs the highest risk of being lost. After memory, which of the following BEST represents the remaining order of volatility that the investigator should follow?

A.File system information, swap files, network processes, system processes and raw disk blocks.

B.Raw disk blocks, network processes, system processes, swap files and file system information.

C.System processes, network processes, file system information, swap files and raw disk blocks.

D.Raw disk blocks, swap files, network processes, system processes, and file system information.

Question 189

A medical device company is implementing a new COTS antivirus solution in its manufacturing plant. All validated machines and instruments must be retested for interoperability with the new software.
Which of the following would BEST ensure the software and instruments are working as designed?

A.Peer review

B.System design documentation

C.Static code analysis testing

D.Change control documentation

E.User acceptance testing

Question 190

An enterprise with global sites processes and exchanges highly sensitive information that is protected under several countries' arms trafficking laws. There is new information that malicious nation-state-sponsored activities are targeting the use of encryption between the geographically disparate sites. The organization currently employs ECDSA and ECDH with P-384, SHA-384, and AES-256-GCM on VPNs between sites. Which of the following techniques would MOST likely improve the resilience of the enterprise to attack on cryptographic implementation?

A.Upgrade the cipher suite to use an authenticated AES mode of operation.

B.Add a second-layer VPN from a different vendor between sites.

C.Implement an IDS with sensors inside (clear-text) and outside (cipher-text) of each tunnel between sites.

D.Ensure cryptography modules are kept up to date from vendor supplying them.

E.Use a stronger elliptic curve cryptography algorithm.

Other Version: 6549CompTIA.CAS-003.v2022-08-15.q472; 4322CompTIA.CAS-003.v2022-05-05.q206; 2991CompTIA.CAS-003.v2022-04-30.q141; 84CompTIA.Actualtestpdf.CAS-003.v2022-01-19.by.morgan.327q.pdf

Latest Upload: 106OCEG.GRCP.v2025-09-11.q211; 106HP.HPE0-V27.v2025-09-11.q78; 122Oracle.1Z0-1057-23.v2025-09-10.q47; 157Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 136SAP.C-S4EWM-2023.v2025-09-08.q83; 172TheSecOpsGroup.CNSP.v2025-09-08.q20; 240CFAInstitute.ESG-Investing.v2025-09-08.q173; 236PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 159Salesforce.Data-Architect.v2025-09-05.q216; 153Adobe.AD0-E605.v2025-09-05.q50

Question 186

Question 187

Question 188

Question 189

Question 190

Download PDF File