Free Access CompTIA.CAS-003.v2022-09-22.q535 Practice Test (Page 60)

Question 291

Over the last 90 days, many storage services has been exposed in the cloud services environments, and the security team does not have the ability to see is creating these instance. Shadow IT is creating data services and instances faster than the small security team can keep up with them. The Chief information security Officer (CIASO) has asked the security officer (CISO) has asked the security lead architect to architect to recommend solutions to this problem.
Which of the following BEST addresses the problem best address the problem with the least amount of administrative effort?

A.Implement a user-behavior system to associate user events and cloud service creation events.

B.Compile a list of firewall requests and compare than against interesting cloud services.

C.Implement a CASB solution and track cloud service use cases for greater visibility.

D.Capture all log and feed then to a SIEM and then for cloud service events

Question 292

Providers at a healthcare system with many geographically dispersed clinics have been fined five times this year after an auditor received notice of the following SMS messages:

Which of the following represents the BEST solution for preventing future fines?

A.Implementasystemthatwilltokenize patientnumbers.

B.Providea courierserviceto deliversealeddocumentscontainingpublichealthinformatics.

C.ImplementFTPservices betweenclinicstotransmittext documentswiththeinformation.

D.Writea policyrequiringthisinformationto be given overthephoneonly.

E.Implementasecure text-messaging application formobiledevicesandworkstations.

Question 293

A managed service provider is designing a log aggregation service for customers who no longer want tomanage an internal SIEM infrastructure. The provider expects that customers will send all types of logs to them, and that log files could contain very sensitive entries. Customers have indicated they want on-premises and cloud-based infrastructure logs tobe stored in this new service. An engineer, who is designing the new service, is deciding how to segment customers. Which of the following is the BEST statement for the engineer to take into consideration?

A.The managed service provider should outsource security of the platform to an existing cloud company.
This willallow the new log service to be launched faster and with well-tested security controls.

B.Single-tenancy is often more expensive and has less efficient resource utilization. Multi-tenancy may increase the risk of cross-customer exposure in the event of service vulnerabilities.

C.The most secure design approach would be to give customers on-premises appliances, install agents on endpoints, and then remotely manage the service via a VPN.

D.Due to the likelihood of large log volumes, the service provider should use a multi-tenancy model for the data storage tier, enable data deduplication for storage cost efficiencies, and encrypt data at rest.

Question 294

An organization is currently working with a client to migrate data between a legacy ERP system and a
cloud-based ERP tool using a global PaaS provider. As part of the engagement, the organization is
performing data deduplication and sanitization of client data to ensure compliance with regulatory
requirements. Which of the following is the MOST likely reason for the need to sanitize the client data?

A.Data sovereignty

B.Data analytics

C.Data volume

D.Data aggregation

E.Data isolation

Question 295

Following a major security modem that resulted in a significant loss of revenue and extended loss of server availability, a new Chief Information Security Officer (CISO) conducts a root cause analysis. Which of the following additional steps should the CISO take to mitigate the chance of a recurrence?

A.Capture recommendations from a lessons-learned session with key management

B.Purchase cyber-incident insurance specifically covering the root cause

C.Compile a report containing all help desk tickets received during the incident

D.Install additional detective controls to facilitate a better root cause analysts in future incidents

Other Version: 6567CompTIA.CAS-003.v2022-08-15.q472; 4322CompTIA.CAS-003.v2022-05-05.q206; 2991CompTIA.CAS-003.v2022-04-30.q141; 84CompTIA.Actualtestpdf.CAS-003.v2022-01-19.by.morgan.327q.pdf

Latest Upload: 107Oracle.1z0-1196-25.v2025-09-12.q18; 106NetworkAppliance.NS0-162.v2025-09-12.q86; 145OCEG.GRCP.v2025-09-11.q211; 107HP.HPE0-V27.v2025-09-11.q78; 123Oracle.1Z0-1057-23.v2025-09-10.q47; 157Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 137SAP.C-S4EWM-2023.v2025-09-08.q83; 181TheSecOpsGroup.CNSP.v2025-09-08.q20; 261CFAInstitute.ESG-Investing.v2025-09-08.q173; 248PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132

Question 291

Question 292

Question 293

Question 294

Question 295

Download PDF File