Free Access CompTIA.CAS-003.v2022-09-22.q535 Practice Test (Page 64)

Question 311

A creative services firm has a limited security budget and staff. Due to its business model, the company sends and receives a high volume of files every day through the preferred method defined by its customers. These include email, secure file transfers, and various cloud service providers. Which of the following would BEST reduce the risk of malware infection while meeting the company's resource requirements and maintaining its current workflow?

A.Implement appropriate DLP systems with strict policies.

B.Contract a cloud-based sandbox security service.

C.Configure a network-based intrusion prevention system

D.Enable customers to send and receive files via SFTP

Question 312

The results of an external penetration test for a software development company show a small number of applications account for the largest number of findings. While analyzing the content and purpose of the applications, the following matrix is created.

The findings are then categorized according to the following chart:

Which of the following would BEST reduce the amount of immediate risk incurred by the organization from a compliance and legal standpoint? (Select TWO)

A.Apply the missing OS and software patches to the server hosting Application 4

B.Place a WAF in line with Application 2

C.Use network segmentation and ACLs to control access to Application 5.

D.Move Application 3 to a secure VLAN and require employees to use a jump server for access.

E.Implement an IDS/IPS on the same network segment as Application 3

F.Install a FIM on the server hosting Application 4

Question 313

Two competing companies experienced similar attacks on their networks from various threat actors. To improve response times, the companies wish to share some threat intelligence about the sources and methods of attack. Which of the following business documents would be BEST to document this engagement?

A.Business partnership agreement

B.Memorandum of understanding

C.Service-level agreement

D.Interconnection security agreement

Question 314

A security engineer is assessing the controls that are in place to secure the corporate-Internet-facing DNS server. The engineer notices that security ACLs exist but are not being used properly. The DNS server should respond to any source but only provide information about domains it has authority over. Additionally, the DNS administrator have identified some problematic IP addresses that should not be able to make DNS requests.
Given the ACLs below:

Which of the following should the security administrator configure to meet the DNS security needs?

Question 315

A financial consulting firm recently recovered from some damaging incidents that were associated with malware installed via rootkit. Post-incident analysis is ongoing, and the incident responders and systems administrators are working to determine a strategy to reduce the risk of recurrence. The firm's systems are running modern operating systems and feature UEFI and TPMs. Which of the following technical options would provide the MOST preventive value?

A.Update and deploy GPOs

B.Strengthen the password complexity requirements

C.Update the antivirus software and definitions

D.Configure and use measured boot

Other Version: 6565CompTIA.CAS-003.v2022-08-15.q472; 4322CompTIA.CAS-003.v2022-05-05.q206; 2991CompTIA.CAS-003.v2022-04-30.q141; 84CompTIA.Actualtestpdf.CAS-003.v2022-01-19.by.morgan.327q.pdf

Latest Upload: 106Oracle.1z0-1196-25.v2025-09-12.q18; 104NetworkAppliance.NS0-162.v2025-09-12.q86; 144OCEG.GRCP.v2025-09-11.q211; 106HP.HPE0-V27.v2025-09-11.q78; 122Oracle.1Z0-1057-23.v2025-09-10.q47; 157Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 136SAP.C-S4EWM-2023.v2025-09-08.q83; 180TheSecOpsGroup.CNSP.v2025-09-08.q20; 259CFAInstitute.ESG-Investing.v2025-09-08.q173; 245PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132

Question 311

Question 312

Question 313

Question 314

Question 315

Download PDF File