Free Access CompTIA.CAS-003.v2022-09-22.q535 Practice Test (Page 66)

Question 321

During a security event investigation, a junior analyst fails to create an image of a server's hard drive before removing the drive and sending it to the forensics analyst. Later, the evidence from the analysis is not usable in the prosecution of the attackers due to the uncertainty of tampering. Which of the following should the junior analyst have followed?

A.Data recovery

B.Order of volatility

C.Chain of custody

D.Continuity of operations

Question 322

A security architect is implementing security measures in response to an external audit that found vulnerabilities in the corporate collaboration tool suite. The report identified the lack of any mechanism to provide confidentiality for electronic correspondence between users and between users and group mailboxes. Which of the following controls would BEST mitigate the identified vulnerability?

A.Issue digital certificates to all users, including owners of group mailboxes, and enable S/MIME

B.Federate with an existing PKI provider, and reject all non-signed emails

C.Implement two-factor email authentication, and require users to hash all email messages upon receipt

D.Provide digital certificates to all systems, and eliminate the user group or shared mailboxes

Question 323

A team is at the beginning stages of designing a new enterprise-wide application. The new application will have a large database and require a capital investment in hardware. The Chief Information Officer (СIO) has directed the team to save money and reduce the reliance on the datacenter, and the vendor must specialize in hosting large databases in the cloud. Which of the following cloud-hosting options would BEST meet these needs?

A.Multi-tenancy SaaS

B.Hybrid IaaS

C.Single-tenancy PaaS

D.Community IaaS

Question 324

A security analyst is troubleshooting a scenario in which an operator should only be allowed to reboot
remote hosts but not perform other activities. The analyst inspects the following portions of different
configuration files:
Configuration file 1:
Operator ALL=/sbin/reboot
Configuration file 2:
Command="/sbin/shutdown now", no-x11-forwarding, no-pty, ssh-dss
Configuration file 3:
Operator:x:1000:1000::/home/operator:/bin/bash
Which of the following explains why an intended operator cannot perform the intended action?

A.The passwd file is misconfigured

B.The sudoers file is locked down to an incorrect command

C.SSH command shell restrictions are misconfigured

D.The SSH command is not allowing a pty session

Question 325

A Chief Information Security Officer (CISO is reviewing and revising system configuration and hardening guides that were developed internally and have been used several years to secure the organization's systems.
The CISO knows improvements can be made to the guides.
Which of the following would be the BEST source of reference during the revision process?

A.Internal security assessment reports

B.Vendor-specific implementation guides

C.CVE database

D.Industry-accepted standards

E.External vulnerability scan reports

Other Version: 6565CompTIA.CAS-003.v2022-08-15.q472; 4322CompTIA.CAS-003.v2022-05-05.q206; 2991CompTIA.CAS-003.v2022-04-30.q141; 84CompTIA.Actualtestpdf.CAS-003.v2022-01-19.by.morgan.327q.pdf

Latest Upload: 106Oracle.1z0-1196-25.v2025-09-12.q18; 104NetworkAppliance.NS0-162.v2025-09-12.q86; 144OCEG.GRCP.v2025-09-11.q211; 106HP.HPE0-V27.v2025-09-11.q78; 122Oracle.1Z0-1057-23.v2025-09-10.q47; 157Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 136SAP.C-S4EWM-2023.v2025-09-08.q83; 180TheSecOpsGroup.CNSP.v2025-09-08.q20; 259CFAInstitute.ESG-Investing.v2025-09-08.q173; 245PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132

Question 321

Question 322

Question 323

Question 324

Question 325

Download PDF File