Free Access CompTIA.CAS-003.v2022-09-22.q535 Practice Test (Page 76)

Question 371

A mature organization with legacy information systems has incorporated numerous new processes and dependencies to manage security as its networks and infrastructure are modernized. The Chief Information Office has become increasingly frustrated with frequent releases, stating that the organization needs everything to work completely, and the vendor should already have those desires built into the software product. The vendor has been in constant communication with personnel and groups within the organization to understand its business process and capture new software requirements from users. Which of the following methods of software development is this organization's configuration management process using?

A.Agile

B.SDL

C.Waterfall

D.Joint application development

Question 372

An application present on the majority of an organization's 1,000 systems is vulnerable to a buffer overflow attack. Which of the following is the MOST comprehensive way to resolve the issue?

A.Deploy custom HIPS signatures to detect and block the attacks.

B.Validate and deploy the appropriate patch.

C.Run the application in terminal services to reduce the threat landscape.

D.Deploy custom NIPS signatures to detect and block the attacks.

Correct Answer: B

If an application has a known issue (such as susceptibility to buffer overflow attacks) and a patch is released to resolve the specific issue, then the best solution is always to deploy the patch.
A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. Although it may occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity. In buffer overflow attacks, the extra data may contain codes designed to trigger specific actions, in effect sending new instructions to the attacked computer that could, for example, damage the user's files, change data, or disclose confidential information. Buffer overflow attacks are said to have arisen because the C programming language supplied the framework, and poor programming practices supplied the vulnerability.
Incorrect Answers:
A: This question is asking for the MOST comprehensive way to resolve the issue. A HIPS (Host Intrusion Prevention System) with custom signatures may offer some protection against an application that is vulnerable to buffer overflow attacks. However, an application that is NOT vulnerable to buffer overflow attacks (a patched application) is a better solution.
C: This question is asking for the MOST comprehensive way to resolve the issue. Running the application in terminal services may reduce the threat landscape. However, it doesn't resolve the issue. Patching the application to eliminate the threat is a better solution.
D: This question is asking for the MOST comprehensive way to resolve the issue. A NIPS (Network Intrusion Prevention System) with custom signatures may offer some protection against an application that is vulnerable to buffer overflow attacks. However, an application that is NOT vulnerable to buffer overflow attacks (a patched application) is a better solution.
References:
http://searchsecurity.techtarget.com/definition/buffer-overflow

Question 373

Drag and drop the cloud deployment model to the associated use-case scenario. Options may be used only once or not at all.

Question 374

A vulnerability was recently announced that allows a malicious user to gain root privileges on other virtual machines running within the same hardware cluster. Customers of which of the following cloud-based solutions should be MOST concerned about this vulnerability?

A.Single-tenant private cloud

B.Multitenant PaaS cloud

C.Single-tenant hybrid cloud

D.Multitenant IaaS cloud

E.Single-tenant public cloud

F.Multitenant SaaS cloud

Question 375

Which of the following BEST explains SAML?

A.An XML and SOAP-based protocol, which enables the use of PKI for code signing and SSO by using SSL and SSH to establish a trust model.

B.A security attestation model built on XML and SOAP-based services, which allows for the exchange of A&A data between systems and supports Federated Identity Management.

C.A security model built on the transfer of assertions over XML and SOAP-based protocols, which allows for seamless SSO and the open exchange of data.

D.A security verification model built on SSO and SSL-based services, which allows for the exchange of PKI data between users and supports XACML.

Other Version: 6545CompTIA.CAS-003.v2022-08-15.q472; 4322CompTIA.CAS-003.v2022-05-05.q206; 2991CompTIA.CAS-003.v2022-04-30.q141; 84CompTIA.Actualtestpdf.CAS-003.v2022-01-19.by.morgan.327q.pdf

Latest Upload: 106OCEG.GRCP.v2025-09-11.q211; 106HP.HPE0-V27.v2025-09-11.q78; 122Oracle.1Z0-1057-23.v2025-09-10.q47; 157Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 136SAP.C-S4EWM-2023.v2025-09-08.q83; 172TheSecOpsGroup.CNSP.v2025-09-08.q20; 240CFAInstitute.ESG-Investing.v2025-09-08.q173; 235PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 159Salesforce.Data-Architect.v2025-09-05.q216; 153Adobe.AD0-E605.v2025-09-05.q50

Question 371

Question 372

Question 373

Question 374

Question 375

Download PDF File