Free Access CompTIA.CAS-003.v2022-09-22.q535 Practice Test (Page 78)

Question 381

A company is in the process of implementing a new front end user interface for its customers, the goal is to provide them with more self-service functionality. The application has been written by developers over the last six months and the project is currently in the test phase.
Which of the following security activities should be implemented as part of the SDL in order to provide the MOST security coverage over the solution? (Select TWO).

A.Perform unit testing of the binary code

B.Perform code review over a sampling of the front end source code

C.Perform black box penetration testing over the solution

D.Perform grey box penetration testing over the solution

E.Perform static code review over the front end source code

Question 382

An organization enables BYOD but wants to allow users to access the corporate email, calendar, and contacts from their devices. The data associated with the user's accounts is sensitive, and therefore, the organization wants to comply with the following requirements:
Active full-device encryption
Enabled remote-device wipe
Blocking unsigned applications
Containerization of email, calendar, and contacts
Which of the following technical controls would BEST protect the data from attack or loss and meet the above requirements?

A.Configure and monitor devices with an MDM.

B.Require frequent password changes and disable NFC.

C.Install a mobile antivirus application.

D.Enforce device encryption and activate MAM.

Question 383

A security administrator wants to implement controls to harden company-owned mobile devices.
Company policy specifies the following requirements:
- Mandatory access control must be enforced by the OS.
- Devices must only use the mobile carrier data transport.
Which of the following controls should the security administrator implement? (Select three).

A.Enable DLP

B.Enable SEAndroid

C.Enable EDR

D.Enable secure boot

E.Enable remote wipe

F.Disable Bluetooth

G.Disable 802.11

H.Disable geotagging

Question 384

Given the following:

Which of the following vulnerabilities is present in the above code snippet?

A.DOM-basedinjection

B.SQL-basedstringconcatenation

C.Disclosureofdatabasecredential

D.Informationdisclosure incomments

Question 385

Given the following code snippet:

Of which of the following is this snippet an example?

A.Improper filed usage

B.Data execution prevention

C.Buffer overflow

D.Failure to use standard libraries

E.Input validation

Other Version: 6545CompTIA.CAS-003.v2022-08-15.q472; 4322CompTIA.CAS-003.v2022-05-05.q206; 2991CompTIA.CAS-003.v2022-04-30.q141; 84CompTIA.Actualtestpdf.CAS-003.v2022-01-19.by.morgan.327q.pdf

Latest Upload: 106OCEG.GRCP.v2025-09-11.q211; 106HP.HPE0-V27.v2025-09-11.q78; 122Oracle.1Z0-1057-23.v2025-09-10.q47; 157Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 136SAP.C-S4EWM-2023.v2025-09-08.q83; 172TheSecOpsGroup.CNSP.v2025-09-08.q20; 239CFAInstitute.ESG-Investing.v2025-09-08.q173; 234PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 158Salesforce.Data-Architect.v2025-09-05.q216; 153Adobe.AD0-E605.v2025-09-05.q50

Question 381

Question 382

Question 383

Question 384

Question 385

Download PDF File