Free Access CompTIA.CAS-003.v2022-09-22.q535 Practice Test (Page 79)

Question 386

Joe, a hacker, has discovered he can specifically craft a webpage that when viewed in a browser crashes the browser and then allows him to gain remote code execution in the context of the victim's privilege level. The browser crashes due to an exception error when a heap memory that is unused is accessed. Which of the following BEST describes the application issue?

A.Integer overflow

B.Click-jacking

C.Race condition

D.SQL injection

E.Use after free

F.Input validation

Question 387

The Information Security Officer (ISO) is reviewing new policies that have been recently made effective and now apply to the company. Upon review, the ISO identifies a new requirement to implement two-factor authentication on the company's wireless system. Due to budget constraints, the company will be unable to implement the requirement for the next two years. The ISO is required to submit a policy exception form to the Chief Information Officer (CIO). Which of the following are MOST important to include when submitting the exception form? (Select THREE).

A.Business or technical justification for not implementing the requirements.

B.Risks associated with the inability to implement the requirements.

C.Industry best practices with respect to the technical implementation of the current controls.

D.All sections of the policy that may justify non-implementation of the requirements.

E.A revised DRP and COOP plan to the exception form.

F.Internal procedures that may justify a budget submission to implement the new requirement.

G.Current and planned controls to mitigate the risks.

Question 388

An electric car company hires an IT consulting company to improve the cybersecurity of us vehicles. Which of the following should achieve the BEST long-term result for the company?

A.Performing a cyber-risk assessment on production vehicles

B.Designing Developing add-on security components for fielded vehicles

C.Reviewing proposed designs and prototypes for cybersecurity vulnerabilities

D.Reviewing and influencing requirements for an early development vehicle

Question 389

A government entity is developing requirements for an RFP to acquire a biometric authentication system When developing these requirements, which of the following considerations is MOST critical to the verification and validation of the SRTM?

A.Testability of requirements

B.Secure software development requirements

C.Local and national laws and regulations

D.Environmental constraint requirements

Question 390

A legacy web application, which is being used by a hospital, cannot be upgraded for 12 months. A new vulnerability is found in the legacy application, and the networking team is tasked with mitigation. Middleware for mitigation will cost $100,000 per year. Which of the following must be calculated to determine ROI?
(Choose two.)

A.ALE

B.RTO

C.MTBF

D.ARO

E.RPO

Other Version: 6536CompTIA.CAS-003.v2022-08-15.q472; 4322CompTIA.CAS-003.v2022-05-05.q206; 2991CompTIA.CAS-003.v2022-04-30.q141; 84CompTIA.Actualtestpdf.CAS-003.v2022-01-19.by.morgan.327q.pdf

Latest Upload: 106OCEG.GRCP.v2025-09-11.q211; 106HP.HPE0-V27.v2025-09-11.q78; 122Oracle.1Z0-1057-23.v2025-09-10.q47; 157Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 136SAP.C-S4EWM-2023.v2025-09-08.q83; 172TheSecOpsGroup.CNSP.v2025-09-08.q20; 239CFAInstitute.ESG-Investing.v2025-09-08.q173; 225PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 157Salesforce.Data-Architect.v2025-09-05.q216; 152Adobe.AD0-E605.v2025-09-05.q50

Question 386

Question 387

Question 388

Question 389

Question 390

Download PDF File