Free Access CompTIA.CAS-003.v2022-09-22.q535 Practice Test (Page 91)

Question 446

Two competing companies experienced similar attacks on their networks from various threat actors. To improve response times, the companies wish to share some threat intelligence about the sources and methods of attack. Which of the following business documents would be BEST to document this engagement?

A.Business partnership agreement

B.Memorandum of understanding

C.Service-level agreement

D.Interconnection security agreement

Question 447

A systems administrator receives an advisory email that a recently discovered exploit is being used in another country and the financial institutions have ceased operations while they find a way to respond to the attack. Which of the following BEST describes where the administrator should look to find information on the attack to determine if a response must be prepared for the systems? (Choose two.)

A.Trade industry association websites

B.Hacker forums

C.CVE database

D.Company's legal department

E.Bug bounty websites

F.Antivirus vendor websites

Question 448

The senior security administrator wants to redesign the company DMZ to minimize the risks associated with both external and internal threats. The DMZ design must support security in depth, change management and configuration processes, and support incident reconstruction. Which of the following designs BEST supports the given requirements?

A.A dual firewall DMZ with remote logging where each firewall is managed by a separate administrator.

B.A single firewall DMZ where each firewall interface is managed by a separate administrator and logging to the cloud.

C.A SaaS based firewall which logs to the company's local storage via SSL, and is managed by the change control team.

D.A virtualized firewall, where each virtual instance is managed by a separate administrator and logging to the same hardware.

Question 449

The Chief Executive Officer (CEO) of a large prestigious enterprise has decided to reduce business costs by outsourcing to a third party company in another country. Functions to be outsourced include: business analysts, testing, software development and back office functions that deal with the processing of customer data. The Chief Risk Officer (CRO) is concerned about the outsourcing plans. Which of the following risks are MOST likely to occur if adequate controls are not implemented?

A.Geographical regulation issues, loss of intellectual property and interoperability agreement issues

B.Improper handling of client data, interoperability agreement issues and regulatory issues

C.Cultural differences, increased cost of doing business and divestiture issues

D.Improper handling of customer data, loss of intellectual property and reputation damage

Question 450

After an employee was terminated, the company discovered the employee still had access to emails and attached content that should have been destroyed during the off-boarding. The employee's laptop and cell phone were confiscated and accounts were disabled promptly. Forensic investigation suggests the company's DLP was effective, and the content in question was not sent outside of work or transferred to removable media.
Personality owned devices are not permitted to access company systems or information.
Which of the following would be the MOST efficient control to prevent this from occurring in the future?

A.Install application whitelist on mobile devices.

B.Disallow side loading of applications on mobile devices.

C.Prevent backup of mobile devices to personally owned computers.

D.Perform unannounced insider threat testing on high-risk employees.

E.Restrict access to company systems to expected times of day and geographic locations.

Other Version: 6507CompTIA.CAS-003.v2022-08-15.q472; 4313CompTIA.CAS-003.v2022-05-05.q206; 2985CompTIA.CAS-003.v2022-04-30.q141; 84CompTIA.Actualtestpdf.CAS-003.v2022-01-19.by.morgan.327q.pdf

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 153Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 166TheSecOpsGroup.CNSP.v2025-09-08.q20; 226CFAInstitute.ESG-Investing.v2025-09-08.q173; 176PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 152Salesforce.Data-Architect.v2025-09-05.q216; 148Adobe.AD0-E605.v2025-09-05.q50

Question 446

Question 447

Question 448

Question 449

Question 450

Download PDF File