Free Access CompTIA.CAS-003.v2022-09-22.q535 Practice Test (Page 93)

Question 456

A new database application was added to a company's hosted VM environment. Firewall ACLs were modified to allow database users to access the server remotely. The company's cloud security broker then identified abnormal from a database user on-site. Upon further investigation, the security team noticed the user ran code on a VM that provided access to the hypervisor directly and access to other sensitive data.
Which of the following should the security do to help mitigate future attacks within the VM environment? (Choose two.)

A.Install perimeter NGFW.

B.Update virus definitions on all endpoints.

C.Deprovision database VM.

D.Install the appropriate patches.

E.Change the user's access privileges.

F.Configure VM isolation.

Question 457

The Chief Information Security Officer (CISO) has asked the security team to determine whether the organization is susceptible to a zero-day exploit utilized in the banking industry and whether attribution is possible. The CISO has asked what process would be utilized to gather the information, and then wants to apply signatureless controls to stop these kinds of attacks in the future. Which of the following are the MOST appropriate ordered steps to take to meet the CISO's request?

A.1. Perform the ongoing research of the best practices
2. Determine current vulnerabilities and threats
3. Apply Big Data techniques
4. Use antivirus control

B.1. Apply artificial intelligence algorithms for detection
2. Inform the CERT team
3. Research threat intelligence and potential adversaries
4. Utilize threat intelligence to apply Big Data techniques

C.1. Obtain the latest IOCs from the open source repositories
2. Perform a sweep across the network to identify positive matches
3. Sandbox any suspicious files
4. Notify the CERT team to apply a future proof threat model

D.1. Analyze the current threat intelligence
2. Utilize information sharing to obtain the latest industry IOCs
3. Perform a sweep across the network to identify positive matches
4. Apply machine learning algorithms

Question 458

The marketing department has developed a new marketing campaign involving significant social media outreach. The campaign includes allowing employees and customers to submit blog posts and pictures of their day-to-day experiences at the company. The information security manager has been asked to provide an informative letter to all participants regarding the security risks and how to avoid privacy and operational security issues. Which of the following is the MOST important information to reference in the letter?

A.Social engineering techniques

B.Company policies and employee NDAs

C.After-action reports from prior incidents.

D.Data classification processes

Question 459

A pentester must attempt to crack passwords on a windows domain that enforces strong complex passwords. Which of the following would crack the MOST passwords in the shortest time period?

A.Online password testing

B.Rainbow tables attack

C.Dictionary attack

D.Brute force attack

Question 460

A security incident responder discovers an attacker has gained access to a network and has overwritten
key system files with backdoor software. The server was reimaged and patched offline. Which of the
following tools should be implemented to detect similar attacks?

A.NIPS

B.Vulnerability scanner

C.Host-based firewall

D.File integrity monitor

E.TPM

Other Version: 6507CompTIA.CAS-003.v2022-08-15.q472; 4312CompTIA.CAS-003.v2022-05-05.q206; 2985CompTIA.CAS-003.v2022-04-30.q141; 84CompTIA.Actualtestpdf.CAS-003.v2022-01-19.by.morgan.327q.pdf

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 153Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 166TheSecOpsGroup.CNSP.v2025-09-08.q20; 226CFAInstitute.ESG-Investing.v2025-09-08.q173; 176PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 152Salesforce.Data-Architect.v2025-09-05.q216; 148Adobe.AD0-E605.v2025-09-05.q50

Question 456

Question 457

Question 458

Question 459

Question 460

Download PDF File