Free Access CompTIA.CAS-003.v2022-09-22.q535 Practice Test (Page 97)

Question 476

A security architect is designing a new infrastructure using both type 1 and type 2 virtual machines. In addition to the normal complement of security controls (e.g. antivirus, host hardening, HIPS/NIDS) the security architect needs to implement a mechanism to securely store cryptographic keys used to sign code and code modules on the VMs. Which of the following will meet this goal without requiring any hardware pass-through implementations?

A.vTPM

B.HSM

C.TPM

D.INE

Question 477

Given the following:

Which of the following vulnerabilities is present in the above code snippet?

A.Information disclosure in comments

B.SQL-based string concatenation

C.Disclosure of database credential

D.DOM-based injection

Question 478

A manufacturing company recently recovered from an attack on its ICS devices. It has since reduced the attack surface by isolating the affected components. The company now wants to implement detection capabilities. It is considering a system that is based on machine learning.
Which of the following features would BEST describe the driver to adopt such nascent technology over mainstream commercial IDSs?

A.Classifies traffic based on logical protocols and messaging formats

B.Identifies and triggers upon known bad signatures and behaviors

C.Automatically reconfigures ICS devices based on observed behavior

D.Trains on normal behavior and identifies deviations therefrom

Question 479

A security analyst is reviewing logs and discovers that a company-owned computer issued to an employee is generating many alerts and analyst continues to review the log events and discovers that a non-company-owned device from a different, unknown IP address is general same events. The analyst informs the manager of these finding, and the manager explains that these activities are already known and . . . ongoing simulation. Given this scenario, which of the following roles are the analyst, the employee, and the manager fillings?

A.The analyst is red team
The employee is white team
The manager is blue team

B.The analyst is white team
The employee is red team
The manager is blue team

C.The analyst is red team
The employee is blue team
The manager is white team

D.The analyst is blue team
The employee is red team
The manager is white team

Question 480

A company is acquiring incident response and forensic assistance from a managed security service provider in the event of a data breach. The company has selected a partner and must now provide required documents to be reviewed and evaluated. Which of the following documents would BEST protect the company and ensure timely assistance? (Choose two.)

A.RA

B.BIA

C.NDA

D.RFI

E.RFQ

F.MSA

Other Version: 6501CompTIA.CAS-003.v2022-08-15.q472; 4303CompTIA.CAS-003.v2022-05-05.q206; 2985CompTIA.CAS-003.v2022-04-30.q141; 84CompTIA.Actualtestpdf.CAS-003.v2022-01-19.by.morgan.327q.pdf

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 165TheSecOpsGroup.CNSP.v2025-09-08.q20; 223CFAInstitute.ESG-Investing.v2025-09-08.q173; 158PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 150Salesforce.Data-Architect.v2025-09-05.q216; 144Adobe.AD0-E605.v2025-09-05.q50

Question 476

Question 477

Question 478

Question 479

Question 480

Download PDF File