PassLeader released the NEWEST CompTIA CAS-003 exam dumps recently! Both CAS-003 VCE dumps and CAS-003 PDF dumps are available on PassLeader, either CAS-003 VCE dumps or CAS-003 PDF dumps have the NEWEST CAS-003 exam questions in it, they will help you passing CompTIA CAS-003 exam easily! You can download the valid CAS-003 dumps VCE and PDF from PassLeader here: https://www.passleader.com/cas-003.html (827 Q&As Dumps –> 863 Q&As Dumps –> 894 Q&As Dumps –> 974 Q&As Dumps)
Also, previewing the NEWEST PassLeader CAS-003 dumps online for free on Google Drive: https://drive.google.com/open?id=1bfoVeMAPqLPPEtiIibD38-i-xMle-2O0
NEW QUESTION 791
A cybersecurity engineer analyst a system for vulnerabilities. The tool created an OVAL. Results document as output. Which of the following would enable the engineer to interpret the results in a human readable form? (Choose two.)
A. Text editor.
B. OOXML editor.
C. Event Viewer.
D. XML style sheet.
E. SCAP tool.
F. Debugging utility.
NEW QUESTION 792
A company provides guest WiFi access to the internet and physically separates the guest network from the company’s internal WIFI. Due to a recent incident in which an attacker gained access to the compay’s intend WIFI, the company plans to configure WPA2 Enterprise in an EAP-TLS configuration. Which of the following must be installed on authorized hosts for this new configuration to work properly?
A. Active Directory OPOs.
B. PKI certificates.
C. Host-based firewall.
D. NAC persistent agent.
NEW QUESTION 793
Which of the following controls primarily detects abuse of privilege but does not prevent it?
B. Separation of duties.
C. Least privilege.
D. Job rotation.
NEW QUESTION 794
A security analyst is trying to identify the source of a recent data loss incident. The analyst has reviewed all the for the time surrounding the identified all the assets on the network at the time of the data loss. The analyst suspects the key to finding the source was obfuscated in an application. Which of the following tools should the analyst use NEXT?
A. Software Decomplier.
B. Network enurrerator.
C. Log reduction and analysis tool.
D. Static code analysis.
NEW QUESTION 795
A company requires a task to be carried by more than one person concurrently. This is an example of what?
A. separation of d duties
B. dual control
C. least privilege
D. job rotation
NEW QUESTION 796
A health company has reached the physical and computing capabilities in its datacenter, but the computing demand continues to increase. The infrastructure is fully virtualized and runs custom and commercial healthcare application that process sensitive health and payment information. Which of the following should the company implement to ensure it can meet the computing demand while complying with healthcare standard for virtualization and cloud computing?
A. Hybrid IaaS solution in a single-tenancy cloud.
B. Pass solution in a multinency cloud.
C. SaaS solution in a community cloud.
D. Private SaaS solution in a single tenancy cloud.
NEW QUESTION 797
Company A is establishing a contractual with Company B. The terms of the agreement are formalized in a document covering the payment terms, limitation of liability, and intellectual property rights. Which of the following documents will MOST likely contain these elements?
A. Company A-B SLA v2.docx
B. Company A OLA v1b.docx
C. Company A MSA v3.docx
D. Company A MOU v1.docx
E. Company A-B NDA v03.docx
NEW QUESTION 798
The Chief information Officer (CIO) of a large bank, which uses multiple third-party organizations to deliver a service, is concerned about the handling and security of customer data by the parties. Which of the following should be implemented to BEST manage the risk?
A. Establish a review committee that assesses the importance of suppliers and ranks them according to contract renewals.
At the time of contract renewal, incorporate designs and operational controls into the contracts and a right-to-audit clause.
Regularly assess the supplier’s post-contract renewal with a dedicated risk management team.
B. Establish a team using members from first line risk, the business unit, and vendor management to assess only design security controls of all suppliers.
Store findings from the reviews in a database for all other business units and risk teams to reference.
C. Establish an audit program that regularly reviews all suppliers regardless of the data they access, how they access the data, and the type of data.
Review all design and operational controls based on best practice standard and report the finding back to upper management.
D. Establish a governance program that rates suppliers based on their access to data, the type of data, and how they access the data.
Assign key controls that are reviewed and managed based on the supplier’s rating.
Report finding units that rely on the suppliers and the various risk teams.
NEW QUESTION 799
A financial services company wants to migrate its email services from on-premises servers to a cloud- based email solution. The Chief information Security Officer (CISO) must brief board of directors on the potential security concerns related to this migration. The board is concerned about the following:
– Transactions being required by unauthorized individual.
– Complete discretion regarding client names, account numbers, and investment information.
– Malicious attacker using email to distribute malware and ransom ware.
– Exfiltration of sensitivity company information.
The cloud-based email solution will provide anti-malware, reputation-based scanning, signature- based scanning, and sandboxing. Which of the following is the BEST option to resolve the board’s concerns for this email migration?
A. Data loss prevention.
B. Endpoint detection response.
C. SSL VPN.
D. Application whitelisting.
NEW QUESTION 800
Which of the following BEST sets expectation between the security team and business units within an organization?
A. Risk assessment.
B. Memorandum of understanding.
C. Business impact analysis.
D. Business partnership agreement.
E. Services level agreement.
NEW QUESTION 801
A small company needs to reduce its operating costs. vendors have proposed solutions, which all focus on management of the company’s website and services. The Chief information Security Officer (CISO) insist all available resources in the proposal must be dedicated, but managing a private cloud is not an option. Which of the following is the BEST solution for this company?
A. Community cloud service model.
B. Multinency SaaS.
C. Single-tenancy SaaS.
D. On-premises cloud service model.
NEW QUESTION 802
A security is assisting the marketing department with ensuring the security of the organization’s social media platforms. The two main concerns are:
– The Chief marketing officer (CMO) email is being used department wide as the username.
– The password has been shared within the department.
Which of the following controls would be BEST for the analyst to recommend?
A. Configure MFA for all users to decrease their reliance on other authentication.
B. Have periodic, scheduled reviews to determine which OAuth configuration are set for each media platform.
C. Create multiple social media accounts for all marketing user to separate their actions.
D. Ensure the password being shared is sufficiently and not written down anywhere.
NEW QUESTION 803
A security engineer at a company is designing a system to mitigate recent setbacks caused competitors that are beating the company to market with the new products. Several of the products incorporate propriety enhancements developed by the engineer’s company. The network already includes a SEIM and a NIPS and requires 2FA for all user access. Which of the following system should the engineer consider NEXT to mitigate the associated risks?
B. Mail gateway.
C. Data flow enforcement.
NEW QUESTION 804
A company that all mobile devices be encrypted, commensurate with the full disk encryption scheme of assets, such as workstation, servers, and laptops. Which of the following will MOST likely be a limiting factor when selecting mobile device managers for the company?
A. Increased network latency.
B. Unavailable of key escrow.
C. Inability to selected AES-256 encryption.
D. Removal of user authentication requirements.
NEW QUESTION 805
A company is outsourcing to an MSSP that performs managed detection and response services. The MSSP requires a server to be placed inside the network as a log aggregate and allows remote access to MSSP analyst. Critical devices send logs to the log aggregator, where data is stored for 12 months locally before being archived to a multitenant cloud. The data is then sent from the log aggregate to a public IP address in the MSSP datacenter for analysis. A security engineer is concerned about the security of the solution and notes the following:
– The critical devise send cleartext logs to the aggregator.
– The log aggregator utilize full disk encryption.
– The log aggregator sends to the analysis server via port 80.
– MSSP analysis utilize an SSL VPN with MFA to access the log aggregator remotely.
– The data is compressed and encrypted prior to being achieved in the cloud.
Which of the following should be the engineer’s GREATEST concern?
A. Hardware vulnerabilities introduced by the log aggregate server.
B. Network bridging from a remote access VPN.
C. Encryption of data in transit.
D. Multinancy and data remnants in the cloud.
NEW QUESTION 806
Ann, a CIRT member, is conducting incident response activities on a network that consists of several hundred virtual servers and thousands of endpoints and users. The network generates more than 10,000 log messages per second. The enterprise belong to a large, web-based cryptocurrency startup. Ann has distilled the relevant information into an easily digestible report for executive management, however, she still needs to collect evidence of the intrusion that caused the incident. Which of the following should Ann use to gather the required information?
A. Traffic interceptor log analysis.
B. Log reduction and visualization tools.
C. Proof of work analysis.
D. Ledger analysis software.
NEW QUESTION 807
A security engineer is troubleshooting an issue in which an employee is getting an IP address in the range on the wired network. The engineer plus another PC into the same port, and that PC gets an IP address in the correct range. The engineer then puts the employee’ PC on the wireless network and finds the PC still not get an IP address in the proper range. The PC is up to date on all software and antivirus definitions, and the IP address is not an APIPA address. Which of the following is MOST likely the problem?
A. The company is using 802.1x for VLAN assignment, and the user or computer is in the wrong group.
B. The DHCP server has a reservation for the PC’s MAC address for the wired interface.
C. The WiFi network is using WPA2 Enterprise, and the computer certificate has the wrong IP address in the SAN field.
D. The DHCP server is unavailable, so no IP address is being sent back to the PC.
NEW QUESTION 808
Immediately following the report of a potential breach, a security engineer creates a forensic image of the server in question as part of the organization incident response procedure. Which of the must occur to ensure the integrity of the image?
A. The image must be password protected against changes.
B. A hash value of the image must be computed.
C. The disk containing the image must be placed in a seated container.
D. A duplicate copy of the image must be maintained.
NEW QUESTION 809
A company in the financial sector receives a substantial number of customer transaction requests via email. While doing a root-cause analysis conceding a security breach, the CIRT correlates an unusual spike in port 80 traffic from the IP address of a desktop used by a customer relations employee who has access to several of the compromised accounts. Subsequent antivirus scans of the device do not return an findings, but the CIRT finds undocumented services running on the device. Which of the following controls would reduce the discovery time for similar in the future?
A. Implementing application blacklisting.
B. Configuring the mall to quarantine incoming attachment automatically.
C. Deploying host-based firewalls and shipping the logs to the SIEM.
D. Increasing the cadence for antivirus DAT updates to twice daily.
NEW QUESTION 810
A system administrator at a medical imaging company discovers protected health information (PHI) on a general-purpose file server. Which of the following steps should the administrator take NEXT?
A. Isolate all of the PHI on its own VLAN and keep it segregated at Layer 2.
B. Take an MD5 hash of the server.
C. Delete all PHI from the network until the legal department is consulted.
D. Consult the legal department to determine the legal requirements.
NEW QUESTION 811
A financial institution has several that currently employ the following controls:
– The severs follow a monthly patching cycle.
– All changes must go through a change management process.
– Developers and systems administrators must log into a jumpbox to access the servers hosting the data using two-factor authentication.
– The servers are on an isolated VLAN and cannot be directly accessed from the internal production network.
An outage recently occurred and lasted several days due to an upgrade that circumvented the approval process. Once the security team discovered an unauthorized patch was installed, they were able to resume operations within an hour. Which of the following should the security administrator recommend to reduce the time to resolution if a similar incident occurs in the future?
A. Require more than one approver for all change management requests.
B. Implement file integrity monitoring with automated alerts on the servers.
C. Disable automatic patch update capabilities on the servers.
D. Enhanced audit logging on the jump servers and ship the logs to the SIEM.
NEW QUESTION 812
The Chief information Security Officer (CISO) of a small locate bank has a compliance requirement that a third-party penetration test of the core banking application must be conducted annually. Which of the following services would fulfill the compliance requirement with the LOWEST resource usage?
A. Black-box testing.
B. Gray-box testing.
C. Red-team hunting.
D. White-box testing.
E. Blue-learn exercises.
NEW QUESTION 813
Over the last 90 days, many storage services has been exposed in the cloud services environments, and the security team does not have the ability to see is creating these instance. Shadow IT is creating data services and instances faster than the small security team can keep up with them. The Chief information security Officer (CIASO) has asked the security officer (CISO) has asked the security lead architect to architect to recommend solutions to this problem. Which of the following BEST addresses the problem best address the problem with the least amount of administrative effort?
A. Compile a list of firewall requests and compare than against interesting cloud services.
B. Implement a CASB solution and track cloud service use cases for greater visibility.
C. Implement a user-behavior system to associate user events and cloud service creation events.
D. Capture all log and feed then to a SIEM and then for cloud service events.
NEW QUESTION 814
An analyst execute a vulnerability scan against an internet-facing DNS server and receives the following report:
– Vulnerabilities in Kernel-Mode Driver Could Allow Elevation of Privilege.
– SSL Medium Strength Cipher Suites Supported.
– Vulnerability in DNS Resolution Could Allow Remote Code Execution.
– SMB Host SIDs allows Local User Enumeration.
Which of the following tools should the analyst use FIRST to validate the most critical vulnerability?
A. Password cracker.
B. Port scanner.
C. Account enumerator.
D. Exploitation framework.
NEW QUESTION 815
The Chief information Officer (CIO) wants to establish a non-banding agreement with a third party that outlines the objectives of the mutual arrangement dealing with data transfers between both organizations before establishing a format partnership. Which of the follow would MOST likely be used?
NEW QUESTION 816
Welcome to choose PassLeader CAS-003 dumps for 100% passing CompTIA CAS-003 exam: https://www.passleader.com/cas-003.html (827 Q&As VCE Dumps and PDF Dumps –> 863 Q&As VCE Dumps and PDF Dumps –> 894 Q&As VCE Dumps and PDF Dumps –> 974 Q&As VCE Dumps and PDF Dumps)
Also, previewing the NEWEST PassLeader CAS-003 dumps online for free on Google Drive: https://drive.google.com/open?id=1bfoVeMAPqLPPEtiIibD38-i-xMle-2O0