Online Access Free CompTIA.CAS-003.v2021-10-13.q221 Practice Test (Page 24)

CAS-003 Exam Question 111

An assessor identifies automated methods for identifying security control compliance through validating sensors at the endpoint and at Tier 2. Which of the following practices satisfy continuous monitoring of authorized information systems?

A.Independent verification and validation

B.Security test and evaluation

C.Risk assessment

D.Ongoing authorization

CAS-003 Exam Question 112

A large hospital has implemented BYOD to allow doctors and specialists the ability to access patient medical records on their tablets. The doctors and specialists access patient records over the hospital's guest WiFi network which is isolated from the internal network with appropriate security controls. The patient records management system can be accessed from the guest network and require two factor authentication. Using a remote desktop type interface, the doctors and specialists can interact with the hospital's system.
Cut and paste and printing functions are disabled to prevent the copying of data to BYOD devices. Which of the following are of MOST concern? (Select TWO).

A.Privacy could be compromised as patient records can be viewed in uncontrolled areas.

B.Device encryption has not been enabled and will result in a greater likelihood of data loss.

C.The guest WiFi may be exploited allowing non-authorized individuals access to confidential patient data.

D.Malware may be on BYOD devices which can extract data via key logging and screen scrapes.

E.Remote wiping of devices should be enabled to ensure any lost device is rendered inoperable.

CAS-003 Exam Question 113

A hospital uses a legacy electronic medical record system that requires multicast for traffic between the application servers and databases on virtual hosts that support segments of the application. Following a switch upgrade, the electronic medical record is unavailable despite physical connectivity between the hypervisor and the storage being in place. The network team must enable multicast traffic to restore access to the electronic medical record. The ISM states that the network team must reduce the footprint of multicast traffic on the network.

Using the above information, on which VLANs should multicast be enabled?

A.VLAN201, VLAN202, VLAN700

B.VLAN400, VLAN680, VLAN700

C.VLAN201, VLAN202, VLAN400

D.VLAN201, VLAN202, VLAN400, VLAN680, VLAN700

CAS-003 Exam Question 114

It has come to the IT administrator's attention that the "post your comment" field on the company blog page has been exploited, resulting in cross-site scripting attacks against customers reading the blog. Which of the following would be the MOST effective at preventing the "post your comment" field from being exploited?

A.Update the blog page to HTTPS

B.Filter metacharacters

C.Install HIDS on the server

D.Patch the web application

E.Perform client side input validation

CAS-003 Exam Question 115

The Chief Executive Officer (CEO) instructed the new Chief Information Security Officer (CISO) to provide a list of enhancements to the company's cybersecurity operation. As a result, the CISO has identified the need to align security operations with industry best practices.
Which of the following industry references is appropriate to accomplish this?

A.OSSM

B.OWASP

C.NIST

D.PCI

Other Version: 2095CompTIA.CAS-003.v2022-04-30.q101; 61CompTIA.Itpassleader.CAS-003.v2021-08-06.by.gale.404q.pdf

Latest Upload: 129F5.F5CAB5.v2026-06-22.q29; 129Juniper.JN0-650.v2026-06-22.q31; 151Salesforce.Plat-Admn-201.v2026-06-22.q72; 164VMware.3V0-21.25.v2026-06-20.q29; 169Microsoft.AB-731.v2026-06-19.q23; 326IIA.IIA-CIA-Part2.v2026-06-19.q308; 206DAMA.MD-1220.v2026-06-19.q66; 231ISTQB.CT-AI.v2026-06-18.q68; 380IIA.IIA-CIA-Part3.v2026-06-17.q220; 232WGU.Introduction-to-IT.v2026-06-17.q67

CAS-003 Exam Question 111

CAS-003 Exam Question 112

CAS-003 Exam Question 113

CAS-003 Exam Question 114

CAS-003 Exam Question 115

Download PDF File