Online Access Free CompTIA.CAS-003.v2021-10-13.q221 Practice Test (Page 27)

CAS-003 Exam Question 126

A large enterprise acquires another company which uses antivirus from a different vendor. The CISO has requested that data feeds from the two different antivirus platforms be combined in a way that allows management to assess and rate the overall effectiveness of antivirus across the entire organization. Which of the following tools can BEST meet the CISO's requirement?

A.GRC

B.IPS

C.CMDB

D.Syslog-ng

E.IDS

CAS-003 Exam Question 127

A company wants to perform analysis of a tool that is suspected to contain a malicious payload. A forensic analyst is given the following snippet:
^32^[34fda19(fd^43gfd/home/user/lib/module.so.343jk^rfw(342fds43g
Which of the following did the analyst use to determine the location of the malicious payload?

A.Code deduplicators

B.Fuzz testing

C.Security containers

D.Binary reverse-engineering

CAS-003 Exam Question 128

A security engineer is investigating a compromise that occurred between two internal computers. The engineer has determined during the investigation that one computer infected another. While reviewing the IDS logs, the engineer can view the outbound callback traffic, but sees no traffic between the two computers. Which of the following would BEST address the IDS visibility gap?

A.Install HIDS on each computer.

B.Send syslog from the IDS into the SIEM.

C.Install network taps at the edge of the network.

D.SPAN traffic form the network core into the IDS.

CAS-003 Exam Question 129

A company is the victim of a phishing and spear-phishing campaign Users are Clicking on website links that look like common bank sites and entering their credentials accidentally A security engineer decides to use a layered defense to prevent the phishing or lessen its impact Which of the following should the security engineer implement? (Select TWO)

A.Spam filter

B.Host intrusion prevention

C.Data loss prevention

D.Log monitoring

E.Content filter

F.Client certificates

CAS-003 Exam Question 130

An advanced threat emulation engineer is conducting testing against a client's network. The engineer conducts the testing in as realistic a manner as possible. Consequently, the engineer has been gradually ramping up the volume of attacks over a long period of time. Which of the following combinations of techniques would the engineer MOST likely use in this testing? (Choose three.)

A.Black box testing

B.Gray box testing

C.Code review

D.Social engineering

E.Vulnerability assessment

F.Pivoting

G.Self-assessment

H.White teaming

I.External auditing

Other Version: 2095CompTIA.CAS-003.v2022-04-30.q101; 61CompTIA.Itpassleader.CAS-003.v2021-08-06.by.gale.404q.pdf

Latest Upload: 129F5.F5CAB5.v2026-06-22.q29; 129Juniper.JN0-650.v2026-06-22.q31; 151Salesforce.Plat-Admn-201.v2026-06-22.q72; 164VMware.3V0-21.25.v2026-06-20.q29; 169Microsoft.AB-731.v2026-06-19.q23; 326IIA.IIA-CIA-Part2.v2026-06-19.q308; 206DAMA.MD-1220.v2026-06-19.q66; 231ISTQB.CT-AI.v2026-06-18.q68; 380IIA.IIA-CIA-Part3.v2026-06-17.q220; 232WGU.Introduction-to-IT.v2026-06-17.q67

CAS-003 Exam Question 126

CAS-003 Exam Question 127

CAS-003 Exam Question 128

CAS-003 Exam Question 129

CAS-003 Exam Question 130

Download PDF File