Online Access Free CompTIA.CAS-003.v2021-10-13.q221 Practice Test (Page 31)

CAS-003 Exam Question 146

The Chief Financial Officer (CFO) of a major hospital system has received a ransom letter that demands a large sum of cryptocurrency be transferred to an anonymous account. If the transfer does not take place within ten hours, the letter states that patient information will be released on the dark web. A partial listing of recent patients is included in the letter. This is the first indication that a breach took place. Which of the following steps should be done FIRST?

A.Review audit logs to determine the extent of the breach

B.Pay the hacker under the condition that all information is destroyed

C.Engage a counter-hacking team to retrieve the data

D.Notify the appropriate legal authorities and legal counsel

CAS-003 Exam Question 147

A security researches is gathering information about a recent spoke in the number of targeted attacks against multinational banks. The spike is on top of already sustained attacks against the banks. Some of the previous attacks have resulted in the loss of sensitive data, but as of yet the attackers have not successfully stolen any funds.
Based on the information available to the researcher, which of the following is the MOST likely threat profile?

A.Opportunists seeking notoriety and fame for personal gain.

B.Hackvisits seeking to make a political statement because of socio-economic factors.

C.Nation-state-sponsored attackers conducting espionage for strategic gain.

D.Insiders seeking to gain access to funds for illicit purposes.

CAS-003 Exam Question 148

A security officer is leading a lessons learned meeting. Which of the following should be components of that meeting? (Select TWO).

A.Demonstration of IPS system

B.Review vendor selection process

C.Calculate the ALE for the event

D.Discussion of event timeline

E.Assigning of follow up items

CAS-003 Exam Question 149

Given the following output from a local PC:

Which of the following ACLs on a stateful host-based firewall would allow the PC to serve an intranet website?

A.Allow 172.30.0.28:80 -> 172.30.0.0/16

B.Allow 172.30.0.28:80 -> 172.30.0.28:443

C.Allow 172.30.0.28:80 -> 172.30.0.28:53

D.Allow 172.30.0.28:80 -> ANY

CAS-003 Exam Question 150

Engineers at a company believe a certain type of data should be protected from competitors, but the data owner insists the information is not sensitive. An information security engineer is implementing controls to secure the corporate SAN. The controls require dividing data into four groups: non-sensitive, sensitive but accessible, sensitive but export-controlled, and extremely sensitive.
Which of the following actions should the engineer take regarding the data?

A.Label the data as sensitive but accessible.

B.Label the data as extremely sensitive.

C.Label the data as non-sensitive.

D.Label the data as sensitive but export-controlled.

Other Version: 2095CompTIA.CAS-003.v2022-04-30.q101; 61CompTIA.Itpassleader.CAS-003.v2021-08-06.by.gale.404q.pdf

Latest Upload: 128IIBA.ECBA.v2026-06-24.q96; 131Microsoft.AI-102.v2026-06-24.q184; 107Databricks.Databricks-Generative-AI-Engineer-Associate.v2026-06-24.q31; 117EMC.D-PDM-DY-23.v2026-06-24.q16; 178ECCouncil.312-50v13.v2026-06-24.q254; 129F5.F5CAB5.v2026-06-22.q29; 130Juniper.JN0-650.v2026-06-22.q31; 151Salesforce.Plat-Admn-201.v2026-06-22.q72; 164VMware.3V0-21.25.v2026-06-20.q29; 169Microsoft.AB-731.v2026-06-19.q23

CAS-003 Exam Question 146

CAS-003 Exam Question 147

CAS-003 Exam Question 148

CAS-003 Exam Question 149

CAS-003 Exam Question 150

Download PDF File