Online Access Free CompTIA.CAS-003.v2021-10-13.q221 Practice Test (Page 34)

CAS-003 Exam Question 161

Following the merger of two large companies the newly combined security team is overwhelmed by the volume of logs flowing from the IT systems The company's data retention schedule complicates the issue by requiring detailed logs to be collected and available for months Which of the following designs BEST meets the company's security and retention requirement?

A.Send logs to a SlEM that correlates security data and store only the alerts and relevant data arising from that system.

B.Reduce the log volume by disabling logging of routine maintenance activities or failed authentication attempts

C.Forward logs to both a SlEM and a cheaper longer-term storage and then delete logs from the SlEM after 14 days

D.Maintain both companies' logging and SlEM solutions separately but merge the resulting alerts and reports.

CAS-003 Exam Question 162

A security consultant is conducting a network assessment and wishes to discover any legacy backup Internet connections the network may have. Where would the consultant find this information and why would it be valuable?

A.This information can be found in global routing tables, and is valuable because backup connections typically do not have perimeter protection as strong as the primary connection.

B.This information can be found by calling the regional Internet registry, and is valuable because backup connections typically do not require VPN access to the network.

C.This information can be found by accessing telecom billing records, and is valuable because backup connections typically have much lower latency than primary connections.

D.This information can be found by querying the network's DNS servers, and is valuable because backup DNS servers typically allow recursive queries from Internet hosts.

CAS-003 Exam Question 163

An engineer wants to assess the OS security configurations on a company's servers. The engineer has downloaded some files to orchestrate configuration checks When the engineer opens a file in a text editor, the following excerpt appears:

Which of the following capabilities would a configuration compliance checker need to support to interpret this file?

A.Swagger file

B.Nessus

C.SCAP

D.WSDL

E.Netcat

CAS-003 Exam Question 164

The network administrator at an enterprise reported a large data leak. One compromised server was used to aggregate data from several critical application servers and send it out to the Internet using HTTPS. Upon investigation, there have been no user logins over the previous week and the endpoint protection software is not reporting any issues. Which of the following BEST provides insight into where the compromised server collected the information?

A.Review the flow data against each server's baseline communications profile.

B.Configure the server logs to collect unusual activity including failed logins and restarted services.

C.Correlate data loss prevention logs for anomalous communications from the server.

D.Setup a packet capture on the firewall to collect all of the server communications.

CAS-003 Exam Question 165

An internal penetration tester was assessing a recruiting page for potential issues before it was pushed to the production website. The penetration tester discovers an issue that must be corrected before the page goes live. The web host administrator collects the log files below and gives them to the development team so improvements can be made to the security design of the website.

Which of the following types of attack vector did the penetration tester use?

A.SQLi

B.Brute force

C.CSRF

D.TOC/TOU

E.XSS

Other Version: 2095CompTIA.CAS-003.v2022-04-30.q101; 61CompTIA.Itpassleader.CAS-003.v2021-08-06.by.gale.404q.pdf

Latest Upload: 136IIBA.ECBA.v2026-06-24.q96; 158Microsoft.AI-102.v2026-06-24.q184; 107Databricks.Databricks-Generative-AI-Engineer-Associate.v2026-06-24.q31; 117EMC.D-PDM-DY-23.v2026-06-24.q16; 204ECCouncil.312-50v13.v2026-06-24.q254; 129F5.F5CAB5.v2026-06-22.q29; 130Juniper.JN0-650.v2026-06-22.q31; 152Salesforce.Plat-Admn-201.v2026-06-22.q72; 164VMware.3V0-21.25.v2026-06-20.q29; 169Microsoft.AB-731.v2026-06-19.q23

CAS-003 Exam Question 161

CAS-003 Exam Question 162

CAS-003 Exam Question 163

CAS-003 Exam Question 164

CAS-003 Exam Question 165

Download PDF File