Online Access Free CompTIA.CAS-003.v2021-10-13.q221 Practice Test (Page 6)

CAS-003 Exam Question 21

A team is at the beginning stages of designing a new enterprise-wide application. The new application will have a large database and require a capital investment in hardware. The Chief Information Officer (IO) has directed the team to save money and reduce the reliance on the datacenter, and the vendor must specialize in hosting large databases in the cloud.
Which of the following cloud-hosting options would BEST meet these needs?

A.Multi-tenancy SaaS

B.Single-tenancy PaaS

C.Community IaaS

D.Hybrid IaaS

CAS-003 Exam Question 22

A security administrator wants to prevent sensitive data residing on corporate laptops and desktops from leaking outside of the corporate network. The company has already implemented full-disk encryption and has disabled all peripheral devices on its desktops and laptops. Which of the following additional controls MUST be implemented to minimize the risk of data leakage? (Select TWO).

A.A full-system backup should be implemented to a third-party provider with strong encryption for data in transit.

B.A DLP gateway should be installed at the company border.

C.Strong authentication should be implemented via external biometric devices.

D.Full-tunnel VPN should be required for all network communication.

E.Full-drive file hashing should be implemented with hashes stored on separate storage.

F.Split-tunnel VPN should be enforced when transferring sensitive data.

CAS-003 Exam Question 23

The network administrator at an enterprise reported a large data leak. One compromised server was used to aggregate data from several critical application servers and send it out to the Internet using HTTPS. Upon investigation, there have been no user logins over the previous week and the endpoint protection software is not reporting any issues. Which of the following BEST provides insight into where the compromised server collected the information?

A.Review the flow data against each server's baseline communications profile.

B.Configure the server logs to collect unusual activity including failed logins and restarted services.

C.Correlate data loss prevention logs for anomalous communications from the server.

D.Setup a packet capture on the firewall to collect all of the server communications.

CAS-003 Exam Question 24

An internal penetration tester was assessing a recruiting page for potential issues before it was pushed to the production website. The penetration tester discovers an issue that must be corrected before the page goes live.
The web host administrator collects the log files below and gives them to the development team so improvements can be made to the security design of the website.

Which of the following types of attack vector did the penetration tester use?

A.Brute force

B.XSS

C.CSRF

D.SQL injection

E.TOC/TOU

CAS-003 Exam Question 25

Joe is a security architect who is tasked with choosing a new NIPS platform that has the ability to perform SSL inspection, analyze up to 10Gbps of traffic, can be centrally managed and only reveals inspected application payload data to specified internal security employees. Which of the following steps should Joe take to reach the desired outcome?

A.Research new technology vendors to look for potential products. Contribute to an RFP and then evaluate RFP responses to ensure that the vendor product meets all mandatory requirements. Test the product and make a product recommendation.

B.Evaluate relevant RFC and ISO standards to choose an appropriate vendor product. Research industry surveys, interview existing customers of the product and then recommend that the product be purchased.

C.Consider outsourcing the product evaluation and ongoing management to an outsourced provider on the basis that each of the requirements are met and a lower total cost of ownership (TCO) is achieved.

D.Choose a popular NIPS product and then consider outsourcing the ongoing device management to a cloud provider. Give access to internal security employees so that they can inspect the application payload data.

E.Ensure that the NIPS platform can also deal with recent technological advancements, such as threats emerging from social media, BYOD and cloud storage prior to purchasing the product.

Other Version: 2054CompTIA.CAS-003.v2022-04-30.q101; 61CompTIA.Itpassleader.CAS-003.v2021-08-06.by.gale.404q.pdf

Latest Upload: 160CompTIA.220-1202.v2026-06-16.q110; 112TheInstitutes.CPCU-500.v2026-06-16.q25; 156ACAMS.CAMS7-CN.v2026-06-16.q170; 183CBIC.CIC.v2026-06-15.q123; 128Peoplecert.ITIL-4-Specialist-High-velocity-IT.v2026-06-15.q16; 220HashiCorp.Terraform-Associate-004.v2026-06-15.q126; 130Peoplecert.ITILFNDv5.v2026-06-15.q26; 129Workday.Workday-Pro-HCM-Reporting.v2026-06-15.q28; 129Fortinet.NSE5_SSE_AD-7.6.v2026-06-15.q17; 324PMI.PMI-ACP.v2026-06-15.q523

CAS-003 Exam Question 21

CAS-003 Exam Question 22

CAS-003 Exam Question 23

CAS-003 Exam Question 24

CAS-003 Exam Question 25

Download PDF File