Online Access Free CompTIA.CAS-003.v2022-04-30.q101 Practice Test (Page 10)

CAS-003 Exam Question 41

The Chief Information Officer (CIO) has been asked to develop a security dashboard with the relevant
metrics. The board of directors will use the dashboard to monitor and track the overall security posture of
the organization. The CIO produces a basic report containing both KPI and KRI data in two separate
sections for the board to review.
Which of the following BEST meets the needs of the board?

A.KPI:
- Compliance with regulations
- % of suppliers with approved security control frameworks
- Severity of threats and vulnerabilities reported by sensors
- Threat landscape rating
KRI:
- Time to resolve open security items
- Backlog of unresolved security investigations
- EDR coverage across the fleet
- Time to patch critical issues on a monthly basis

B.KRI:
- EDR coverage across the fleet
- % of suppliers with approved security control framework
- Backlog of unresolved security investigations
- Threat landscape rating
KPI:
- Time to resolve open security items
- Compliance with regulations
- Time to patch critical issues on a monthly basis
- Severity of threats and vulnerabilities reported by sensors

C.KRI:
- EDR coverage across the fleet
- Backlog of unresolved security investigations
- Time to patch critical issues on a monthly basis
- Threat landscape rating
KPI:
- Time to resolve open security items
- Compliance with regulations
- % of suppliers with approved security control frameworks
- Severity of threats and vulnerabilities reported by sensors

D.KRI:
- Compliance with regulations
- Backlog of unresolved security investigations
- Severity of threats and vulnerabilities reported by sensors
- Time to patch critical issues on a monthly basis
KPI:
- Time to resolve open security items
- % of suppliers with approved security control frameworks
- EDR coverage across the fleet
- Threat landscape rating

CAS-003 Exam Question 42

The Chief Information Officer (CIO) has been asked to develop a security dashboard with the relevant metrics.
The board of directors will use the dashboard to monitor and track the overall security posture of the organization. The CIO produces a basic report containing both KPI and KRI data in two separate sections for the board to review.
Which of the following BEST meets the needs of the board?

A.KRI:
- Compliance with regulations
- Backlog of unresolved security investigations
- Severity of threats and vulnerabilities reported by sensors
- Time to patch critical issues on a monthly basis
KPI:
- Time to resolve open security items
- % of suppliers with approved security control frameworks
- EDR coverage across the fleet
- Threat landscape rating

B.KRI:
- EDR coverage across the fleet
- Backlog of unresolved security investigations
- Time to patch critical issues on a monthly basis
- Threat landscape rating
KPI:
- Time to resolve open security items
- Compliance with regulations
- % of suppliers with approved security control frameworks
- Severity of threats and vulnerabilities reported by sensors

C.KRI:
- EDR coverage across the fleet
- % of suppliers with approved security control framework
- Backlog of unresolved security investigations
- Threat landscape rating
KPI:
- Time to resolve open security items
- Compliance with regulations
- Time to patch critical issues on a monthly basis
- Severity of threats and vulnerabilities reported by sensors

D.KPI:
- Compliance with regulations
- % of suppliers with approved security control frameworks
- Severity of threats and vulnerabilities reported by sensors
- Threat landscape rating
KRI:
- Time to resolve open security items
- Backlog of unresolved security investigations
- EDR coverage across the fleet
- Time to patch critical issues on a monthly basis

CAS-003 Exam Question 43

An information security manager is concerned that connectivity used to configure and troubleshoot critical network devices could be attacked. The manager has tasked a network security engineer with meeting the following requirements:
Encrypt all traffic between the network engineer and critical devices.
Segregate the different networking planes as much as possible.
Do not let access ports impact configuration tasks.
Which of the following would be the BEST recommendation for the network security engineer to present?

A.Deploy control plane protections.

B.Use SSH over out-of-band management.

C.Force only TACACS to be allowed.

D.Require the use of certificates for AAA.

CAS-003 Exam Question 44

A company's Chief Operating Officer (COO) is concerned about the potential for competitors to infer proprietary information gathered from employees' social media accounts.
Which of the following methods should the company use to gauge its social media threat level without targeting individual employees?

A.Require that employees divulge social media accounts.

B.Utilize insider threat consultants to provide expertise.

C.Leverage Big Data analytical algorithms.

D.Perform social engineering tests to evaluate employee awareness.

CAS-003 Exam Question 45

A large hospital has implemented BYOD to allow doctors and specialists the ability to access patient medical records on their tablets. The doctors and specialists access patient records over the hospital's guest WiFi network which is isolated from the internal network with appropriate security controls. The patient records management system can be accessed from the guest network and require two factor authentication. Using a remote desktop type interface, the doctors and specialists can interact with the hospital's system.
Cut and paste and printing functions are disabled to prevent the copying of data to BYOD devices. Which of the following are of MOST concern? (Select TWO).

A.Privacy could be compromised as patient records can be viewed in uncontrolled areas.

B.Device encryption has not been enabled and will result in a greater likelihood of data loss.

C.The guest WiFi may be exploited allowing non-authorized individuals access to confidential patient data.

D.Malware may be on BYOD devices which can extract data via key logging and screen scrapes.

E.Remote wiping of devices should be enabled to ensure any lost device is rendered inoperable.

Other Version: 4804CompTIA.CAS-003.v2021-10-13.q221; 61CompTIA.Itpassleader.CAS-003.v2021-08-06.by.gale.404q.pdf

Latest Upload: 141Oracle.1D0-1057-25-D.v2026-06-03.q29; 273NAHQ.CPHQ.v2026-06-03.q396; 254CompTIA.220-1201.v2026-06-03.q196; 156GIAC.GCFE.v2026-06-03.q78; 153HIMSS.CPHIMS.v2026-06-03.q45; 233Google.Professional-Cloud-Architect.v2026-06-03.q165; 156HP.HPE7-A09.v2026-06-02.q48; 167ACDIS.CCDS-O.v2026-06-02.q56; 149Microsoft.AB-730.v2026-06-02.q31; 212ASQ.CSSBB.v2026-06-02.q130

CAS-003 Exam Question 41

CAS-003 Exam Question 42

CAS-003 Exam Question 43

CAS-003 Exam Question 44

CAS-003 Exam Question 45

Download PDF File