Online Access Free CompTIA.CAS-003.v2022-04-30.q101 Practice Test (Page 5)

CAS-003 Exam Question 16

A security administrator must configure the database server shown below the comply with the four requirements listed. Drag and drop the appropriate ACL that should be configured on the database server to its corresponding requirement. Answer options may be used once or not at all.

CAS-003 Exam Question 17

The helpdesk is receiving multiple calls about slow and intermittent Internet access from the finance department. The following information is compiled:
Caller 1, IP 172.16.35.217, NETMASK 255.255.254.0
Caller 2, IP 172.16.35.53, NETMASK 255.255.254.0
Caller 3, IP 172.16.35.173, NETMASK 255.255.254.0
All callers are connected to the same switch and are routed by a router with five built-in interfaces. The upstream router interface's MAC is 00-01-42-32-ab-1a A packet capture shows the following:
09:05:15.934840 arp reply 172.16.34.1 is-at 00:01:42:32:ab:1a
(00:01:42:32:ab:1a)
09:06:16.124850 arp reply 172.16.34.1 is-at 00:01:42:32:ab:1a
(00:01:42:32:ab:1a)
09:07:25.439811 arp reply 172.16.34.1 is-at 00:01:42:32:ab:1a
(00:01:42:32:ab:1a)
09:08:10.937590 IP 172.16.35.1 > 172.16.35.255: ICMP echo request, id
2305, seq 1, length 65534
09:08:10.937591 IP 172.16.35.1 > 172.16.35.255: ICMP echo request, id
2306, seq 2, length 65534
09:08:10.937592 IP 172.16.35.1 > 172.16.35.255: ICMP echo request, id
2307, seq 3, length 65534
Which of the following is occurring on the network?

A.A man-in-the-middle attack is underway on the network.

B.An ARP flood attack is targeting at the router.

C.The default gateway is being spoofed on the network.

D.A denial of service attack is targeting at the router.

CAS-003 Exam Question 18

An organization is considering the use of a thin client architecture as it moves to a cloud-hosted environment. A security analyst is asked to provide thoughts on the security advantages of using thin clients and virtual workstations.
Which of the following are security advantages of the use of this combination of thin clients and virtual workstations?

A.Malicious insiders will not have the opportunity to tamper with data at rest and affect the integrity of the system.

B.All thin clients use TPM for core protection, and virtual workstations use vTPM for core protection with both equally ensuring a greater security advantage for a cloud-hosted environment.

C.Thin client workstations require much less security because they lack storage and peripherals that can be easily compromised, and the virtual workstations are protected in the cloud where security is outsourced.

D.Malicious users will have reduced opportunities for data extractions from their physical thin client workstations, this reducing the effectiveness of local attacks.

CAS-003 Exam Question 19

A company contracts a security engineer to perform a penetration test of its client-facing web portal. Which
of the following activities would be MOST appropriate?

A.Scan the site with a port scanner to identify vulnerable services running on the web server

B.Use a protocol analyzer against the site to see if data input can be replayed from the browser

C.Use network enumeration tools to identify if the server is running behind a load balancer

D.Scan the website through an interception proxy and identify areas for the code injection

CAS-003 Exam Question 20

The Chief Information Security Officer (CISO) has asked the security team to determine whether the organization is susceptible to a zero-day exploit utilized in the banking industry and whether attribution is possible. The CISO has asked what process would be utilized to gather the information, and then wants to apply signatureless controls to stop these kinds of attacks in the future. Which of the following are the MOST appropriate ordered steps to take to meet the CISO's request?

A.1. Perform the ongoing research of the best practices2. Determine current vulnerabilities and threats3. Apply Big Data techniques4. Use antivirus control

B.1. Analyze the current threat intelligence2. Utilize information sharing to obtain the latest industry IOCs3. Perform a sweep across the network to identify positive matches4. Apply machine learning algorithms

C.1. Apply artificial intelligence algorithms for detection2. Inform the CERT team3. Research threat intelligence and potential adversaries4. Utilize threat intelligence to apply Big Data techniques

D.1. Obtain the latest IOCs from the open source repositories2. Perform a sweep across the network to identify positive matches3. Sandbox any suspicious files4. Notify the CERT team to apply a future proof threat model

Other Version: 4843CompTIA.CAS-003.v2021-10-13.q221; 61CompTIA.Itpassleader.CAS-003.v2021-08-06.by.gale.404q.pdf

Latest Upload: 160CompTIA.220-1202.v2026-06-16.q110; 112TheInstitutes.CPCU-500.v2026-06-16.q25; 156ACAMS.CAMS7-CN.v2026-06-16.q170; 183CBIC.CIC.v2026-06-15.q123; 128Peoplecert.ITIL-4-Specialist-High-velocity-IT.v2026-06-15.q16; 220HashiCorp.Terraform-Associate-004.v2026-06-15.q126; 130Peoplecert.ITILFNDv5.v2026-06-15.q26; 129Workday.Workday-Pro-HCM-Reporting.v2026-06-15.q28; 129Fortinet.NSE5_SSE_AD-7.6.v2026-06-15.q17; 324PMI.PMI-ACP.v2026-06-15.q523

CAS-003 Exam Question 16

CAS-003 Exam Question 17

CAS-003 Exam Question 18

CAS-003 Exam Question 19

CAS-003 Exam Question 20

Download PDF File