CAS-003 Exam Details

  • Exam Code
    :CAS-003
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :791 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-003 Online Questions & Answers

  • Question 1:

    An investigation showed a worm was introduced from an engineer's laptop. It was determined the company does not provide engineers with company-owned laptops, which would be subject to a company policy and technical controls. Which of the following would be the MOST secure control implement?

    A. Deploy HIDS on all engineer-provided laptops, and put a new router in the management network.
    B. Implement role-based group policies on the management network for client access.
    C. Utilize a jump box that is only allowed to connect to client from the management network.
    D. Deploy a company-wide approved engineering workstation for management access.

  • Question 2:

    An administrator has noticed mobile devices from an adjacent company on the corporate wireless network. Malicious activity is being reported from those devices. To add another layer of security in an enterprise environment, an administrator wants to add contextual authentication to allow users to access enterprise resources only while present in corporate buildings. Which of the following technologies would accomplish this?

    A. Port security
    B. Rogue device detection
    C. Bluetooth
    D. GPS

  • Question 3:

    After a security incident, an administrator would like to implement policies that would help reduce fraud and the potential for collusion between employees. Which of the following would help meet these goals by having co-workers occasionally audit another worker's position?

    A. Least privilege
    B. Job rotation
    C. Mandatory vacation
    D. Separation of duties

  • Question 4:

    An accountant at a small business is trying to understand the value of a server to determine if the business can afford to buy another server for DR. The risk manager only provided the accountant with the SLE of $24,000, ARO of 20% and the exposure factor of 25%. Which of the following is the correct asset value calculated by the accountant?

    A. $4,800
    B. $24,000
    C. $96,000
    D. $120,000

  • Question 5:

    A security administrator is performing an audit of a local network used by company guests and executes a series of commands that generates the following output:

    Which of the following actions should the security administrator take to BEST mitigate the issue that transpires from the above information?

    A. Implement switchport security
    B. Implement 802 1X
    C. Enforce static ARP mappings using GPO
    D. Enable unicast RPF

  • Question 6:

    Given the following:

    Which of the following vulnerabilities is present in the above code snippet?

    A. Disclosure of database credential
    B. SQL-based string concatenation
    C. DOM-based injection
    D. Information disclosure in comments

  • Question 7:

    An enterprise is trying to secure a specific web-based application by forcing the use of multifactor authentication. Currently, the enterprise cannot change the application's sign-in page to include an extra field. However, the web-based application supports SAML. Which of the following would BEST secure the application?

    A. Using an SSO application that supports mutlifactor authentication
    B. Enabling the web application to support LDAP integration
    C. Forcing higher-complexity passwords and frequent changes
    D. Deploying Shibboleth to all web-based applications in the enterprise

  • Question 8:

    Which of the following attacks can be mitigated by proper data retention policies?

    A. Dumpster diving
    B. Man-in-the browser
    C. Spear phishing
    D. Watering hole

  • Question 9:

    A legal services company wants to ensure emails to clients maintain integrity in transit Which of the following would BEST meet this requirement? (Select TWO)

    A. Signing emails to clients with the organization's public key
    B. Using the organization's private key to encrypt all communication
    C. Implementing a public key infrastructure
    D. Signing emails to clients with the organization's private key
    E. Using shared secret keys
    F. Hashing all outgoing emails

  • Question 10:

    A Chief Information Security Officer (CISO) is reviewing the results of a gap analysis with an outside cybersecurity consultant. The gap analysis reviewed all procedural and technical controls and found the following:

    1.

    High-impact controls implemented: 6 out of 10

    2.

    Medium-impact controls implemented: 409 out of 472

    3.

    Low-impact controls implemented: 97 out of 1000

    The report includes a cost-benefit analysis for each control gap. The analysis yielded the following information:

    1.

    Average high-impact control implementation cost: $15,000; Probable ALE for each high-impact control gap: $95,000

    2.

    Average medium-impact control implementation cost: $6,250; Probable ALE for each medium-impact control gap: $11,000

    Due to the technical construction and configuration of the corporate enterprise, slightly more than 50% of the medium-impact controls will take two years to fully implement. Which of the following conclusions could the CISO draw from the analysis?

    A. Too much emphasis has been placed on eliminating low-risk vulnerabilities in the past
    B. The enterprise security team has focused exclusively on mitigating high-level risks
    C. Because of the significant ALE for each high-risk vulnerability, efforts should be focused on those controls
    D. The cybersecurity team has balanced residual risk for both high and medium controls

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-003 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.