CompTIA CompTIA Advanced Security Practitioner CAS-003 Questions & Answers

• Question 1:

  The goal of a Chief information Security Officer (CISO) providing up-to-date metrics to a bank's risk committee is to ensure:

  A. Budgeting for cybersecurity increases year over year.

  B. The committee knows how much work is being done.

  C. Business units are responsible for their own mitigation.

  D. The bank is aware of the status of cybersecurity risks

  Correct Answer: A

• Question 2:

  Which of the following controls primarily detects abuse of privilege but does not prevent it?

  A. Off-boarding

  B. Separation of duties

  C. Least privilege

  D. Job rotation

  Correct Answer: A

• Question 3:

  A company is repeatedly being breached by hackers who valid credentials. The company's Chief information Security Officer (CISO) has installed multiple controls for authenticating users, including biometric and token-based factors. Each successive control has increased overhead and complexity but has failed to stop further breaches. An external consultant is evaluating the process currently in place to support the authentication controls. Which of the following recommendation would MOST likely reduce the risk of unauthorized access?

  A. Implement strict three-factor authentication.

  B. Implement least privilege policies

  C. Switch to one-time or all

  D. Strengthen identify-proofing procedures

  Correct Answer: A

• Question 4:

  A Chief information Security Officer (CISO) is developing corrective-action plans based on the following from a vulnerability scan of internal hosts:

  

  Which of the following MOST appropriate corrective action to document for this finding?

  A. The product owner should perform a business impact assessment regarding the ability to implement a WAF.

  B. The product owner should perform a business impact assessment regarding the ability to implement a WAF.

  C. The system administrator should evaluate dependencies and perform upgrade as necessary.

  D. The system administrator should evaluate dependencies and perform upgrade as necessary.

  Correct Answer: A

• Question 5:

  An application developer is including third-party background security fixes in an application. The fixes seem to resolve a currently identified security issue. However, when the application is released to the public, report come In that a previously vulnerability has returned. Which of the following should the developer integrate into the process to BEST prevent this type of behavior?

  A. Peer review

  B. Regression testing

  C. User acceptance

  D. Dynamic analysis

  Correct Answer: A

• Question 6:

  A developer needs to provide feedback on a peer's work during the SDLC. While reviewing the code changes, the developer discovers session ID tokens for a web application will be transmitted over an unsecure connection. Which of the following code snippets should the developer recommend implementing to correct the vulnerability?

  A. Cookie cookie = new Cookie ("primary"); cookie.secure(true);

  B. String input = request.getParameter ("input"); String character Pattern = "[./a-zA-ZO-9? "=" and]"; If (! input.matches (character Pattern)} { out.println ("Invalid Input"); )

  C. 15

  D. V>

  Correct Answer: A

• Question 7:

  A company has decided to move an ERP application to a public cloud vendor. The company wants to replicate some of its global policies from on premises to cloud. The policies include data encryption, token management, and limited user

  access to the ERP application The Chief Information Officer (CIO) is mainly concerned about privileged accounts that might be compromised and used to alter data in the ERP application.

  Which of the following is the BEST option to meet the requirements?

  A. Sandboxing

  B. CASB

  C. MFA

  D. Security as a service

  Correct Answer: D

• Question 8:

  While traveling to another state, the Chief Financial Officer (CFO) forgot to submit payroll for the company The CFO quickly gained access to the corporate network through the high-speed wireless network provided by the hotel and

  completed the task. Upon returning from the business trip, the CFO was told no one received their weekly pay due to a malware attack on the system.

  Which of the following is the MOST likely cause of the secunty breach?

  A. The security manager did not enforce automatic VPN connection.

  B. The company's server did not have endpoint security enabled.

  C. The hotel did not require a wireless password to authenticate.

  D. The laptop did not have the host-based firewall properly configured.

  Correct Answer: A

• Question 9:

  An engineering team is developing and deploying a fleet of mobile devices to be used for specialized inventory management purposes. These devices should:

  1.

  Be based on open-source Android for use familiarity and ease

  2.

  Provide a single application for inventory management of physical assets.

  3.

  Permit use of the camera by only the inventory application for the purposes of scanning

  4.

  Disallow any and all configuration baseline modifications.

  5.

  Restnct all access to any devices resource other than those required for use of the inventory management application.

  Which of the following approaches would BEST meet these security requirements?

  A. Set an application wrapping policy, wrap the application distribute the Inventory APK via the MAM tool, and test the application restrictions.

  B. Write a MAC sepolicy that defines domains with rules, label the inventory application, build the policy, and set to enforcing mode.

  C. Swap out Android's Linux kernel version for >2.4 .0, build the kernel, build Android, remove unnecessary functions via MDM. configure to block network access, and perform integration testing.

  D. Build and install an Android middleware policy with requirements added, copy the file into /usr/init, and then build the inventory application.

  Correct Answer: C

• Question 10:

  A company provides guest WiFi access to the Internet and physically separates the guest network from the company's internal WiFi. Due to a recent incident in which an attacker gained access to the company's internal WiFi, the company

  plans to configure WPA2 Enterprise in an EAP-TLS configuration.

  Which of the following must be installed on authorized hosts for this new configuration to work properly?

  A. Active Directory GPOs

  B. PKI certificates

  C. Host-based firewall

  D. NAC persistent agent

  Correct Answer: B