CAS-003 Exam Details

  • Exam Code
    :CAS-003
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :791 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-003 Online Questions & Answers

  • Question 91:

    The following has been discovered in an internally developed application:

    Error - Memory allocated but not freed:

    char *myBuffer = malloc(BUFFER_SIZE);

    if (myBuffer != NULL) {

    *myBuffer = STRING_WELCOME_MESSAGE;

    printf("Welcome to: %s\n", myBuffer);

    }

    exit(0);

    Which of the following security assessment methods are likely to reveal this security weakness? (Select TWO).

    A. Static code analysis
    B. Memory dumping
    C. Manual code review
    D. Application sandboxing
    E. Penetration testing
    F. Black box testing

  • Question 92:

    An external red team is brought into an organization to perform a penetration test of a new network-based application. The organization deploying the network application wants the red team to act like remote, external attackers, and instructs the team to use a black-box approach. Which of the following is the BEST methodology for the red team to follow?

    A. Run a protocol analyzer to determine what traffic is flowing in and out of the server, and look for ways to alter the data stream that will result in information leakage or a system failure.
    B. Send out spear-phishing emails against users who are known to have access to the network-based application, so the red team can go on-site with valid credentials and use the software.
    C. Examine the application using a port scanner, then run a vulnerability scanner against open ports looking for known, exploitable weaknesses the application and related services may have.
    D. Ask for more details regarding the engagement using social engineering tactics in an attempt to get the organization to disclose more information about the network application to make attacks easier.

  • Question 93:

    A recent overview of the network's security and storage applications reveals a large amount of data that needs to be isolated for security reasons. Below are the critical applications and devices configured on the network:

    1.

    Firewall

    2.

    Core switches

    3.

    RM server

    4.

    Virtual environment

    5.

    NAC solution

    The security manager also wants data from all critical applications to be aggregated to correlate events from multiple sources. Which of the following must be configured in certain applications to help ensure data aggregation and data isolation are implemented on the critical applications and devices? (Select TWO).

    A. Routing tables
    B. Log forwarding
    C. Data remanants
    D. Port aggregation
    E. NIC teaming
    F. Zones

  • Question 94:

    A security analyst, Ann, states that she believes Internet facing file transfer servers are being attacked. Which of the following is evidence that would aid Ann in making a case to management that action needs to be taken to safeguard these servers?

    A. Provide a report of all the IP addresses that are connecting to the systems and their locations
    B. Establish alerts at a certain threshold to notify the analyst of high activity
    C. Provide a report showing the file transfer logs of the servers
    D. Compare the current activity to the baseline of normal activity

  • Question 95:

    A company has made it a spending priority to implement security architectures that will be resilient during an attack. Recent incidents have involved attackers leveraging latent vulnerabilities in cryptographic implementations and VPN concentrators to be able to compromise sensitive information. Patches have been slowly released for these emergent vulnerabilities, leaving weeks to months of exposed and vulnerable attack surface. Which of the following approaches would be BEST to increase enterprise resilience during similar future attacks?

    A. Implement appliances and software from diverse manufacturers
    B. Segment remote VPN users logically from the production LAN
    C. Maximize open-source software to benefit from swifter patch releases
    D. Upgrade the cryptographic ciphers used on the VPN concentrators

  • Question 96:

    Following a security assessment, the Chief Information Security Officer (CISO) is reviewing the results of the assessment and evaluating potential risk treatment strategies. As part of the CISO's evaluation, a judgment of potential impact based on the identified risk is performed. To prioritize response actions, the CISO uses past experience to take into account the exposure factor as well as the external accessibility of the weakness identified.

    Which of the following is the CISO performing?

    A. Documentation of lessons learned
    B. Quantitative risk assessment
    C. Qualitative assessment of risk
    D. Business impact scoring
    E. Threat modeling

  • Question 97:

    An organization is in the process of evaluating service providers for an upcoming migration to cloud-based services for the organization's ERP system. As part of the requirements defined by the project team, regulatory requirements specify segmentation and isolation of the organization's data. Which of the following should the vendor management team identify as a requirement during the procurement process?

    A. Public cloud services with single-tenancy IaaS architectures
    B. Private cloud services with single-tenancy PaaS services
    C. Private cloud services with multitenancy in place for private SaaS environments
    D. Public cloud services with private SaaS environments supported by private IaaS backbones

  • Question 98:

    A corporate forensic investigator has been asked to acquire five forensic images of an employee database application. There are three images to capture in the United States, one in the United Kingdom, and one in Germany. Upon completing the work, the forensics investigator saves the images to a local workstation. Which of the following types of concerns should the forensic investigator have about this work assignment?

    A. Environmental
    B. Privacy
    C. Ethical
    D. Criminal

  • Question 99:

    A security administrator is troubleshooting RADIUS authentication issues from a newly implemented controller-based wireless deployment. The RADIUS server contains the following information in its logs:

    Based on this information, the administrator reconfigures the RADIUS server, which results in the following log data:

    To correct this error message, the administrator makes an additional change to the RADIUS server. Which of the following did the administrator reconfigure on the RADIUS server? (Select TWO)

    A. Added the controller address as an authorized client
    B. Registered the RADIUS server to the wireless controller
    C. Corrected a mismatched shared secret
    D. Renewed the expired client certificate
    E. Reassigned the RADIUS policy to the controller
    F. Modified the client authentication method

  • Question 100:

    A security engineer wants to introduce key stretching techniques to the account database to make password guessing attacks more difficult Which of the following should be considered to achieve this? (Select TWO)

    A. Digital signature
    B. bcrypt
    C. Perfect forward secrecy
    D. SHA-256
    E. P-384
    F. PBKDF2
    G. Record-level encryption

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-003 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.