CAS-003 Exam Details

  • Exam Code
    :CAS-003
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :791 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-003 Online Questions & Answers

  • Question 101:

    An organization is creating requirements for new laptops that will be issued to staff One of the company's key security objectives is to ensure the laptops nave hardware-enforced data-at-rest protection tied to permanent hardware identities. The laptops must also provide attestation for secure boot processes To meet these demands, which of the following BEST represent the features that should be included in the requirements set? (Select TWO.)

    A. TPM2.0e
    B. Opal support
    C. MicroSD token authenticator
    D. TLS1.3
    E. Shim and GRUB
    F. ARMv7 with TrustZone

  • Question 102:

    To prepare for an upcoming audit, the Chief Information Security Officer (CISO) asks for all 1200 vulnerabilities on production servers to be remediated. The security engineer must determine which vulnerabilities represent real threats that can be exploited so resources can be prioritized to migrate the most dangerous risks. The CISO wants the security engineer to act in the same manner as would an external threat, while using vulnerability scan results to prioritize any actions.

    Which of the following approaches is described?

    A. Blue team
    B. Red team
    C. Black box
    D. White team

  • Question 103:

    An organization implemented a secure boot on its most critical application servers which produce content and capability for other consuming servers A recent incident, however led the organization to implement a centralized attestation service for these critical servers. Which of the following MOST likely explains the nature of the incident that caused the organization to implement this remediation?

    A. An attacker masqueraded as an internal DNS server
    B. An attacker leveraged a heap overflow vulnerability in the OS
    C. An attacker was able to overwrite an OS integrity measurement register
    D. An attacker circumvented IEEE 802.1X network-level authentication requirements.

  • Question 104:

    SIMULATION

    As a security administrator, you are asked to harden a server running Red Hat Enterprise Server 5.5 64-bit.

    This server is being used as a DNS and time server. It is not used as a database, web server, or print server. There are no wireless connections to the server, and it does not need to print.

    The command window will be provided along with root access. You are connected via a secure shell with root access.

    You may query help for a list of commands.

    Instructions:

    You need to disable and turn off unrelated services and processes.

    It is possible to simulate a crash of your server session. The simulation can be reset, but the server cannot be rebooted.

    If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

  • Question 105:

    A security administrator wants to implement controls to harden company-owned mobile devices. Company policy specifies the following requirements:

    1.

    Mandatory access control must be enforced by the OS.

    2.

    Devices must only use the mobile carrier data transport.

    Which of the following controls should the security administrator implement? (Select three).

    A. Enable DLP
    B. Enable SEAndroid
    C. Enable EDR
    D. Enable secure boot
    E. Enable remote wipe
    F. Disable Bluetooth
    G. Disable 802.11
    H. Disable geotagging

  • Question 106:

    Immediately following the report of a potential breach, a security engineer creates a forensic image of the server in question as part of the organization incident response procedure. Which of the must occur to ensure the integrity of the image?

    A. The image must be password protected against changes.
    B. A hash value of the image must be computed.
    C. The disk containing the image must be placed in a seated container.
    D. A duplicate copy of the image must be maintained

  • Question 107:

    A company is concerned about disgruntled employees transferring its intellectual property data through covert channels. Which of the following tools would allow employees to write data into ICMP echo response packets?

    A. Thor
    B. Jack the Ripper
    C. Burp Suite
    D. Loki

  • Question 108:

    The Chief Information Officer (CISO) is concerned that certain systems administrators will privileged access may be reading other users' emails. Review of a tool's output shows the administrators have used web mail to log into other users' inboxes.

    Which of the following tools would show this type of output?

    A. Log analysis tool
    B. Password cracker
    C. Command-line tool
    D. File integrity monitoring tool

  • Question 109:

    A security analyst is reviewing weekly email reports and finds an average of 1.000 emails received daily from the internal security alert email address. Which of the following should be implemented?

    A. Tuning the networking monitoring service
    B. Separation of duties for systems administrators
    C. Machine learning algorithms
    D. DoS attack prevention

  • Question 110:

    A security engineer is attempting to increase the randomness of numbers used in key generation in a system. The goal of the effort is to strengthen the keys against predictive analysis attacks.

    Which of the following is the BEST solution?

    A. Use an entropy-as-a-service vendor to leverage larger entropy pools.
    B. Loop multiple pseudo-random number generators in a series to produce larger numbers.
    C. Increase key length by two orders of magnitude to detect brute forcing.
    D. Shift key generation algorithms to ECC algorithms.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-003 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.