CAS-003 Exam Details

  • Exam Code
    :CAS-003
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :791 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-003 Online Questions & Answers

  • Question 111:

    A company decides to purchase commercially available software packages. This can introduce new security risks to the network. Which of the following is the BEST description of why this is true?

    A. Commercially available software packages are typically well known and widely available. Information concerning vulnerabilities and viable attack patterns are never revealed by the developer to avoid lawsuits.
    B. Commercially available software packages are often widely available. Information concerning vulnerabilities is often kept internal to the company that developed the software.
    C. Commercially available software packages are not widespread and are only available in limited areas. Information concerning vulnerabilities is often ignored by business managers.
    D. Commercially available software packages are well known and widely available. Information concerning vulnerabilities and viable attack patterns are always shared within the IT community.

  • Question 112:

    A security consultant was hired to audit a company's password are account policy. The company implements the following controls:

    1.

    Minimum password length: 16

    2.

    Maximum password age: 0

    3.

    Minimum password age: 0

    4.

    Password complexity: disabled

    5.

    Store passwords in plain text: disabled

    6.

    Failed attempts lockout: 3

    7.

    Lockout timeout: 1 hour

    The password database uses salted hashes and PBKDF2. Which of the following is MOST likely to yield the greatest number of plain text passwords in the shortest amount of time?

    A. Offline hybrid dictionary attack
    B. Offline brute-force attack
    C. Online hybrid dictionary password spraying attack
    D. Rainbow table attack
    E. Online brute-force attack
    F. Pass-the-hash attack

  • Question 113:

    An online bank has contracted with a consultant to perform a security assessment of the bank's web portal. The consultant notices the login page is linked from the main page with HTTPS, but when the URL is changed to HTTP, the browser is automatically redirected back to the HTTPS site. Which of the following is a concern for the consultant, and how can it be mitigated?

    A. XSS could be used to inject code into the login page during the redirect to the HTTPS site. The consultant should implement a WAF to prevent this.
    B. The consultant is concerned the site is using an older version of the SSL 3.0 protocol that is vulnerable to a variety of attacks. Upgrading the site to TLS 1.0 would mitigate this issue.
    C. The HTTP traffic is vulnerable to network sniffing, which could disclose usernames and passwords to an attacker. The consultant should recommend disabling HTTP on the web server.
    D. A successful MITM attack Could intercept the redirect and use sslstrip to decrypt further HTTPS traffic. Implementing HSTS on the web server would prevent this.

  • Question 114:

    A team is at the beginning stages of designing a new enterprise-wide application. The new application will have a large database and require a capital investment in hardware. The Chief Information Officer (IO) has directed the team to save money and reduce the reliance on the datacenter, and the vendor must specialize in hosting large databases in the cloud. Which of the following cloud-hosting options would BEST meet these needs?

    A. Multi-tenancy SaaS
    B. Hybrid IaaS
    C. Single-tenancy PaaS
    D. Community IaaS

  • Question 115:

    The helpdesk department desires to roll out a remote support application for internal use on all company computers. This tool should allow remote desktop sharing, system log gathering, chat, hardware logging, inventory management, and remote registry access. The risk management team has been asked to review vendor responses to the RFQ. Which of the following questions is the MOST important?

    A. What are the protections against MITM?
    B. What accountability is built into the remote support application?
    C. What encryption standards are used in tracking database?
    D. What snapshot or "undo" features are present in the application?
    E. What encryption standards are used in remote desktop and file transfer functionality?

  • Question 116:

    A pharmacy gives its clients online access to their records and the ability to review bills and make payments. A new SSL vulnerability on a special platform was discovered, allowing an attacker to capture the data between the end user and the web server providing these services. After invest the new vulnerability, it was determined that the web services providing are being impacted by this new threat. Which of the following data types a MOST likely at risk of exposure based on this new threat? (Select TWO)

    A. Cardholder data
    B. intellectual property
    C. Personal health information
    D. Employee records
    E. Corporate financial data

  • Question 117:

    A threat advisory alert was just emailed to the IT security staff. The alert references specific types of host operating systems that can allow an unauthorized person to access files on a system remotely. A fix was recently published, but it

    requires a recent endpoint protection engine to be installed prior to running the fix.

    Which of the following MOST likely need to be configured to ensure the system are mitigated accordingly? (Select two.)

    A. Antivirus
    B. HIPS
    C. Application whitelisting
    D. Patch management
    E. Group policy implementation
    F. Firmware updates

  • Question 118:

    The results of an external penetration test for a software development company show a small number of applications account for the largest number of findings. While analyzing the content and purpose of the applications, the following matrix is created:

    The findings are then categorized according to the following chart:

    Which of the following would BEST reduce the amount of immediate risk incurred by the organization from a compliance and legal standpoint? (Choose two.)

    A. Place a WAF in line with Application 2
    B. Move Application 3 to a secure VLAN and require employees to use a jump server for access.
    C. Apply the missing OS and software patches to the server hosting Application 4
    D. Use network segmentation and ACLs to control access to Application 5.
    E. Implement an IDS/IPS on the same network segment as Application 3
    F. Install a FIM on the server hosting Application 4

  • Question 119:

    The Chief Information Security Officer (CISO) suspects that a database administrator has been tampering with financial data to the administrator's advantage. Which of the following would allow a third-party consultant to conduct an on-site review of the administrator's activity?

    A. Separation of duties
    B. Job rotation
    C. Continuous monitoring
    D. Mandatory vacation

  • Question 120:

    A security analyst is reviewing the following packet capture of communication between a host and a company's router:

    Which of the following actions should the security analyst take to remove this vulnerability?

    A. Update the router code
    B. Implement a router ACL
    C. Disconnect the host from the network
    D. Install the latest antivirus definitions
    E. Deploy a network-based IPS

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-003 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.